Unrated severityNVD Advisory· Published Jan 17, 2023· Updated Feb 13, 2025
CVE-2023-21830
CVE-2023-21830
Description
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Serialization). Supported versions that are affected are Oracle Java SE: 8u351, 8u351-perf; Oracle GraalVM Enterprise Edition: 20.3.8 and 21.3.4. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.1 Base Score 5.3 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N).
Affected products
154- osv-coords153 versionspkg:apk/chainguard/corretto-11pkg:apk/chainguard/corretto-11-dbgpkg:apk/chainguard/corretto-11-default-jdkpkg:apk/chainguard/corretto-11-default-jvmpkg:apk/chainguard/corretto-11-demospkg:apk/chainguard/corretto-11-docpkg:apk/chainguard/corretto-11-jmodspkg:apk/chainguard/corretto-11-jrepkg:apk/chainguard/openjdk-11pkg:apk/chainguard/openjdk-11-bcfipspkg:apk/chainguard/openjdk-11-bcfips-additional-sun-providerspkg:apk/chainguard/openjdk-11-dbgpkg:apk/chainguard/openjdk-11-dbg-bcfipspkg:apk/chainguard/openjdk-11-default-jdkpkg:apk/chainguard/openjdk-11-default-jdk-bcfipspkg:apk/chainguard/openjdk-11-default-jvmpkg:apk/chainguard/openjdk-11-default-jvm-bcfipspkg:apk/chainguard/openjdk-11-demospkg:apk/chainguard/openjdk-11-demos-bcfipspkg:apk/chainguard/openjdk-11-docpkg:apk/chainguard/openjdk-11-doc-bcfipspkg:apk/chainguard/openjdk-11-jmodspkg:apk/chainguard/openjdk-11-jmods-bcfipspkg:apk/chainguard/openjdk-11-jrepkg:apk/chainguard/openjdk-11-jre-basepkg:apk/chainguard/openjdk-11-jre-base-bcfipspkg:apk/chainguard/openjdk-11-jre-bcfipspkg:apk/chainguard/openjdk-11-jre-bcfips-additional-sun-providerspkg:apk/chainguard/openjdk-11-jre-docpkg:apk/chainguard/openjdk-11-jre-headlesspkg:apk/chainguard/openjdk-11-openj9pkg:apk/chainguard/openjdk-11-openj9-dbgpkg:apk/chainguard/openjdk-11-openj9-default-jdkpkg:apk/chainguard/openjdk-11-openj9-default-jvmpkg:apk/chainguard/openjdk-11-openj9-default-policypkg:apk/chainguard/openjdk-11-openj9-docpkg:apk/chainguard/openjdk-11-openj9-jmodspkg:apk/chainguard/openjdk-11-openj9-jrepkg:apk/chainguard/openjdk-17-openj9pkg:apk/chainguard/openjdk-17-openj9-dbgpkg:apk/chainguard/openjdk-17-openj9-default-jdkpkg:apk/chainguard/openjdk-17-openj9-default-jvmpkg:apk/chainguard/openjdk-17-openj9-default-policypkg:apk/chainguard/openjdk-17-openj9-docpkg:apk/chainguard/openjdk-17-openj9-jmodspkg:apk/chainguard/openjdk-17-openj9-jrepkg:apk/chainguard/openjdk-21-openj9pkg:apk/chainguard/openjdk-21-openj9-dbgpkg:apk/chainguard/openjdk-21-openj9-default-jdkpkg:apk/chainguard/openjdk-21-openj9-default-jvmpkg:apk/chainguard/openjdk-21-openj9-default-policypkg:apk/chainguard/openjdk-21-openj9-docpkg:apk/chainguard/openjdk-21-openj9-jmodspkg:apk/chainguard/openjdk-21-openj9-jrepkg:apk/chainguard/openjdk-8-openj9pkg:apk/chainguard/openjdk-8-openj9-dbgpkg:apk/chainguard/openjdk-8-openj9-default-jdkpkg:apk/chainguard/openjdk-8-openj9-default-jvmpkg:apk/chainguard/openjdk-8-openj9-docpkg:apk/chainguard/openjdk-8-openj9-jrepkg:apk/chainguard/openjdk-9pkg:apk/chainguard/openjdk-9-default-jdkpkg:apk/chainguard/openjdk-9-default-jvmpkg:apk/chainguard/openjdk-9-demospkg:apk/chainguard/openjdk-9-docpkg:apk/chainguard/openjdk-9-jmodspkg:apk/chainguard/openjdk-9-jrepkg:apk/chainguard/openjdk-9-jre-basepkg:apk/wolfi/openjdk-11pkg:apk/wolfi/openjdk-11-dbgpkg:apk/wolfi/openjdk-11-default-jdkpkg:apk/wolfi/openjdk-11-default-jvmpkg:apk/wolfi/openjdk-11-demospkg:apk/wolfi/openjdk-11-docpkg:apk/wolfi/openjdk-11-jmodspkg:apk/wolfi/openjdk-11-jrepkg:apk/wolfi/openjdk-11-jre-basepkg:apk/wolfi/openjdk-11-jre-docpkg:apk/wolfi/openjdk-11-jre-headlesspkg:apk/wolfi/openjdk-9pkg:apk/wolfi/openjdk-9-default-jdkpkg:apk/wolfi/openjdk-9-default-jvmpkg:apk/wolfi/openjdk-9-demospkg:apk/wolfi/openjdk-9-docpkg:apk/wolfi/openjdk-9-jmodspkg:apk/wolfi/openjdk-9-jrepkg:apk/wolfi/openjdk-9-jre-basepkg:bitnami/javapkg:bitnami/java-minpkg:bitnami/jrepkg:rpm/almalinux/java-1.8.0-openjdkpkg:rpm/almalinux/java-1.8.0-openjdk-accessibilitypkg:rpm/almalinux/java-1.8.0-openjdk-accessibility-fastdebugpkg:rpm/almalinux/java-1.8.0-openjdk-accessibility-slowdebugpkg:rpm/almalinux/java-1.8.0-openjdk-demopkg:rpm/almalinux/java-1.8.0-openjdk-demo-fastdebugpkg:rpm/almalinux/java-1.8.0-openjdk-demo-slowdebugpkg:rpm/almalinux/java-1.8.0-openjdk-develpkg:rpm/almalinux/java-1.8.0-openjdk-devel-fastdebugpkg:rpm/almalinux/java-1.8.0-openjdk-devel-slowdebugpkg:rpm/almalinux/java-1.8.0-openjdk-fastdebugpkg:rpm/almalinux/java-1.8.0-openjdk-headlesspkg:rpm/almalinux/java-1.8.0-openjdk-headless-fastdebugpkg:rpm/almalinux/java-1.8.0-openjdk-headless-slowdebugpkg:rpm/almalinux/java-1.8.0-openjdk-javadocpkg:rpm/almalinux/java-1.8.0-openjdk-javadoc-zippkg:rpm/almalinux/java-1.8.0-openjdk-slowdebugpkg:rpm/almalinux/java-1.8.0-openjdk-srcpkg:rpm/almalinux/java-1.8.0-openjdk-src-fastdebugpkg:rpm/almalinux/java-1.8.0-openjdk-src-slowdebugpkg:rpm/opensuse/java-1_8_0-ibm&distro=openSUSE%20Leap%2015.4pkg:rpm/opensuse/java-1_8_0-openj9&distro=openSUSE%20Leap%2015.4pkg:rpm/opensuse/java-1_8_0-openj9&distro=openSUSE%20Tumbleweedpkg:rpm/opensuse/java-1_8_0-openjdk&distro=openSUSE%20Leap%2015.4pkg:rpm/opensuse/java-1_8_0-openjdk&distro=openSUSE%20Tumbleweedpkg:rpm/suse/java-1_8_0-ibm&distro=SUSE%20Enterprise%20Storage%207pkg:rpm/suse/java-1_8_0-ibm&distro=SUSE%20Enterprise%20Storage%207.1pkg:rpm/suse/java-1_8_0-ibm&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP3-ESPOSpkg:rpm/suse/java-1_8_0-ibm&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP3-LTSSpkg:rpm/suse/java-1_8_0-ibm&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Legacy%2015%20SP4pkg:rpm/suse/java-1_8_0-ibm&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP2-BCLpkg:rpm/suse/java-1_8_0-ibm&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP4-ESPOSpkg:rpm/suse/java-1_8_0-ibm&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP4-LTSSpkg:rpm/suse/java-1_8_0-ibm&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5pkg:rpm/suse/java-1_8_0-ibm&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP1-LTSSpkg:rpm/suse/java-1_8_0-ibm&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP2-LTSSpkg:rpm/suse/java-1_8_0-ibm&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP3-LTSSpkg:rpm/suse/java-1_8_0-ibm&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP4pkg:rpm/suse/java-1_8_0-ibm&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP5pkg:rpm/suse/java-1_8_0-ibm&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP1pkg:rpm/suse/java-1_8_0-ibm&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP2pkg:rpm/suse/java-1_8_0-ibm&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP3pkg:rpm/suse/java-1_8_0-ibm&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP5pkg:rpm/suse/java-1_8_0-ibm&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/java-1_8_0-ibm&distro=SUSE%20OpenStack%20Cloud%20Crowbar%209pkg:rpm/suse/java-1_8_0-openjdk&distro=SUSE%20Enterprise%20Storage%207pkg:rpm/suse/java-1_8_0-openjdk&distro=SUSE%20Enterprise%20Storage%207.1pkg:rpm/suse/java-1_8_0-openjdk&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP3-ESPOSpkg:rpm/suse/java-1_8_0-openjdk&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP3-LTSSpkg:rpm/suse/java-1_8_0-openjdk&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Legacy%2015%20SP4pkg:rpm/suse/java-1_8_0-openjdk&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP2-BCLpkg:rpm/suse/java-1_8_0-openjdk&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP4-LTSSpkg:rpm/suse/java-1_8_0-openjdk&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5pkg:rpm/suse/java-1_8_0-openjdk&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP1-LTSSpkg:rpm/suse/java-1_8_0-openjdk&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP2-LTSSpkg:rpm/suse/java-1_8_0-openjdk&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP3-LTSSpkg:rpm/suse/java-1_8_0-openjdk&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP4pkg:rpm/suse/java-1_8_0-openjdk&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP5pkg:rpm/suse/java-1_8_0-openjdk&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP1pkg:rpm/suse/java-1_8_0-openjdk&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP2pkg:rpm/suse/java-1_8_0-openjdk&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP3pkg:rpm/suse/java-1_8_0-openjdk&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/java-1_8_0-openjdk&distro=SUSE%20OpenStack%20Cloud%20Crowbar%209
< 11.0.28.6.1-r3+ 152 more
- (no CPE)range: < 11.0.28.6.1-r3
- (no CPE)range: < 11.0.28.6.1-r3
- (no CPE)range: < 11.0.28.6.1-r3
- (no CPE)range: < 11.0.28.6.1-r3
- (no CPE)range: < 11.0.28.6.1-r3
- (no CPE)range: < 11.0.28.6.1-r3
- (no CPE)range: < 11.0.28.6.1-r3
- (no CPE)range: < 11.0.28.6.1-r3
- (no CPE)range: < 11.0.26-r2
- (no CPE)range: < 11.0.26-r0
- (no CPE)range: < 11.0.26-r0
- (no CPE)range: < 11.0.26-r2
- (no CPE)range: < 11.0.26-r0
- (no CPE)range: < 11.0.26-r2
- (no CPE)range: < 11.0.26-r0
- (no CPE)range: < 11.0.26-r2
- (no CPE)range: < 11.0.26-r0
- (no CPE)range: < 11.0.26-r2
- (no CPE)range: < 11.0.26-r0
- (no CPE)range: < 11.0.26-r2
- (no CPE)range: < 11.0.26-r0
- (no CPE)range: < 11.0.26-r2
- (no CPE)range: < 11.0.26-r0
- (no CPE)range: < 11.0.26-r2
- (no CPE)range: < 11.0.26-r2
- (no CPE)range: < 11.0.26-r0
- (no CPE)range: < 11.0.26-r0
- (no CPE)range: < 11.0.26-r0
- (no CPE)range: < 11.0.26-r2
- (no CPE)range: < 11.0.26-r2
- (no CPE)range: < 0.53.0-r0
- (no CPE)range: < 0.53.0-r0
- (no CPE)range: < 0.53.0-r0
- (no CPE)range: < 0.53.0-r0
- (no CPE)range: < 0.53.0-r0
- (no CPE)range: < 0.53.0-r0
- (no CPE)range: < 0.53.0-r0
- (no CPE)range: < 0.53.0-r0
- (no CPE)range: < 0.53.0-r0
- (no CPE)range: < 0.53.0-r0
- (no CPE)range: < 0.53.0-r0
- (no CPE)range: < 0.53.0-r0
- (no CPE)range: < 0.53.0-r0
- (no CPE)range: < 0.53.0-r0
- (no CPE)range: < 0.53.0-r0
- (no CPE)range: < 0.53.0-r0
- (no CPE)range: < 0.48.0-r2
- (no CPE)range: < 0.48.0-r2
- (no CPE)range: < 0.48.0-r2
- (no CPE)range: < 0.48.0-r2
- (no CPE)range: < 0.48.0-r2
- (no CPE)range: < 0.48.0-r2
- (no CPE)range: < 0.48.0-r2
- (no CPE)range: < 0.48.0-r2
- (no CPE)range: < 0.53.0-r1
- (no CPE)range: < 0.53.0-r1
- (no CPE)range: < 0.53.0-r1
- (no CPE)range: < 0.53.0-r1
- (no CPE)range: < 0.53.0-r1
- (no CPE)range: < 0.53.0-r1
- (no CPE)range: < 9.0.4-r5
- (no CPE)range: < 9.0.4-r5
- (no CPE)range: < 9.0.4-r5
- (no CPE)range: < 9.0.4-r5
- (no CPE)range: < 9.0.4-r5
- (no CPE)range: < 9.0.4-r5
- (no CPE)range: < 9.0.4-r5
- (no CPE)range: < 9.0.4-r5
- (no CPE)range: < 11.0.26-r2
- (no CPE)range: < 11.0.26-r2
- (no CPE)range: < 11.0.26-r2
- (no CPE)range: < 11.0.26-r2
- (no CPE)range: < 11.0.26-r2
- (no CPE)range: < 11.0.26-r2
- (no CPE)range: < 11.0.26-r2
- (no CPE)range: < 11.0.26-r2
- (no CPE)range: < 11.0.26-r2
- (no CPE)range: < 11.0.26-r2
- (no CPE)range: < 11.0.26-r2
- (no CPE)range: < 9.0.4-r5
- (no CPE)range: < 9.0.4-r5
- (no CPE)range: < 9.0.4-r5
- (no CPE)range: < 9.0.4-r5
- (no CPE)range: < 9.0.4-r5
- (no CPE)range: < 9.0.4-r5
- (no CPE)range: < 9.0.4-r5
- (no CPE)range: < 9.0.4-r5
- (no CPE)range: < 1.8.0
- (no CPE)range: < 1.8.0
- (no CPE)range: < 1.8.0
- (no CPE)range: < 1:1.8.0.362.b09-2.el8_7
- (no CPE)range: < 1:1.8.0.362.b09-2.el8_7
- (no CPE)range: < 1:1.8.0.362.b09-2.el8_7
- (no CPE)range: < 1:1.8.0.362.b09-2.el8_7
- (no CPE)range: < 1:1.8.0.362.b09-2.el8_7
- (no CPE)range: < 1:1.8.0.362.b09-2.el8_7
- (no CPE)range: < 1:1.8.0.362.b09-2.el8_7
- (no CPE)range: < 1:1.8.0.362.b09-2.el8_7
- (no CPE)range: < 1:1.8.0.362.b09-2.el8_7
- (no CPE)range: < 1:1.8.0.362.b09-2.el8_7
- (no CPE)range: < 1:1.8.0.362.b09-2.el8_7
- (no CPE)range: < 1:1.8.0.362.b09-2.el8_7
- (no CPE)range: < 1:1.8.0.362.b09-2.el8_7
- (no CPE)range: < 1:1.8.0.362.b09-2.el8_7
- (no CPE)range: < 1:1.8.0.362.b09-2.el8_7
- (no CPE)range: < 1:1.8.0.362.b09-2.el8_7
- (no CPE)range: < 1:1.8.0.362.b09-2.el8_7
- (no CPE)range: < 1:1.8.0.362.b09-2.el8_7
- (no CPE)range: < 1:1.8.0.362.b09-2.el8_7
- (no CPE)range: < 1:1.8.0.362.b09-2.el8_7
- (no CPE)range: < 1.8.0_sr8.0-150000.3.71.1
- (no CPE)range: < 1.8.0.362-150200.3.30.1
- (no CPE)range: < 1.8.0.362-1.1
- (no CPE)range: < 1.8.0.362-150000.3.76.1
- (no CPE)range: < 1.8.0.362-1.1
- (no CPE)range: < 1.8.0_sr8.0-150000.3.71.1
- (no CPE)range: < 1.8.0_sr8.0-150000.3.71.1
- (no CPE)range: < 1.8.0_sr8.0-150000.3.71.1
- (no CPE)range: < 1.8.0_sr8.0-150000.3.71.1
- (no CPE)range: < 1.8.0_sr8.0-150000.3.71.1
- (no CPE)range: < 1.8.0_sr8.0-30.105.1
- (no CPE)range: < 1.8.0_sr8.0-30.105.1
- (no CPE)range: < 1.8.0_sr8.0-30.105.1
- (no CPE)range: < 1.8.0_sr8.0-30.105.1
- (no CPE)range: < 1.8.0_sr8.0-150000.3.71.1
- (no CPE)range: < 1.8.0_sr8.0-150000.3.71.1
- (no CPE)range: < 1.8.0_sr8.0-150000.3.71.1
- (no CPE)range: < 1.8.0_sr8.0-30.105.1
- (no CPE)range: < 1.8.0_sr8.0-30.105.1
- (no CPE)range: < 1.8.0_sr8.0-150000.3.71.1
- (no CPE)range: < 1.8.0_sr8.0-150000.3.71.1
- (no CPE)range: < 1.8.0_sr8.0-150000.3.71.1
- (no CPE)range: < 1.8.0_sr8.0-30.105.1
- (no CPE)range: < 1.8.0_sr8.0-30.105.1
- (no CPE)range: < 1.8.0_sr8.0-30.105.1
- (no CPE)range: < 1.8.0.362-150000.3.76.1
- (no CPE)range: < 1.8.0.362-150000.3.76.1
- (no CPE)range: < 1.8.0.362-150000.3.76.1
- (no CPE)range: < 1.8.0.362-150000.3.76.1
- (no CPE)range: < 1.8.0.362-150000.3.76.1
- (no CPE)range: < 1.8.0.362-27.84.1
- (no CPE)range: < 1.8.0.362-27.84.1
- (no CPE)range: < 1.8.0.362-27.84.1
- (no CPE)range: < 1.8.0.362-150000.3.76.1
- (no CPE)range: < 1.8.0.362-150000.3.76.1
- (no CPE)range: < 1.8.0.362-150000.3.76.1
- (no CPE)range: < 1.8.0.362-27.84.1
- (no CPE)range: < 1.8.0.362-27.84.1
- (no CPE)range: < 1.8.0.362-150000.3.76.1
- (no CPE)range: < 1.8.0.362-150000.3.76.1
- (no CPE)range: < 1.8.0.362-150000.3.76.1
- (no CPE)range: < 1.8.0.362-27.84.1
- (no CPE)range: < 1.8.0.362-27.84.1
- Oracle Corporation/Java SE JDK and JREv5Range: Oracle Java SE:8u351
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
3- www.oracle.com/security-alerts/cpujan2023.htmlmitrevendor-advisory
- www.oracle.com/security-alerts/cpujul2023.htmlmitrevendor-advisory
- security.gentoo.org/glsa/202401-25mitre
News mentions
0No linked articles in our index yet.