Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
graalvm vulnerabilities and exploits
(subscribe to this query)
8.1
CVSSv3
CVE-2021-32804
The npm package "tar" (aka node-tar) prior to 6.1.1, 5.0.6, 4.4.14, and 3.3.2 has a arbitrary File Creation/Overwrite vulnerability due to insufficient absolute path sanitization. node-tar aims to prevent extraction of absolute file paths by turning absolute paths into ...
Tar Project Tar
Oracle Graalvm 20.3.3
Oracle Graalvm 21.2.0
Siemens Sinec Infrastructure Network Services
1 Github repository
7.5
CVSSv3
CVE-2021-27290
ssri 5.2.2-8.0.0, fixed in 8.0.1, processes SRIs using a regular expression which is vulnerable to a denial of service. Malicious SRIs could take an extremely long time to process, leading to denial of service. This issue only affects consumers using the strict option.
Ssri Project Ssri
Oracle Graalvm 20.3.3
Oracle Graalvm 21.2.0
Siemens Sinec Infrastructure Network Services
3.7
CVSSv3
CVE-2023-22044
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u371-perf, 17.0.7, 20.0.1; Oracle GraalVM Enterprise Edition: 21.3.6, 22.3.2; O...
Oracle Jre 17.0.7
Oracle Jdk 17.0.7
Oracle Graalvm For Jdk 20.0.1
Oracle Graalvm 21.3.6
Oracle Graalvm 22.3.2
Oracle Jre 1.8.0
Oracle Jdk 1.8.0
Oracle Jdk 20.0.1
Oracle Jre 20.0.1
Oracle Graalvm For Jdk 17.0.7
Debian Debian Linux 11.0
Debian Debian Linux 12.0
6.8
CVSSv3
CVE-2019-2862
Vulnerability in the Oracle GraalVM Enterprise Edition component of Oracle GraalVM (subcomponent: Java). The supported version that is affected is 19.0.0. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise O...
Oracle Graalvm 19.0.0
7.7
CVSSv3
CVE-2019-2986
Vulnerability in the Oracle GraalVM Enterprise Edition product of Oracle GraalVM (component: LLVM Interpreter). The supported version that is affected is 19.2.0. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromi...
Oracle Graalvm 19.2.0
4
CVSSv3
CVE-2020-2581
Vulnerability in the Oracle GraalVM Enterprise Edition product of Oracle GraalVM (component: LLVM Interpreter). The supported version that is affected is 19.3.0.2. Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where Oracle Graal...
Oracle Graalvm 19.3.0.2
7.7
CVSSv3
CVE-2019-2813
Vulnerability in the Oracle GraalVM Enterprise Edition component of Oracle GraalVM (subcomponent: GraalVM). The supported version that is affected is 19.0.0. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise O...
Oracle Graalvm 19.0.0
5.8
CVSSv3
CVE-2020-2595
Vulnerability in the Oracle GraalVM Enterprise Edition product of Oracle GraalVM (component: GraalVM Compiler). The supported version that is affected is 19.3.0.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compr...
Oracle Graalvm 19.3.0.2
7.4
CVSSv3
CVE-2024-20918
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u391, 8u391-perf, 11.0.21, 17.0.9, 21.0.1; Oracle GraalVM for JDK: 17.0.9, 21.0...
Oracle Graalvm 21.3.8
Oracle Graalvm 22.3.4
Oracle Graalvm 20.3.12
Oracle Jdk 17.0.9
Oracle Jdk 21.0.1
Oracle Jdk 11.0.21
Oracle Jre 17.0.9
Oracle Jre 21.0.1
Oracle Jre 11.0.21
Oracle Jre 1.8.0
Oracle Jdk 1.8.0
Oracle Graalvm For Jdk 17.0.9
Oracle Graalvm For Jdk 21.0.1
Debian Debian Linux 10.0
Netapp Oncommand Insight -
Netapp Cloud Insights Acquisition Unit -
Netapp Cloud Insights Storage Workload Security Agent -
5.9
CVSSv3
CVE-2024-20926
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Scripting). Supported versions that are affected are Oracle Java SE: 8u391, 8u391-perf, 11.0.21; Oracle GraalVM for JDK: 17.0.9; Oracle GraalVM Ent...
Oracle Graalvm 21.3.8
Oracle Graalvm 22.3.4
Oracle Graalvm 20.3.12
Oracle Jdk 17.0.9
Oracle Jdk 21.0.1
Oracle Jdk 11.0.21
Oracle Jre 17.0.9
Oracle Jre 21.0.1
Oracle Jre 11.0.21
Oracle Jre 1.8.0
Oracle Jdk 1.8.0
Oracle Graalvm For Jdk 17.0.9
Oracle Graalvm For Jdk 21.0.1
Netapp Oncommand Insight -
Netapp Cloud Insights Acquisition Unit -
Netapp Cloud Insights Storage Workload Security Agent -
Debian Debian Linux 10.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48693
CVE-2024-30851
CVE-2024-34460
CVE-2024-2887
local
CVE-2024-27956
remote code execution
CVE-2024-34475
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »