CVE-2023-21986

🗓️ 18 Apr 2023 19:54:40Reported by oracleType

CVE-2023-21986: Vulnerability in Oracle GraalVM Enterprise Edition allows unauthorized access and partial denial of service

Reporter	Title	Published	Views	Family All 11
BDU FSTEC	The vulnerability of the Native Image component in the Oracle GraalVM Enterprise Edition virtual machine allows a hacker to gain access to modify, add, or delete data.	12 May 202300:00	–	bdu_fstec
CNNVD	Oracle Java SE 安全漏洞	18 Apr 202300:00	–	cnnvd
Cvelist	CVE-2023-21986	18 Apr 202319:54	–	cvelist
EUVD	EUVD-2023-26151	3 Oct 202520:07	–	euvd
NCSC	Vulnerabilities fixed in Oracle Java SE	19 Apr 202300:00	–	ncsc
NVD	CVE-2023-21986	18 Apr 202320:15	–	nvd
Oracle	Oracle Critical Patch Update Advisory - April 2023	18 Apr 202300:00	–	oracle
Prion	Buffer overflow	18 Apr 202320:15	–	prion
Positive Technologies	PT-2023-2674 · Oracle · Oracle Graalvm Enterprise Edition	18 Apr 202300:00	–	ptsecurity
RedhatCVE	CVE-2023-21986	23 May 202505:20	–	redhatcve

NVD

Vulners

Node

oracle graalvmMatch20.3.9enterprise

oracle graalvmMatch21.3.5enterprise

oracle graalvmMatch22.3.1enterprise

[
  {
    "vendor": "Oracle Corporation",
    "product": "GraalVM Enterprise Edition",
    "versions": [
      {
        "version": "Oracle GraalVM Enterprise Edition:20.3.9",
        "status": "affected"
      },
      {
        "version": "Oracle GraalVM Enterprise Edition:21.3.5",
        "status": "affected"
      },
      {
        "version": "Oracle GraalVM Enterprise Edition:22.3.1",
        "status": "affected"
      }
    ]
  }
]

Source	Link
oracle	www.oracle.com/security-alerts/cpuapr2023.html

17 Jun 2026 05:34Current

5.3Medium risk

Vulners AI Score5.3

CVSS 3.15.7

EPSS0.00284

SSVC