CVE-2025-50063

7 documents7 sources

Severity

7.3HIGH

EPSS

0.1%

top 81.09%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Oracle Corporation Oracle Java SE Oracle JDK Oracle JRE

Timeline

PublishedJul 15

Description

Vulnerability in Oracle Java SE (component: Install). The supported version that is affected is Oracle Java SE: 8u451. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Java SE executes to compromise Oracle Java SE. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in takeover of Oracle Java SE. Note: Applies to installation process on client deploymen…

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:HExploitability: 1.3 | Impact: 5.9

Affected Packages3 packages

▶CVEListV5oracle_corporation/oracle_java_se8u451

▶NVDoracle/jdk1.8.0

▶NVDoracle/jre1.8.0

🔴Vulnerability Details

OSV

CVE-2025-50063: Vulnerability in Oracle Java SE (component: Install)↗2025-07-15

▶

CVEList

CVE-2025-50063: Vulnerability in Oracle Java SE (component: Install)↗2025-07-15

▶

GHSA

GHSA-x4mx-vv42-5h8p: Vulnerability in Oracle Java SE (component: Install)↗2025-07-15

▶

📋Vendor Advisories

Oracle

Oracle Oracle Java SE Risk Matrix: Install — CVE-2025-50063↗2025-07-15

▶

Debian

CVE-2025-50063: openjdk-8 - Vulnerability in Oracle Java SE (component: Install). The supported version th...↗2025

▶

Microsoft

bpf: Prevent tail call between progs attached to different hooks↗2024-10-08

▶