{"id":"CVE-2021-35565","details":"Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE). Supported versions that are affected are Java SE: 7u311, 8u301, 11.0.12; Oracle GraalVM Enterprise Edition: 20.3.3 and 21.2.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via TLS to compromise Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Oracle GraalVM Enterprise Edition. Note: This vulnerability can only be exploited by supplying data to APIs in the specified Component without using Untrusted Java Web Start applications or Untrusted Java applets, such as through a web service. CVSS 3.1 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).","modified":"2026-04-09T08:52:37.333737Z","published":"2021-10-20T11:16:37.893Z","related":["ALSA-2021:3891","ALSA-2021:3893","CGA-59pm-gg55-rxqc","MGASA-2021-0542","SUSE-SU-2021:3528-1","SUSE-SU-2021:3671-1","SUSE-SU-2021:3770-1","SUSE-SU-2021:3771-1","SUSE-SU-2021:3797-1","SUSE-SU-2022:0107-1","SUSE-SU-2022:0108-1","SUSE-SU-2022:0166-1","SUSE-SU-2022:14875-1","SUSE-SU-2022:14876-1","openSUSE-SU-2021:1455-1","openSUSE-SU-2021:1480-1","openSUSE-SU-2021:1500-1","openSUSE-SU-2021:3615-1","openSUSE-SU-2021:3671-1","openSUSE-SU-2021:3770-1","openSUSE-SU-2022:0108-1","openSUSE-SU-2024:11584-1","openSUSE-SU-2024:11588-1","openSUSE-SU-2024:11612-1","openSUSE-SU-2024:11896-1"],"references":[{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/V362B2BWTH5IJDL45QPQGMBKIQOG7JX5/"},{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6EUURAQOIJYFZHQ7DFZCO6IKDPIAWTNK/"},{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DJILEHYV2U37HKMGFEQ7CAVOV4DUWW2O/"},{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GXTUWAWXVU37GRNIG4TPMA47THO6VAE6/"},{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7WTVCIVHTX3XONYOEGUMLKCM4QEC6INT/"},{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GTYZWIXDFUV2H57YQZJWPOD3BC3I3EIQ/"},{"type":"ADVISORY","url":"https://security.netapp.com/advisory/ntap-20211022-0004/"},{"type":"ADVISORY","url":"https://www.debian.org/security/2021/dsa-5000"},{"type":"ADVISORY","url":"https://security.gentoo.org/glsa/202209-05"},{"type":"ADVISORY","url":"https://security.netapp.com/advisory/ntap-20240621-0006/"},{"type":"ADVISORY","url":"https://lists.debian.org/debian-lts-announce/2021/11/msg00008.html"},{"type":"FIX","url":"https://www.oracle.com/security-alerts/cpuoct2021.html"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/graalvm/graalvm-ce-builds","events":[{"introduced":"0"},{"last_affected":"55ff3f2503007a859219b5e7f68b0f6ca95225f0"},{"introduced":"0"},{"last_affected":"771d7a8d2b73cf72a2622ca6305dcc9e9306f296"}],"database_specific":{"versions":[{"introduced":"0"},{"last_affected":"20.3.3"},{"introduced":"0"},{"last_affected":"21.2.0"}]}},{"type":"GIT","repo":"https://github.com/openjdk/jdk15u","events":[{"introduced":"0"},{"last_affected":"62007a12b80f381c687f60825b20fe0bbeeb5eaa"},{"introduced":"0"},{"last_affected":"a9a271179d2a7952154b7509a999b100cc98b13c"}],"database_specific":{"versions":[{"introduced":"0"},{"last_affected":"10.0"},{"introduced":"0"},{"last_affected":"11.0"}]}}],"versions":["jdk-10+0","jdk-10+20","jdk-10+21","jdk-10+22","jdk-10+23","jdk-10+24","jdk-11+0","jdk-9+100","jdk-9+101","jdk-9+102","jdk-9+103","jdk-9+104","jdk-9+105","jdk-9+106","jdk-9+107","jdk-9+108","jdk-9+109","jdk-9+110","jdk-9+111","jdk-9+112","jdk-9+113","jdk-9+114","jdk-9+115","jdk-9+116","jdk-9+117","jdk-9+118","jdk-9+119","jdk-9+120","jdk-9+121","jdk-9+122","jdk-9+123","jdk-9+124","jdk-9+127","jdk-9+128","jdk-9+129","jdk-9+130","jdk-9+131","jdk-9+132","jdk-9+133","jdk-9+134","jdk-9+135","jdk-9+136","jdk-9+137","jdk-9+138","jdk-9+139","jdk-9+140","jdk-9+141","jdk-9+142","jdk-9+143","jdk-9+144","jdk-9+145","jdk-9+146","jdk-9+147","jdk-9+148","jdk-9+149","jdk-9+150","jdk-9+151","jdk-9+152","jdk-9+153","jdk-9+154","jdk-9+155","jdk-9+156","jdk-9+95","jdk-9+96","jdk-9+97","jdk-9+98","jdk-9+99","jdk7-b100","jdk7-b101","jdk7-b102","jdk7-b103","jdk7-b104","jdk7-b105","jdk7-b106","jdk7-b107","jdk7-b108","jdk7-b120","jdk7-b121","jdk7-b122","jdk7-b123","jdk7-b124","jdk7-b125","jdk7-b126","jdk7-b127","jdk7-b128","jdk7-b129","jdk7-b130","jdk7-b131","jdk7-b132","jdk7-b133","jdk7-b134","jdk7-b135","jdk7-b136","jdk7-b137","jdk7-b138","jdk7-b139","jdk7-b140","jdk7-b141","jdk7-b143","jdk7-b24","jdk7-b25","jdk7-b26","jdk7-b27","jdk7-b28","jdk7-b31","jdk7-b32","jdk7-b33","jdk7-b34","jdk7-b35","jdk7-b36","jdk7-b38","jdk7-b39","jdk7-b40","jdk7-b41","jdk7-b44","jdk7-b45","jdk7-b46","jdk7-b48","jdk7-b49","jdk7-b50","jdk7-b51","jdk7-b53","jdk7-b54","jdk7-b55","jdk7-b56","jdk7-b60","jdk7-b61","jdk7-b62","jdk7-b63","jdk7-b64","jdk7-b65","jdk7-b66","jdk7-b68","jdk7-b70","jdk7-b71","jdk7-b72","jdk7-b73","jdk7-b74","jdk7-b75","jdk7-b76","jdk7-b77","jdk7-b78","jdk7-b79","jdk7-b80","jdk7-b81","jdk7-b82","jdk7-b83","jdk7-b84","jdk7-b85","jdk7-b86","jdk7-b87","jdk7-b88","jdk7-b89","jdk7-b90","jdk7-b91","jdk7-b92","jdk7-b93","jdk7-b94","jdk7-b95","jdk7-b96","jdk7-b97","jdk7-b98","jdk7-b99","jdk8-b01","jdk8-b119","jdk8-b120","jdk8-b15","jdk8-b16","jdk8-b18","jdk8-b19","jdk8-b20","jdk8-b21","jdk8-b22","jdk8-b23","jdk8-b24","jdk8-b25","jdk8-b26","jdk8-b27","jdk8-b28","jdk8-b29","jdk8-b30","jdk8-b31","jdk8-b32","jdk8-b33","jdk8-b34","jdk8-b35","jdk8-b36","jdk8-b37","jdk8-b38","jdk8-b39","jdk8-b40","jdk8-b41","jdk8-b42","jdk8-b43","jdk8-b44","jdk8-b45","jdk8-b46","jdk8-b49","jdk8-b50","jdk8-b52","jdk8-b53","jdk8-b54","jdk8-b55","jdk9-b00","jdk9-b01","jdk9-b04","jdk9-b05","jdk9-b06","jdk9-b07","jdk9-b08","jdk9-b10","jdk9-b11","jdk9-b12","jdk9-b13","jdk9-b14","jdk9-b15","jdk9-b16","jdk9-b17","jdk9-b18","jdk9-b19","jdk9-b20","jdk9-b21","jdk9-b23","jdk9-b24","jdk9-b25","jdk9-b26","jdk9-b27","jdk9-b30","jdk9-b31","jdk9-b32","jdk9-b33","jdk9-b34","jdk9-b35","jdk9-b36","jdk9-b37","jdk9-b38","jdk9-b39","jdk9-b40","jdk9-b41","jdk9-b42","jdk9-b43","jdk9-b44","jdk9-b45","jdk9-b46","jdk9-b47","jdk9-b48","jdk9-b49","jdk9-b50","jdk9-b51","jdk9-b52","jdk9-b53","jdk9-b54","jdk9-b55","jdk9-b56","jdk9-b57","jdk9-b58","jdk9-b59","jdk9-b60","jdk9-b61","jdk9-b62","jdk9-b63","jdk9-b64","jdk9-b65","jdk9-b66","jdk9-b67","jdk9-b68","jdk9-b69","jdk9-b70","jdk9-b71","jdk9-b72","jdk9-b73","jdk9-b74","jdk9-b75","jdk9-b76","jdk9-b77","jdk9-b78","jdk9-b79","jdk9-b80","jdk9-b81","jdk9-b82","jdk9-b83","jdk9-b84","jdk9-b85","jdk9-b86","jdk9-b87","jdk9-b88","jdk9-b89","jdk9-b90","jdk9-b91","jdk9-b92","jdk9-b94","vm-19.3.0","vm-19.3.0.2","vm-19.3.1","vm-19.3.2","vm-19.3.2-pre","vm-19.3.3","vm-19.3.4","vm-19.3.5","vm-19.3.6","vm-20.0.0","vm-20.0.1","vm-20.1.0","vm-20.2.0","vm-20.3.0","vm-20.3.1","vm-20.3.1.2","vm-20.3.2","vm-20.3.3","vm-21.0.0","vm-21.0.0.2","vm-21.1.0","vm-ce-21.2.0"],"database_specific":{"unresolved_ranges":[{"events":[{"introduced":"0"},{"last_affected":"7-update311"}]},{"events":[{"introduced":"0"},{"last_affected":"8-update301"}]},{"events":[{"introduced":"0"},{"last_affected":"11.0.12"}]},{"events":[{"introduced":"11.0.0"},{"last_affected":"11.50.2"}]},{"events":[{"introduced":"0"},{"last_affected":"33"}]},{"events":[{"introduced":"0"},{"last_affected":"34"}]},{"events":[{"introduced":"0"},{"last_affected":"35"}]},{"events":[{"introduced":"0"},{"last_affected":"9.0"}]}],"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2021-35565.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}]}