Installation Vulnerability in Oracle Java SE by Oracle
CVE-2025-50063

7.3HIGH

Key Information:

Vendor: Oracle
Status: Oracle Java Se
Vendor: CVE Published:; 15 July 2025

What is CVE-2025-50063?

A vulnerability exists in the installation process of Oracle Java SE, specifically affecting the versions 8u451 and 8u451-perf. This weakness allows a low-privileged attacker who has logged into the system where Oracle Java SE executes to compromise the installation. Though exploitation of this vulnerability requires human interaction from a user not involved in the attack, successful exploitation may allow the attacker to take control of the Oracle Java SE environment. This vulnerability highlights the need for caution during the installation phase of Java applications, especially in client deployments.

Affected Version(s)

Oracle Java SE 8u451

References

https://www.oracle.com/security-alerts/cpujul2025.html

vendor-advisory

CVSS V3.1

Score:

7.3

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 15, 2025
Vulnerability Reserved
Jun 11, 2025