Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:deb/debian/openjdk-17@17.0.12%2B7-2~deb11u1

Type deb

Namespace debian

Name openjdk-17

Version 17.0.12+7-2~deb11u1

Qualifiers

Subpath

Is_vulnerable true

Next_non_vulnerable_version 17.0.18+8-1~deb12u1

Latest_non_vulnerable_version 17.0.18+8-1~deb12u1

Affected_by_vulnerabilities

url VCID-11vj-5zz4-6fe7

vulnerability_id VCID-11vj-5zz4-6fe7

summary openjdk: Enhance Buffered Image handling (Oracle CPU 2025-04)

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-30698.json

reference_id

reference_type

scores

value	5.6
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-30698.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-30698

reference_id

reference_type

scores

value	0.00605
scoring_system	epss
scoring_elements	0.69565
published_at	2026-04-02T12:55:00Z

value	0.00605
scoring_system	epss
scoring_elements	0.69712
published_at	2026-04-26T12:55:00Z

value	0.00605
scoring_system	epss
scoring_elements	0.6967
published_at	2026-04-18T12:55:00Z

value	0.00605
scoring_system	epss
scoring_elements	0.69651
published_at	2026-04-21T12:55:00Z

value	0.00605
scoring_system	epss
scoring_elements	0.69703
published_at	2026-04-24T12:55:00Z

value	0.00605
scoring_system	epss
scoring_elements	0.69581
published_at	2026-04-04T12:55:00Z

value	0.00605
scoring_system	epss
scoring_elements	0.6956
published_at	2026-04-07T12:55:00Z

value	0.00605
scoring_system	epss
scoring_elements	0.69611
published_at	2026-04-08T12:55:00Z

value	0.00605
scoring_system	epss
scoring_elements	0.69627
published_at	2026-04-09T12:55:00Z

value	0.00605
scoring_system	epss
scoring_elements	0.6965
published_at	2026-04-11T12:55:00Z

value	0.00605
scoring_system	epss
scoring_elements	0.69635
published_at	2026-04-12T12:55:00Z

value	0.00605
scoring_system	epss
scoring_elements	0.69621
published_at	2026-04-13T12:55:00Z

value	0.00605
scoring_system	epss
scoring_elements	0.69661
published_at	2026-04-16T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-30698

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-30698
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-30698

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103897
reference_id	1103897
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103897

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103898
reference_id	1103898
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103898

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103899
reference_id	1103899
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103899

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103900
reference_id	1103900
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103900

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2359693
reference_id	2359693
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2359693

reference_url

https://www.oracle.com/security-alerts/cpuapr2025.html

reference_id

cpuapr2025.html

reference_type

scores

value	5.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-16T14:13:36Z/

url

https://www.oracle.com/security-alerts/cpuapr2025.html

reference_url	https://access.redhat.com/errata/RHSA-2025:3844
reference_id	RHSA-2025:3844
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:3844

reference_url	https://access.redhat.com/errata/RHSA-2025:3845
reference_id	RHSA-2025:3845
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:3845

reference_url	https://access.redhat.com/errata/RHSA-2025:3846
reference_id	RHSA-2025:3846
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:3846

reference_url	https://access.redhat.com/errata/RHSA-2025:3847
reference_id	RHSA-2025:3847
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:3847

reference_url	https://access.redhat.com/errata/RHSA-2025:3848
reference_id	RHSA-2025:3848
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:3848

reference_url	https://access.redhat.com/errata/RHSA-2025:3849
reference_id	RHSA-2025:3849
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:3849

reference_url	https://access.redhat.com/errata/RHSA-2025:3850
reference_id	RHSA-2025:3850
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:3850

reference_url	https://access.redhat.com/errata/RHSA-2025:3852
reference_id	RHSA-2025:3852
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:3852

reference_url	https://access.redhat.com/errata/RHSA-2025:3853
reference_id	RHSA-2025:3853
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:3853

reference_url	https://access.redhat.com/errata/RHSA-2025:3854
reference_id	RHSA-2025:3854
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:3854

reference_url	https://access.redhat.com/errata/RHSA-2025:3855
reference_id	RHSA-2025:3855
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:3855

reference_url	https://access.redhat.com/errata/RHSA-2025:3856
reference_id	RHSA-2025:3856
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:3856

reference_url	https://access.redhat.com/errata/RHSA-2025:3857
reference_id	RHSA-2025:3857
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:3857

reference_url	https://access.redhat.com/errata/RHSA-2025:7508
reference_id	RHSA-2025:7508
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:7508

reference_url	https://access.redhat.com/errata/RHSA-2025:8063
reference_id	RHSA-2025:8063
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:8063

reference_url	https://access.redhat.com/errata/RHSA-2025:8431
reference_id	RHSA-2025:8431
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:8431

reference_url	https://usn.ubuntu.com/7480-1/
reference_id	USN-7480-1
reference_type
scores
url	https://usn.ubuntu.com/7480-1/

reference_url	https://usn.ubuntu.com/7481-1/
reference_id	USN-7481-1
reference_type
scores
url	https://usn.ubuntu.com/7481-1/

reference_url	https://usn.ubuntu.com/7482-1/
reference_id	USN-7482-1
reference_type
scores
url	https://usn.ubuntu.com/7482-1/

reference_url	https://usn.ubuntu.com/7483-1/
reference_id	USN-7483-1
reference_type
scores
url	https://usn.ubuntu.com/7483-1/

reference_url	https://usn.ubuntu.com/7484-1/
reference_id	USN-7484-1
reference_type
scores
url	https://usn.ubuntu.com/7484-1/

reference_url	https://usn.ubuntu.com/7531-1/
reference_id	USN-7531-1
reference_type
scores
url	https://usn.ubuntu.com/7531-1/

reference_url	https://usn.ubuntu.com/7533-1/
reference_id	USN-7533-1
reference_type
scores
url	https://usn.ubuntu.com/7533-1/

fixed_packages

url pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1

purl pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1gha-995s-7qdg

vulnerability	VCID-4snj-etwf-eqe8

vulnerability	VCID-57sd-8y93-qqhu

vulnerability	VCID-6r1k-8y1c-q7fm

vulnerability	VCID-apsn-z1br-3bdy

vulnerability	VCID-duy9-6f1p-vqah

vulnerability	VCID-jxgd-j4wr-tyb7

vulnerability	VCID-mt9c-tby1-wqe9

vulnerability	VCID-sz6r-65q1-q3bh

vulnerability	VCID-xte1-h9nn-4bbk

vulnerability	VCID-zsun-4q6p-8fek

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.17%252B10-1~deb12u1

aliases CVE-2025-30698

risk_score 2.5

exploitability 0.5

weighted_severity 5.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-11vj-5zz4-6fe7

url VCID-13t7-vubq-8kae

vulnerability_id VCID-13t7-vubq-8kae

summary openjdk: Enhance certificate handling (Oracle CPU 2025-10)

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-53057.json

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-53057.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-53057

reference_id

reference_type

scores

value	0.00058
scoring_system	epss
scoring_elements	0.18209
published_at	2026-04-21T12:55:00Z

value	0.00075
scoring_system	epss
scoring_elements	0.22386
published_at	2026-04-26T12:55:00Z

value	0.00075
scoring_system	epss
scoring_elements	0.22702
published_at	2026-04-02T12:55:00Z

value	0.00075
scoring_system	epss
scoring_elements	0.22602
published_at	2026-04-16T12:55:00Z

value	0.00075
scoring_system	epss
scoring_elements	0.22599
published_at	2026-04-18T12:55:00Z

value	0.00075
scoring_system	epss
scoring_elements	0.22397
published_at	2026-04-24T12:55:00Z

value	0.00075
scoring_system	epss
scoring_elements	0.22747
published_at	2026-04-04T12:55:00Z

value	0.00075
scoring_system	epss
scoring_elements	0.22535
published_at	2026-04-07T12:55:00Z

value	0.00075
scoring_system	epss
scoring_elements	0.22612
published_at	2026-04-08T12:55:00Z

value	0.00075
scoring_system	epss
scoring_elements	0.22666
published_at	2026-04-09T12:55:00Z

value	0.00075
scoring_system	epss
scoring_elements	0.22683
published_at	2026-04-11T12:55:00Z

value	0.00075
scoring_system	epss
scoring_elements	0.22642
published_at	2026-04-12T12:55:00Z

value	0.00075
scoring_system	epss
scoring_elements	0.22587
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-53057

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-53057
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-53057

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1118944
reference_id	1118944
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1118944

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2403082
reference_id	2403082
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2403082

reference_url

https://www.oracle.com/security-alerts/cpuoct2025.html

reference_id

cpuoct2025.html

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-22T14:46:38Z/

url

https://www.oracle.com/security-alerts/cpuoct2025.html

reference_url	https://access.redhat.com/errata/RHSA-2025:18814
reference_id	RHSA-2025:18814
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:18814

reference_url	https://access.redhat.com/errata/RHSA-2025:18815
reference_id	RHSA-2025:18815
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:18815

reference_url	https://access.redhat.com/errata/RHSA-2025:18816
reference_id	RHSA-2025:18816
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:18816

reference_url	https://access.redhat.com/errata/RHSA-2025:18817
reference_id	RHSA-2025:18817
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:18817

reference_url	https://access.redhat.com/errata/RHSA-2025:18818
reference_id	RHSA-2025:18818
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:18818

reference_url	https://access.redhat.com/errata/RHSA-2025:18819
reference_id	RHSA-2025:18819
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:18819

reference_url	https://access.redhat.com/errata/RHSA-2025:18820
reference_id	RHSA-2025:18820
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:18820

reference_url	https://access.redhat.com/errata/RHSA-2025:18821
reference_id	RHSA-2025:18821
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:18821

reference_url	https://access.redhat.com/errata/RHSA-2025:18822
reference_id	RHSA-2025:18822
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:18822

reference_url	https://access.redhat.com/errata/RHSA-2025:18823
reference_id	RHSA-2025:18823
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:18823

reference_url	https://access.redhat.com/errata/RHSA-2025:18824
reference_id	RHSA-2025:18824
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:18824

reference_url	https://access.redhat.com/errata/RHSA-2025:18825
reference_id	RHSA-2025:18825
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:18825

reference_url	https://access.redhat.com/errata/RHSA-2025:18826
reference_id	RHSA-2025:18826
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:18826

reference_url	https://access.redhat.com/errata/RHSA-2025:21485
reference_id	RHSA-2025:21485
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:21485

reference_url	https://access.redhat.com/errata/RHSA-2025:22370
reference_id	RHSA-2025:22370
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:22370

reference_url	https://access.redhat.com/errata/RHSA-2025:22672
reference_id	RHSA-2025:22672
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:22672

reference_url	https://usn.ubuntu.com/7881-1/
reference_id	USN-7881-1
reference_type
scores
url	https://usn.ubuntu.com/7881-1/

reference_url	https://usn.ubuntu.com/7882-1/
reference_id	USN-7882-1
reference_type
scores
url	https://usn.ubuntu.com/7882-1/

reference_url	https://usn.ubuntu.com/7883-1/
reference_id	USN-7883-1
reference_type
scores
url	https://usn.ubuntu.com/7883-1/

reference_url	https://usn.ubuntu.com/7884-1/
reference_id	USN-7884-1
reference_type
scores
url	https://usn.ubuntu.com/7884-1/

reference_url	https://usn.ubuntu.com/7885-1/
reference_id	USN-7885-1
reference_type
scores
url	https://usn.ubuntu.com/7885-1/

reference_url	https://usn.ubuntu.com/7900-1/
reference_id	USN-7900-1
reference_type
scores
url	https://usn.ubuntu.com/7900-1/

reference_url	https://usn.ubuntu.com/7901-1/
reference_id	USN-7901-1
reference_type
scores
url	https://usn.ubuntu.com/7901-1/

reference_url	https://usn.ubuntu.com/7902-1/
reference_id	USN-7902-1
reference_type
scores
url	https://usn.ubuntu.com/7902-1/

fixed_packages

url pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1

purl pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1gha-995s-7qdg

vulnerability	VCID-4snj-etwf-eqe8

vulnerability	VCID-57sd-8y93-qqhu

vulnerability	VCID-6r1k-8y1c-q7fm

vulnerability	VCID-apsn-z1br-3bdy

vulnerability	VCID-duy9-6f1p-vqah

vulnerability	VCID-jxgd-j4wr-tyb7

vulnerability	VCID-mt9c-tby1-wqe9

vulnerability	VCID-sz6r-65q1-q3bh

vulnerability	VCID-xte1-h9nn-4bbk

vulnerability	VCID-zsun-4q6p-8fek

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.17%252B10-1~deb12u1

aliases CVE-2025-53057

risk_score 2.6

exploitability 0.5

weighted_severity 5.3

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-13t7-vubq-8kae

url VCID-1gha-995s-7qdg

vulnerability_id VCID-1gha-995s-7qdg

summary Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JAXP). Supported versions that are affected are Oracle Java SE: 8u481, 8u481-b50, 8u481-perf, 11.0.30, 17.0.18, 21.0.10, 25.0.2, 26; Oracle GraalVM for JDK: 17.0.18 and 21.0.10; Oracle GraalVM Enterprise Edition: 21.3.17. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. CVSS 3.1 Base Score 7.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N).

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-22016.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-22016.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2026-22016

reference_id

reference_type

scores

value	0.00033
scoring_system	epss
scoring_elements	0.09722
published_at	2026-04-24T12:55:00Z

value	0.00033
scoring_system	epss
scoring_elements	0.09688
published_at	2026-04-26T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2026-22016

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-22016
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-22016

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1134894
reference_id	1134894
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1134894

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2460039
reference_id	2460039
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2460039

reference_url

https://www.oracle.com/security-alerts/cpuapr2026.html

reference_id

cpuapr2026.html

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-22T14:11:15Z/

url

https://www.oracle.com/security-alerts/cpuapr2026.html

reference_url	https://access.redhat.com/errata/RHSA-2026:11403
reference_id	RHSA-2026:11403
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:11403

reference_url	https://access.redhat.com/errata/RHSA-2026:9254
reference_id	RHSA-2026:9254
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:9254

reference_url	https://access.redhat.com/errata/RHSA-2026:9255
reference_id	RHSA-2026:9255
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:9255

reference_url	https://access.redhat.com/errata/RHSA-2026:9256
reference_id	RHSA-2026:9256
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:9256

reference_url	https://access.redhat.com/errata/RHSA-2026:9682
reference_id	RHSA-2026:9682
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:9682

reference_url	https://access.redhat.com/errata/RHSA-2026:9683
reference_id	RHSA-2026:9683
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:9683

reference_url	https://access.redhat.com/errata/RHSA-2026:9684
reference_id	RHSA-2026:9684
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:9684

reference_url	https://access.redhat.com/errata/RHSA-2026:9685
reference_id	RHSA-2026:9685
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:9685

reference_url	https://access.redhat.com/errata/RHSA-2026:9686
reference_id	RHSA-2026:9686
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:9686

reference_url	https://access.redhat.com/errata/RHSA-2026:9687
reference_id	RHSA-2026:9687
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:9687

reference_url	https://access.redhat.com/errata/RHSA-2026:9688
reference_id	RHSA-2026:9688
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:9688

reference_url	https://access.redhat.com/errata/RHSA-2026:9689
reference_id	RHSA-2026:9689
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:9689

reference_url	https://access.redhat.com/errata/RHSA-2026:9690
reference_id	RHSA-2026:9690
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:9690

reference_url	https://access.redhat.com/errata/RHSA-2026:9691
reference_id	RHSA-2026:9691
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:9691

reference_url	https://access.redhat.com/errata/RHSA-2026:9693
reference_id	RHSA-2026:9693
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:9693

reference_url	https://access.redhat.com/errata/RHSA-2026:9694
reference_id	RHSA-2026:9694
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:9694

fixed_packages

url	pkg:deb/debian/openjdk-17@17.0.18%2B8-1~deb12u1
purl	pkg:deb/debian/openjdk-17@17.0.18%2B8-1~deb12u1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.18%252B8-1~deb12u1

aliases CVE-2026-22016

risk_score 3.4

exploitability 0.5

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1gha-995s-7qdg

url VCID-4snj-etwf-eqe8

vulnerability_id VCID-4snj-etwf-eqe8

summary openjdk: Improve HttpServer Request handling (Oracle CPU 2026-01)

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-21933.json

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-21933.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2026-21933

reference_id

reference_type

scores

value	0.00032
scoring_system	epss
scoring_elements	0.09035
published_at	2026-04-02T12:55:00Z

value	0.00032
scoring_system	epss
scoring_elements	0.09147
published_at	2026-04-24T12:55:00Z

value	0.00032
scoring_system	epss
scoring_elements	0.08972
published_at	2026-04-16T12:55:00Z

value	0.00032
scoring_system	epss
scoring_elements	0.08951
published_at	2026-04-18T12:55:00Z

value	0.00032
scoring_system	epss
scoring_elements	0.09105
published_at	2026-04-21T12:55:00Z

value	0.00032
scoring_system	epss
scoring_elements	0.09086
published_at	2026-04-04T12:55:00Z

value	0.00032
scoring_system	epss
scoring_elements	0.0901
published_at	2026-04-07T12:55:00Z

value	0.00032
scoring_system	epss
scoring_elements	0.0909
published_at	2026-04-08T12:55:00Z

value	0.00032
scoring_system	epss
scoring_elements	0.09121
published_at	2026-04-09T12:55:00Z

value	0.00032
scoring_system	epss
scoring_elements	0.09122
published_at	2026-04-11T12:55:00Z

value	0.00032
scoring_system	epss
scoring_elements	0.09091
published_at	2026-04-26T12:55:00Z

value	0.00032
scoring_system	epss
scoring_elements	0.09077
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2026-21933

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-21933
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-21933

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1126119
reference_id	1126119
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1126119

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2429926
reference_id	2429926
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2429926

reference_url

https://www.oracle.com/security-alerts/cpujan2026.html

reference_id

cpujan2026.html

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-21T20:56:13Z/

url

https://www.oracle.com/security-alerts/cpujan2026.html

reference_url	https://access.redhat.com/errata/RHSA-2026:0847
reference_id	RHSA-2026:0847
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:0847

reference_url	https://access.redhat.com/errata/RHSA-2026:0848
reference_id	RHSA-2026:0848
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:0848

reference_url	https://access.redhat.com/errata/RHSA-2026:0849
reference_id	RHSA-2026:0849
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:0849

reference_url	https://access.redhat.com/errata/RHSA-2026:0895
reference_id	RHSA-2026:0895
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:0895

reference_url	https://access.redhat.com/errata/RHSA-2026:0896
reference_id	RHSA-2026:0896
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:0896

reference_url	https://access.redhat.com/errata/RHSA-2026:0897
reference_id	RHSA-2026:0897
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:0897

reference_url	https://access.redhat.com/errata/RHSA-2026:0898
reference_id	RHSA-2026:0898
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:0898

reference_url	https://access.redhat.com/errata/RHSA-2026:0899
reference_id	RHSA-2026:0899
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:0899

reference_url	https://access.redhat.com/errata/RHSA-2026:0900
reference_id	RHSA-2026:0900
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:0900

reference_url	https://access.redhat.com/errata/RHSA-2026:0901
reference_id	RHSA-2026:0901
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:0901

reference_url	https://access.redhat.com/errata/RHSA-2026:0927
reference_id	RHSA-2026:0927
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:0927

reference_url	https://access.redhat.com/errata/RHSA-2026:0928
reference_id	RHSA-2026:0928
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:0928

reference_url	https://access.redhat.com/errata/RHSA-2026:0931
reference_id	RHSA-2026:0931
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:0931

reference_url	https://access.redhat.com/errata/RHSA-2026:0932
reference_id	RHSA-2026:0932
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:0932

reference_url	https://access.redhat.com/errata/RHSA-2026:0933
reference_id	RHSA-2026:0933
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:0933

reference_url	https://access.redhat.com/errata/RHSA-2026:1606
reference_id	RHSA-2026:1606
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:1606

reference_url	https://access.redhat.com/errata/RHSA-2026:4832
reference_id	RHSA-2026:4832
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:4832

reference_url	https://usn.ubuntu.com/7995-1/
reference_id	USN-7995-1
reference_type
scores
url	https://usn.ubuntu.com/7995-1/

reference_url	https://usn.ubuntu.com/7996-1/
reference_id	USN-7996-1
reference_type
scores
url	https://usn.ubuntu.com/7996-1/

reference_url	https://usn.ubuntu.com/7997-1/
reference_id	USN-7997-1
reference_type
scores
url	https://usn.ubuntu.com/7997-1/

reference_url	https://usn.ubuntu.com/7998-1/
reference_id	USN-7998-1
reference_type
scores
url	https://usn.ubuntu.com/7998-1/

reference_url	https://usn.ubuntu.com/8000-1/
reference_id	USN-8000-1
reference_type
scores
url	https://usn.ubuntu.com/8000-1/

reference_url	https://usn.ubuntu.com/8001-1/
reference_id	USN-8001-1
reference_type
scores
url	https://usn.ubuntu.com/8001-1/

reference_url	https://usn.ubuntu.com/8002-1/
reference_id	USN-8002-1
reference_type
scores
url	https://usn.ubuntu.com/8002-1/

reference_url	https://usn.ubuntu.com/8003-1/
reference_id	USN-8003-1
reference_type
scores
url	https://usn.ubuntu.com/8003-1/

fixed_packages

url	pkg:deb/debian/openjdk-17@17.0.18%2B8-1~deb12u1
purl	pkg:deb/debian/openjdk-17@17.0.18%2B8-1~deb12u1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.18%252B8-1~deb12u1

aliases CVE-2026-21933

risk_score 2.8

exploitability 0.5

weighted_severity 5.5

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4snj-etwf-eqe8

url VCID-57sd-8y93-qqhu

vulnerability_id VCID-57sd-8y93-qqhu

summary Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Networking). Supported versions that are affected are Oracle Java SE: 8u481-perf, 11.0.30, 17.0.18, 21.0.10, 25.0.2, 26; Oracle GraalVM for JDK: 17.0.18 and 21.0.10; Oracle GraalVM Enterprise Edition: 21.3.17. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. CVSS 3.1 Base Score 7.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H).

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-34282.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-34282.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2026-34282

reference_id

reference_type

scores

value	0.0004
scoring_system	epss
scoring_elements	0.121
published_at	2026-04-24T12:55:00Z

value	0.0004
scoring_system	epss
scoring_elements	0.12067
published_at	2026-04-26T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2026-34282

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-34282
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-34282

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2460044
reference_id	2460044
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2460044

reference_url

https://www.oracle.com/security-alerts/cpuapr2026.html

reference_id

cpuapr2026.html

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-22T15:33:23Z/

url

https://www.oracle.com/security-alerts/cpuapr2026.html

reference_url	https://access.redhat.com/errata/RHSA-2026:11403
reference_id	RHSA-2026:11403
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:11403

reference_url	https://access.redhat.com/errata/RHSA-2026:9254
reference_id	RHSA-2026:9254
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:9254

reference_url	https://access.redhat.com/errata/RHSA-2026:9255
reference_id	RHSA-2026:9255
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:9255

reference_url	https://access.redhat.com/errata/RHSA-2026:9256
reference_id	RHSA-2026:9256
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:9256

reference_url	https://access.redhat.com/errata/RHSA-2026:9686
reference_id	RHSA-2026:9686
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:9686

reference_url	https://access.redhat.com/errata/RHSA-2026:9687
reference_id	RHSA-2026:9687
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:9687

reference_url	https://access.redhat.com/errata/RHSA-2026:9688
reference_id	RHSA-2026:9688
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:9688

reference_url	https://access.redhat.com/errata/RHSA-2026:9689
reference_id	RHSA-2026:9689
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:9689

reference_url	https://access.redhat.com/errata/RHSA-2026:9690
reference_id	RHSA-2026:9690
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:9690

reference_url	https://access.redhat.com/errata/RHSA-2026:9691
reference_id	RHSA-2026:9691
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:9691

reference_url	https://access.redhat.com/errata/RHSA-2026:9693
reference_id	RHSA-2026:9693
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:9693

reference_url	https://access.redhat.com/errata/RHSA-2026:9694
reference_id	RHSA-2026:9694
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:9694

fixed_packages

url	pkg:deb/debian/openjdk-17@17.0.18%2B8-1~deb12u1
purl	pkg:deb/debian/openjdk-17@17.0.18%2B8-1~deb12u1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.18%252B8-1~deb12u1

aliases CVE-2026-34282

risk_score 3.4

exploitability 0.5

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-57sd-8y93-qqhu

url VCID-6196-gvhx-ruh8

vulnerability_id VCID-6196-gvhx-ruh8

summary Multiple vulnerabilities have been discovered in OpenJDK, the worst of which could lead to remote code execution.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21235.json

reference_id

reference_type

scores

value	4.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21235.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-21235

reference_id

reference_type

scores

value	0.00171
scoring_system	epss
scoring_elements	0.38363
published_at	2026-04-09T12:55:00Z

value	0.00171
scoring_system	epss
scoring_elements	0.38417
published_at	2026-04-02T12:55:00Z

value	0.00171
scoring_system	epss
scoring_elements	0.38441
published_at	2026-04-04T12:55:00Z

value	0.00171
scoring_system	epss
scoring_elements	0.38305
published_at	2026-04-07T12:55:00Z

value	0.00171
scoring_system	epss
scoring_elements	0.38355
published_at	2026-04-08T12:55:00Z

value	0.00171
scoring_system	epss
scoring_elements	0.3838
published_at	2026-04-11T12:55:00Z

value	0.00216
scoring_system	epss
scoring_elements	0.44063
published_at	2026-04-24T12:55:00Z

value	0.00216
scoring_system	epss
scoring_elements	0.4422
published_at	2026-04-16T12:55:00Z

value	0.00216
scoring_system	epss
scoring_elements	0.4421
published_at	2026-04-18T12:55:00Z

value	0.00216
scoring_system	epss
scoring_elements	0.44139
published_at	2026-04-21T12:55:00Z

value	0.00216
scoring_system	epss
scoring_elements	0.44066
published_at	2026-04-26T12:55:00Z

value	0.00216
scoring_system	epss
scoring_elements	0.44158
published_at	2026-04-12T12:55:00Z

value	0.00216
scoring_system	epss
scoring_elements	0.44159
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-21235

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21235
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21235

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1085696
reference_id	1085696
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1085696

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2318534
reference_id	2318534
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2318534

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm:20.3.15::::enterprise:::
reference_id	cpe:2.3:a:oracle:graalvm:20.3.15::::enterprise:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm:20.3.15::::enterprise:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm:21.3.11::::enterprise:::
reference_id	cpe:2.3:a:oracle:graalvm:21.3.11::::enterprise:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm:21.3.11::::enterprise:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:17.0.12:::::::*
reference_id	cpe:2.3:a:oracle:graalvm_for_jdk:17.0.12:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:17.0.12:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:21.0.4:::::::*
reference_id	cpe:2.3:a:oracle:graalvm_for_jdk:21.0.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:21.0.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:23:::::::*
reference_id	cpe:2.3:a:oracle:graalvm_for_jdk:23:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:23:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:11.0.24:::::::*
reference_id	cpe:2.3:a:oracle:java_se:11.0.24:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:11.0.24:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:17.0.12:::::::*
reference_id	cpe:2.3:a:oracle:java_se:17.0.12:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:17.0.12:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:21.0.4:::::::*
reference_id	cpe:2.3:a:oracle:java_se:21.0.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:21.0.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:23:::::::*
reference_id	cpe:2.3:a:oracle:java_se:23:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:23:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:8u421:::::::*
reference_id	cpe:2.3:a:oracle:java_se:8u421:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:8u421:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:8u421::::enterprise_performance:::
reference_id	cpe:2.3:a:oracle:java_se:8u421::::enterprise_performance:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:8u421::::enterprise_performance:::

reference_url	https://security.gentoo.org/glsa/202412-07
reference_id	GLSA-202412-07
reference_type
scores
url	https://security.gentoo.org/glsa/202412-07

reference_url	https://access.redhat.com/errata/RHSA-2024:10926
reference_id	RHSA-2024:10926
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:10926

reference_url	https://access.redhat.com/errata/RHSA-2024:8116
reference_id	RHSA-2024:8116
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:8116

reference_url	https://access.redhat.com/errata/RHSA-2024:8117
reference_id	RHSA-2024:8117
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:8117

reference_url	https://access.redhat.com/errata/RHSA-2024:8118
reference_id	RHSA-2024:8118
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:8118

reference_url	https://access.redhat.com/errata/RHSA-2024:8119
reference_id	RHSA-2024:8119
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:8119

reference_url	https://access.redhat.com/errata/RHSA-2024:8120
reference_id	RHSA-2024:8120
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:8120

reference_url	https://access.redhat.com/errata/RHSA-2024:8121
reference_id	RHSA-2024:8121
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:8121

reference_url	https://access.redhat.com/errata/RHSA-2024:8122
reference_id	RHSA-2024:8122
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:8122

reference_url	https://access.redhat.com/errata/RHSA-2024:8123
reference_id	RHSA-2024:8123
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:8123

reference_url	https://access.redhat.com/errata/RHSA-2024:8124
reference_id	RHSA-2024:8124
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:8124

reference_url	https://access.redhat.com/errata/RHSA-2024:8125
reference_id	RHSA-2024:8125
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:8125

reference_url	https://access.redhat.com/errata/RHSA-2024:8126
reference_id	RHSA-2024:8126
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:8126

reference_url	https://access.redhat.com/errata/RHSA-2024:8127
reference_id	RHSA-2024:8127
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:8127

reference_url	https://access.redhat.com/errata/RHSA-2024:8128
reference_id	RHSA-2024:8128
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:8128

reference_url	https://access.redhat.com/errata/RHSA-2024:8129
reference_id	RHSA-2024:8129
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:8129

reference_url	https://usn.ubuntu.com/7096-1/
reference_id	USN-7096-1
reference_type
scores
url	https://usn.ubuntu.com/7096-1/

reference_url	https://usn.ubuntu.com/7097-1/
reference_id	USN-7097-1
reference_type
scores
url	https://usn.ubuntu.com/7097-1/

reference_url	https://usn.ubuntu.com/7098-1/
reference_id	USN-7098-1
reference_type
scores
url	https://usn.ubuntu.com/7098-1/

reference_url	https://usn.ubuntu.com/7099-1/
reference_id	USN-7099-1
reference_type
scores
url	https://usn.ubuntu.com/7099-1/

reference_url	https://usn.ubuntu.com/7124-1/
reference_id	USN-7124-1
reference_type
scores
url	https://usn.ubuntu.com/7124-1/

reference_url	https://usn.ubuntu.com/7338-1/
reference_id	USN-7338-1
reference_type
scores
url	https://usn.ubuntu.com/7338-1/

reference_url	https://usn.ubuntu.com/7339-1/
reference_id	USN-7339-1
reference_type
scores
url	https://usn.ubuntu.com/7339-1/

fixed_packages

url pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1

purl pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1gha-995s-7qdg

vulnerability	VCID-4snj-etwf-eqe8

vulnerability	VCID-57sd-8y93-qqhu

vulnerability	VCID-6r1k-8y1c-q7fm

vulnerability	VCID-apsn-z1br-3bdy

vulnerability	VCID-duy9-6f1p-vqah

vulnerability	VCID-jxgd-j4wr-tyb7

vulnerability	VCID-mt9c-tby1-wqe9

vulnerability	VCID-sz6r-65q1-q3bh

vulnerability	VCID-xte1-h9nn-4bbk

vulnerability	VCID-zsun-4q6p-8fek

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.17%252B10-1~deb12u1

aliases CVE-2024-21235

risk_score 2.1

exploitability 0.5

weighted_severity 4.3

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6196-gvhx-ruh8

url VCID-6r1k-8y1c-q7fm

vulnerability_id VCID-6r1k-8y1c-q7fm

summary Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Security). Supported versions that are affected are Oracle Java SE: 8u481, 8u481-b50, 8u481-perf, 11.0.30, 17.0.18, 21.0.10, 25.0.2, 26; Oracle GraalVM for JDK: 17.0.18 and 21.0.10; Oracle GraalVM Enterprise Edition: 21.3.17. Difficult to exploit vulnerability allows unauthenticated attacker with logon to the infrastructure where Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition executes to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. CVSS 3.1 Base Score 2.9 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N).

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-22007.json

reference_id

reference_type

scores

value	2.9
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-22007.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2026-22007

reference_id

reference_type

scores

value	0.00012
scoring_system	epss
scoring_elements	0.01704
published_at	2026-04-24T12:55:00Z

value	0.00012
scoring_system	epss
scoring_elements	0.01698
published_at	2026-04-26T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2026-22007

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-22007
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-22007

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	2.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1134894
reference_id	1134894
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1134894

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2460038
reference_id	2460038
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2460038

reference_url

https://www.oracle.com/security-alerts/cpuapr2026.html

reference_id

cpuapr2026.html

reference_type

scores

value	2.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-22T14:05:16Z/

url

https://www.oracle.com/security-alerts/cpuapr2026.html

reference_url	https://access.redhat.com/errata/RHSA-2026:11403
reference_id	RHSA-2026:11403
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:11403

reference_url	https://access.redhat.com/errata/RHSA-2026:9254
reference_id	RHSA-2026:9254
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:9254

reference_url	https://access.redhat.com/errata/RHSA-2026:9255
reference_id	RHSA-2026:9255
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:9255

reference_url	https://access.redhat.com/errata/RHSA-2026:9256
reference_id	RHSA-2026:9256
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:9256

reference_url	https://access.redhat.com/errata/RHSA-2026:9682
reference_id	RHSA-2026:9682
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:9682

reference_url	https://access.redhat.com/errata/RHSA-2026:9683
reference_id	RHSA-2026:9683
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:9683

reference_url	https://access.redhat.com/errata/RHSA-2026:9684
reference_id	RHSA-2026:9684
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:9684

reference_url	https://access.redhat.com/errata/RHSA-2026:9685
reference_id	RHSA-2026:9685
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:9685

reference_url	https://access.redhat.com/errata/RHSA-2026:9686
reference_id	RHSA-2026:9686
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:9686

reference_url	https://access.redhat.com/errata/RHSA-2026:9687
reference_id	RHSA-2026:9687
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:9687

reference_url	https://access.redhat.com/errata/RHSA-2026:9688
reference_id	RHSA-2026:9688
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:9688

reference_url	https://access.redhat.com/errata/RHSA-2026:9689
reference_id	RHSA-2026:9689
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:9689

reference_url	https://access.redhat.com/errata/RHSA-2026:9690
reference_id	RHSA-2026:9690
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:9690

reference_url	https://access.redhat.com/errata/RHSA-2026:9691
reference_id	RHSA-2026:9691
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:9691

reference_url	https://access.redhat.com/errata/RHSA-2026:9693
reference_id	RHSA-2026:9693
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:9693

reference_url	https://access.redhat.com/errata/RHSA-2026:9694
reference_id	RHSA-2026:9694
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:9694

fixed_packages

url	pkg:deb/debian/openjdk-17@17.0.18%2B8-1~deb12u1
purl	pkg:deb/debian/openjdk-17@17.0.18%2B8-1~deb12u1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.18%252B8-1~deb12u1

aliases CVE-2026-22007

risk_score 1.3

exploitability 0.5

weighted_severity 2.6

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6r1k-8y1c-q7fm

url VCID-9n5v-4daz-eyc2

vulnerability_id VCID-9n5v-4daz-eyc2

summary Multiple vulnerabilities have been discovered in OpenJDK, the worst of which could lead to remote code execution.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21217.json

reference_id

reference_type

scores

value	3.7
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21217.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-21217

reference_id

reference_type

scores

value	0.00096
scoring_system	epss
scoring_elements	0.26487
published_at	2026-04-26T12:55:00Z

value	0.00096
scoring_system	epss
scoring_elements	0.26589
published_at	2026-04-18T12:55:00Z

value	0.00096
scoring_system	epss
scoring_elements	0.26551
published_at	2026-04-21T12:55:00Z

value	0.00096
scoring_system	epss
scoring_elements	0.26493
published_at	2026-04-24T12:55:00Z

value	0.00096
scoring_system	epss
scoring_elements	0.26767
published_at	2026-04-02T12:55:00Z

value	0.00096
scoring_system	epss
scoring_elements	0.26807
published_at	2026-04-04T12:55:00Z

value	0.00096
scoring_system	epss
scoring_elements	0.26591
published_at	2026-04-07T12:55:00Z

value	0.00096
scoring_system	epss
scoring_elements	0.26658
published_at	2026-04-08T12:55:00Z

value	0.00096
scoring_system	epss
scoring_elements	0.26708
published_at	2026-04-09T12:55:00Z

value	0.00096
scoring_system	epss
scoring_elements	0.26713
published_at	2026-04-11T12:55:00Z

value	0.00096
scoring_system	epss
scoring_elements	0.26668
published_at	2026-04-12T12:55:00Z

value	0.00096
scoring_system	epss
scoring_elements	0.26611
published_at	2026-04-13T12:55:00Z

value	0.00096
scoring_system	epss
scoring_elements	0.26618
published_at	2026-04-16T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-21217

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21217
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21217

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	3.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1085696
reference_id	1085696
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1085696

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2318530
reference_id	2318530
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2318530

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm:20.3.15::::enterprise:::
reference_id	cpe:2.3:a:oracle:graalvm:20.3.15::::enterprise:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm:20.3.15::::enterprise:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm:21.3.11::::enterprise:::
reference_id	cpe:2.3:a:oracle:graalvm:21.3.11::::enterprise:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm:21.3.11::::enterprise:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:17.0.12:::::::*
reference_id	cpe:2.3:a:oracle:graalvm_for_jdk:17.0.12:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:17.0.12:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:21.0.4:::::::*
reference_id	cpe:2.3:a:oracle:graalvm_for_jdk:21.0.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:21.0.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:23:::::::*
reference_id	cpe:2.3:a:oracle:graalvm_for_jdk:23:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:23:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:11.0.24:::::::*
reference_id	cpe:2.3:a:oracle:java_se:11.0.24:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:11.0.24:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:17.0.12:::::::*
reference_id	cpe:2.3:a:oracle:java_se:17.0.12:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:17.0.12:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:21.0.4:::::::*
reference_id	cpe:2.3:a:oracle:java_se:21.0.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:21.0.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:23:::::::*
reference_id	cpe:2.3:a:oracle:java_se:23:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:23:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:8u421:::::::*
reference_id	cpe:2.3:a:oracle:java_se:8u421:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:8u421:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:8u421::::enterprise_performance:::
reference_id	cpe:2.3:a:oracle:java_se:8u421::::enterprise_performance:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:8u421::::enterprise_performance:::

reference_url	https://security.gentoo.org/glsa/202412-07
reference_id	GLSA-202412-07
reference_type
scores
url	https://security.gentoo.org/glsa/202412-07

reference_url	https://access.redhat.com/errata/RHSA-2024:10926
reference_id	RHSA-2024:10926
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:10926

reference_url	https://access.redhat.com/errata/RHSA-2024:8116
reference_id	RHSA-2024:8116
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:8116

reference_url	https://access.redhat.com/errata/RHSA-2024:8117
reference_id	RHSA-2024:8117
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:8117

reference_url	https://access.redhat.com/errata/RHSA-2024:8118
reference_id	RHSA-2024:8118
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:8118

reference_url	https://access.redhat.com/errata/RHSA-2024:8119
reference_id	RHSA-2024:8119
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:8119

reference_url	https://access.redhat.com/errata/RHSA-2024:8120
reference_id	RHSA-2024:8120
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:8120

reference_url	https://access.redhat.com/errata/RHSA-2024:8121
reference_id	RHSA-2024:8121
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:8121

reference_url	https://access.redhat.com/errata/RHSA-2024:8122
reference_id	RHSA-2024:8122
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:8122

reference_url	https://access.redhat.com/errata/RHSA-2024:8123
reference_id	RHSA-2024:8123
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:8123

reference_url	https://access.redhat.com/errata/RHSA-2024:8124
reference_id	RHSA-2024:8124
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:8124

reference_url	https://access.redhat.com/errata/RHSA-2024:8125
reference_id	RHSA-2024:8125
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:8125

reference_url	https://access.redhat.com/errata/RHSA-2024:8126
reference_id	RHSA-2024:8126
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:8126

reference_url	https://access.redhat.com/errata/RHSA-2024:8127
reference_id	RHSA-2024:8127
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:8127

reference_url	https://access.redhat.com/errata/RHSA-2024:8128
reference_id	RHSA-2024:8128
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:8128

reference_url	https://access.redhat.com/errata/RHSA-2024:8129
reference_id	RHSA-2024:8129
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:8129

reference_url	https://usn.ubuntu.com/7096-1/
reference_id	USN-7096-1
reference_type
scores
url	https://usn.ubuntu.com/7096-1/

reference_url	https://usn.ubuntu.com/7097-1/
reference_id	USN-7097-1
reference_type
scores
url	https://usn.ubuntu.com/7097-1/

reference_url	https://usn.ubuntu.com/7098-1/
reference_id	USN-7098-1
reference_type
scores
url	https://usn.ubuntu.com/7098-1/

reference_url	https://usn.ubuntu.com/7099-1/
reference_id	USN-7099-1
reference_type
scores
url	https://usn.ubuntu.com/7099-1/

reference_url	https://usn.ubuntu.com/7124-1/
reference_id	USN-7124-1
reference_type
scores
url	https://usn.ubuntu.com/7124-1/

reference_url	https://usn.ubuntu.com/7338-1/
reference_id	USN-7338-1
reference_type
scores
url	https://usn.ubuntu.com/7338-1/

reference_url	https://usn.ubuntu.com/7339-1/
reference_id	USN-7339-1
reference_type
scores
url	https://usn.ubuntu.com/7339-1/

fixed_packages

url pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1

purl pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1gha-995s-7qdg

vulnerability	VCID-4snj-etwf-eqe8

vulnerability	VCID-57sd-8y93-qqhu

vulnerability	VCID-6r1k-8y1c-q7fm

vulnerability	VCID-apsn-z1br-3bdy

vulnerability	VCID-duy9-6f1p-vqah

vulnerability	VCID-jxgd-j4wr-tyb7

vulnerability	VCID-mt9c-tby1-wqe9

vulnerability	VCID-sz6r-65q1-q3bh

vulnerability	VCID-xte1-h9nn-4bbk

vulnerability	VCID-zsun-4q6p-8fek

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.17%252B10-1~deb12u1

aliases CVE-2024-21217

risk_score 1.6

exploitability 0.5

weighted_severity 3.3

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-9n5v-4daz-eyc2

url VCID-apsn-z1br-3bdy

vulnerability_id VCID-apsn-z1br-3bdy

summary openjdk: Enhance Certificate Checking (Oracle CPU 2026-01)

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-21945.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-21945.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2026-21945

reference_id

reference_type

scores

value	0.00053
scoring_system	epss
scoring_elements	0.16874
published_at	2026-04-02T12:55:00Z

value	0.00053
scoring_system	epss
scoring_elements	0.16604
published_at	2026-04-26T12:55:00Z

value	0.00053
scoring_system	epss
scoring_elements	0.16672
published_at	2026-04-18T12:55:00Z

value	0.00053
scoring_system	epss
scoring_elements	0.16709
published_at	2026-04-21T12:55:00Z

value	0.00053
scoring_system	epss
scoring_elements	0.16615
published_at	2026-04-24T12:55:00Z

value	0.00053
scoring_system	epss
scoring_elements	0.1693
published_at	2026-04-04T12:55:00Z

value	0.00053
scoring_system	epss
scoring_elements	0.16714
published_at	2026-04-07T12:55:00Z

value	0.00053
scoring_system	epss
scoring_elements	0.16799
published_at	2026-04-08T12:55:00Z

value	0.00053
scoring_system	epss
scoring_elements	0.16854
published_at	2026-04-09T12:55:00Z

value	0.00053
scoring_system	epss
scoring_elements	0.16832
published_at	2026-04-11T12:55:00Z

value	0.00053
scoring_system	epss
scoring_elements	0.16786
published_at	2026-04-12T12:55:00Z

value	0.00053
scoring_system	epss
scoring_elements	0.16728
published_at	2026-04-13T12:55:00Z

value	0.00053
scoring_system	epss
scoring_elements	0.16664
published_at	2026-04-16T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2026-21945

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-21945
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-21945

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1126119
reference_id	1126119
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1126119

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2429927
reference_id	2429927
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2429927

reference_url

https://www.oracle.com/security-alerts/cpujan2026.html

reference_id

cpujan2026.html

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-01-21T15:04:39Z/

url

https://www.oracle.com/security-alerts/cpujan2026.html

reference_url	https://access.redhat.com/errata/RHSA-2026:0847
reference_id	RHSA-2026:0847
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:0847

reference_url	https://access.redhat.com/errata/RHSA-2026:0848
reference_id	RHSA-2026:0848
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:0848

reference_url	https://access.redhat.com/errata/RHSA-2026:0849
reference_id	RHSA-2026:0849
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:0849

reference_url	https://access.redhat.com/errata/RHSA-2026:0895
reference_id	RHSA-2026:0895
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:0895

reference_url	https://access.redhat.com/errata/RHSA-2026:0896
reference_id	RHSA-2026:0896
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:0896

reference_url	https://access.redhat.com/errata/RHSA-2026:0897
reference_id	RHSA-2026:0897
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:0897

reference_url	https://access.redhat.com/errata/RHSA-2026:0898
reference_id	RHSA-2026:0898
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:0898

reference_url	https://access.redhat.com/errata/RHSA-2026:0899
reference_id	RHSA-2026:0899
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:0899

reference_url	https://access.redhat.com/errata/RHSA-2026:0900
reference_id	RHSA-2026:0900
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:0900

reference_url	https://access.redhat.com/errata/RHSA-2026:0901
reference_id	RHSA-2026:0901
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:0901

reference_url	https://access.redhat.com/errata/RHSA-2026:0927
reference_id	RHSA-2026:0927
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:0927

reference_url	https://access.redhat.com/errata/RHSA-2026:0928
reference_id	RHSA-2026:0928
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:0928

reference_url	https://access.redhat.com/errata/RHSA-2026:0931
reference_id	RHSA-2026:0931
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:0931

reference_url	https://access.redhat.com/errata/RHSA-2026:0932
reference_id	RHSA-2026:0932
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:0932

reference_url	https://access.redhat.com/errata/RHSA-2026:0933
reference_id	RHSA-2026:0933
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:0933

reference_url	https://access.redhat.com/errata/RHSA-2026:1606
reference_id	RHSA-2026:1606
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:1606

reference_url	https://access.redhat.com/errata/RHSA-2026:4832
reference_id	RHSA-2026:4832
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:4832

reference_url	https://usn.ubuntu.com/7995-1/
reference_id	USN-7995-1
reference_type
scores
url	https://usn.ubuntu.com/7995-1/

reference_url	https://usn.ubuntu.com/7996-1/
reference_id	USN-7996-1
reference_type
scores
url	https://usn.ubuntu.com/7996-1/

reference_url	https://usn.ubuntu.com/7997-1/
reference_id	USN-7997-1
reference_type
scores
url	https://usn.ubuntu.com/7997-1/

reference_url	https://usn.ubuntu.com/7998-1/
reference_id	USN-7998-1
reference_type
scores
url	https://usn.ubuntu.com/7998-1/

reference_url	https://usn.ubuntu.com/8000-1/
reference_id	USN-8000-1
reference_type
scores
url	https://usn.ubuntu.com/8000-1/

reference_url	https://usn.ubuntu.com/8001-1/
reference_id	USN-8001-1
reference_type
scores
url	https://usn.ubuntu.com/8001-1/

reference_url	https://usn.ubuntu.com/8002-1/
reference_id	USN-8002-1
reference_type
scores
url	https://usn.ubuntu.com/8002-1/

reference_url	https://usn.ubuntu.com/8003-1/
reference_id	USN-8003-1
reference_type
scores
url	https://usn.ubuntu.com/8003-1/

fixed_packages

url	pkg:deb/debian/openjdk-17@17.0.18%2B8-1~deb12u1
purl	pkg:deb/debian/openjdk-17@17.0.18%2B8-1~deb12u1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.18%252B8-1~deb12u1

aliases CVE-2026-21945

risk_score 3.4

exploitability 0.5

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-apsn-z1br-3bdy

url VCID-b32x-4pu4-jkh4

vulnerability_id VCID-b32x-4pu4-jkh4

summary openjdk: Better Glyph drawing (Oracle CPU 2025-07)

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-30749.json

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-30749.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-30749

reference_id

reference_type

scores

value	0.00508
scoring_system	epss
scoring_elements	0.6625
published_at	2026-04-02T12:55:00Z

value	0.00508
scoring_system	epss
scoring_elements	0.66307
published_at	2026-04-09T12:55:00Z

value	0.00508
scoring_system	epss
scoring_elements	0.66277
published_at	2026-04-04T12:55:00Z

value	0.00508
scoring_system	epss
scoring_elements	0.66247
published_at	2026-04-07T12:55:00Z

value	0.00508
scoring_system	epss
scoring_elements	0.66294
published_at	2026-04-08T12:55:00Z

value	0.00521
scoring_system	epss
scoring_elements	0.66893
published_at	2026-04-21T12:55:00Z

value	0.00672
scoring_system	epss
scoring_elements	0.71446
published_at	2026-04-26T12:55:00Z

value	0.00672
scoring_system	epss
scoring_elements	0.71388
published_at	2026-04-11T12:55:00Z

value	0.00672
scoring_system	epss
scoring_elements	0.71372
published_at	2026-04-12T12:55:00Z

value	0.00672
scoring_system	epss
scoring_elements	0.71439
published_at	2026-04-24T12:55:00Z

value	0.00672
scoring_system	epss
scoring_elements	0.71401
published_at	2026-04-16T12:55:00Z

value	0.00672
scoring_system	epss
scoring_elements	0.71407
published_at	2026-04-18T12:55:00Z

value	0.00672
scoring_system	epss
scoring_elements	0.71355
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-30749

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-30749
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-30749

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2376783
reference_id	2376783
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2376783

reference_url

https://www.oracle.com/security-alerts/cpujul2025.html

reference_id

cpujul2025.html

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-07-15T20:23:21Z/

url

https://www.oracle.com/security-alerts/cpujul2025.html

reference_url	https://access.redhat.com/errata/RHSA-2025:10861
reference_id	RHSA-2025:10861
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:10861

reference_url	https://access.redhat.com/errata/RHSA-2025:10862
reference_id	RHSA-2025:10862
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:10862

reference_url	https://access.redhat.com/errata/RHSA-2025:10863
reference_id	RHSA-2025:10863
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:10863

reference_url	https://access.redhat.com/errata/RHSA-2025:10864
reference_id	RHSA-2025:10864
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:10864

reference_url	https://access.redhat.com/errata/RHSA-2025:10865
reference_id	RHSA-2025:10865
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:10865

reference_url	https://access.redhat.com/errata/RHSA-2025:10866
reference_id	RHSA-2025:10866
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:10866

reference_url	https://access.redhat.com/errata/RHSA-2025:10867
reference_id	RHSA-2025:10867
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:10867

reference_url	https://access.redhat.com/errata/RHSA-2025:10868
reference_id	RHSA-2025:10868
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:10868

reference_url	https://access.redhat.com/errata/RHSA-2025:10869
reference_id	RHSA-2025:10869
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:10869

reference_url	https://access.redhat.com/errata/RHSA-2025:10870
reference_id	RHSA-2025:10870
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:10870

reference_url	https://access.redhat.com/errata/RHSA-2025:10873
reference_id	RHSA-2025:10873
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:10873

reference_url	https://access.redhat.com/errata/RHSA-2025:10874
reference_id	RHSA-2025:10874
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:10874

reference_url	https://access.redhat.com/errata/RHSA-2025:10875
reference_id	RHSA-2025:10875
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:10875

reference_url	https://access.redhat.com/errata/RHSA-2025:13656
reference_id	RHSA-2025:13656
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:13656

reference_url	https://access.redhat.com/errata/RHSA-2025:13675
reference_id	RHSA-2025:13675
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:13675

reference_url	https://access.redhat.com/errata/RHSA-2026:0934
reference_id	RHSA-2026:0934
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:0934

reference_url	https://usn.ubuntu.com/7667-1/
reference_id	USN-7667-1
reference_type
scores
url	https://usn.ubuntu.com/7667-1/

reference_url	https://usn.ubuntu.com/7668-1/
reference_id	USN-7668-1
reference_type
scores
url	https://usn.ubuntu.com/7668-1/

reference_url	https://usn.ubuntu.com/7669-1/
reference_id	USN-7669-1
reference_type
scores
url	https://usn.ubuntu.com/7669-1/

reference_url	https://usn.ubuntu.com/7672-1/
reference_id	USN-7672-1
reference_type
scores
url	https://usn.ubuntu.com/7672-1/

reference_url	https://usn.ubuntu.com/7673-1/
reference_id	USN-7673-1
reference_type
scores
url	https://usn.ubuntu.com/7673-1/

reference_url	https://usn.ubuntu.com/7674-1/
reference_id	USN-7674-1
reference_type
scores
url	https://usn.ubuntu.com/7674-1/

reference_url	https://usn.ubuntu.com/7690-1/
reference_id	USN-7690-1
reference_type
scores
url	https://usn.ubuntu.com/7690-1/

fixed_packages

url pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1

purl pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1gha-995s-7qdg

vulnerability	VCID-4snj-etwf-eqe8

vulnerability	VCID-57sd-8y93-qqhu

vulnerability	VCID-6r1k-8y1c-q7fm

vulnerability	VCID-apsn-z1br-3bdy

vulnerability	VCID-duy9-6f1p-vqah

vulnerability	VCID-jxgd-j4wr-tyb7

vulnerability	VCID-mt9c-tby1-wqe9

vulnerability	VCID-sz6r-65q1-q3bh

vulnerability	VCID-xte1-h9nn-4bbk

vulnerability	VCID-zsun-4q6p-8fek

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.17%252B10-1~deb12u1

aliases CVE-2025-30749

risk_score 3.6

exploitability 0.5

weighted_severity 7.3

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-b32x-4pu4-jkh4

url VCID-duy9-6f1p-vqah

vulnerability_id VCID-duy9-6f1p-vqah

summary openjdk: Enhance Handling of URIs (Oracle CPU 2026-01)

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-21932.json

reference_id

reference_type

scores

value	7.4
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-21932.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2026-21932

reference_id

reference_type

scores

value	0.00032
scoring_system	epss
scoring_elements	0.09259
published_at	2026-04-02T12:55:00Z

value	0.00032
scoring_system	epss
scoring_elements	0.09361
published_at	2026-04-26T12:55:00Z

value	0.00032
scoring_system	epss
scoring_elements	0.09204
published_at	2026-04-18T12:55:00Z

value	0.00032
scoring_system	epss
scoring_elements	0.09355
published_at	2026-04-21T12:55:00Z

value	0.00032
scoring_system	epss
scoring_elements	0.09406
published_at	2026-04-24T12:55:00Z

value	0.00032
scoring_system	epss
scoring_elements	0.0931
published_at	2026-04-04T12:55:00Z

value	0.00032
scoring_system	epss
scoring_elements	0.09227
published_at	2026-04-07T12:55:00Z

value	0.00032
scoring_system	epss
scoring_elements	0.09302
published_at	2026-04-08T12:55:00Z

value	0.00032
scoring_system	epss
scoring_elements	0.09346
published_at	2026-04-09T12:55:00Z

value	0.00032
scoring_system	epss
scoring_elements	0.09356
published_at	2026-04-11T12:55:00Z

value	0.00032
scoring_system	epss
scoring_elements	0.09328
published_at	2026-04-12T12:55:00Z

value	0.00032
scoring_system	epss
scoring_elements	0.09314
published_at	2026-04-13T12:55:00Z

value	0.00032
scoring_system	epss
scoring_elements	0.09205
published_at	2026-04-16T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2026-21932

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-21932
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-21932

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1126119
reference_id	1126119
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1126119

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2429925
reference_id	2429925
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2429925

reference_url

https://www.oracle.com/security-alerts/cpujan2026.html

reference_id

cpujan2026.html

reference_type

scores

value	7.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-21T20:55:36Z/

url

https://www.oracle.com/security-alerts/cpujan2026.html

reference_url	https://access.redhat.com/errata/RHSA-2026:0849
reference_id	RHSA-2026:0849
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:0849

reference_url	https://access.redhat.com/errata/RHSA-2026:0896
reference_id	RHSA-2026:0896
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:0896

reference_url	https://access.redhat.com/errata/RHSA-2026:0898
reference_id	RHSA-2026:0898
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:0898

reference_url	https://access.redhat.com/errata/RHSA-2026:0900
reference_id	RHSA-2026:0900
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:0900

reference_url	https://access.redhat.com/errata/RHSA-2026:1606
reference_id	RHSA-2026:1606
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:1606

reference_url	https://usn.ubuntu.com/7995-1/
reference_id	USN-7995-1
reference_type
scores
url	https://usn.ubuntu.com/7995-1/

reference_url	https://usn.ubuntu.com/7996-1/
reference_id	USN-7996-1
reference_type
scores
url	https://usn.ubuntu.com/7996-1/

reference_url	https://usn.ubuntu.com/7997-1/
reference_id	USN-7997-1
reference_type
scores
url	https://usn.ubuntu.com/7997-1/

reference_url	https://usn.ubuntu.com/7998-1/
reference_id	USN-7998-1
reference_type
scores
url	https://usn.ubuntu.com/7998-1/

reference_url	https://usn.ubuntu.com/8000-1/
reference_id	USN-8000-1
reference_type
scores
url	https://usn.ubuntu.com/8000-1/

reference_url	https://usn.ubuntu.com/8001-1/
reference_id	USN-8001-1
reference_type
scores
url	https://usn.ubuntu.com/8001-1/

reference_url	https://usn.ubuntu.com/8002-1/
reference_id	USN-8002-1
reference_type
scores
url	https://usn.ubuntu.com/8002-1/

reference_url	https://usn.ubuntu.com/8003-1/
reference_id	USN-8003-1
reference_type
scores
url	https://usn.ubuntu.com/8003-1/

fixed_packages

url	pkg:deb/debian/openjdk-17@17.0.18%2B8-1~deb12u1
purl	pkg:deb/debian/openjdk-17@17.0.18%2B8-1~deb12u1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.18%252B8-1~deb12u1

aliases CVE-2026-21932

risk_score 3.4

exploitability 0.5

weighted_severity 6.7

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-duy9-6f1p-vqah

url VCID-e6dm-6767-9kdk

vulnerability_id VCID-e6dm-6767-9kdk

summary openjdk: Improve HTTP client header handling (Oracle CPU 2025-07)

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-50059.json

reference_id

reference_type

scores

value	8.6
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-50059.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-50059

reference_id

reference_type

scores

value	0.00128
scoring_system	epss
scoring_elements	0.32274
published_at	2026-04-02T12:55:00Z

value	0.00128
scoring_system	epss
scoring_elements	0.32212
published_at	2026-04-09T12:55:00Z

value	0.00128
scoring_system	epss
scoring_elements	0.32311
published_at	2026-04-04T12:55:00Z

value	0.00128
scoring_system	epss
scoring_elements	0.32136
published_at	2026-04-07T12:55:00Z

value	0.00128
scoring_system	epss
scoring_elements	0.32185
published_at	2026-04-08T12:55:00Z

value	0.00131
scoring_system	epss
scoring_elements	0.32589
published_at	2026-04-21T12:55:00Z

value	0.00131
scoring_system	epss
scoring_elements	0.32317
published_at	2026-04-26T12:55:00Z

value	0.00131
scoring_system	epss
scoring_elements	0.32641
published_at	2026-04-16T12:55:00Z

value	0.00131
scoring_system	epss
scoring_elements	0.32619
published_at	2026-04-18T12:55:00Z

value	0.00131
scoring_system	epss
scoring_elements	0.32433
published_at	2026-04-24T12:55:00Z

value	0.00131
scoring_system	epss
scoring_elements	0.32669
published_at	2026-04-11T12:55:00Z

value	0.00131
scoring_system	epss
scoring_elements	0.32631
published_at	2026-04-12T12:55:00Z

value	0.00131
scoring_system	epss
scoring_elements	0.32603
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-50059

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-50059
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-50059

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	8.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2376785
reference_id	2376785
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2376785

reference_url

https://www.oracle.com/security-alerts/cpujul2025.html

reference_id

cpujul2025.html

reference_type

scores

value	8.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-07-16T14:42:42Z/

url

https://www.oracle.com/security-alerts/cpujul2025.html

reference_url	https://access.redhat.com/errata/RHSA-2025:10865
reference_id	RHSA-2025:10865
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:10865

reference_url	https://access.redhat.com/errata/RHSA-2025:10866
reference_id	RHSA-2025:10866
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:10866

reference_url	https://access.redhat.com/errata/RHSA-2025:10867
reference_id	RHSA-2025:10867
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:10867

reference_url	https://access.redhat.com/errata/RHSA-2025:10868
reference_id	RHSA-2025:10868
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:10868

reference_url	https://access.redhat.com/errata/RHSA-2025:10869
reference_id	RHSA-2025:10869
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:10869

reference_url	https://access.redhat.com/errata/RHSA-2025:10870
reference_id	RHSA-2025:10870
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:10870

reference_url	https://access.redhat.com/errata/RHSA-2025:10873
reference_id	RHSA-2025:10873
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:10873

reference_url	https://access.redhat.com/errata/RHSA-2025:10874
reference_id	RHSA-2025:10874
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:10874

reference_url	https://access.redhat.com/errata/RHSA-2025:10875
reference_id	RHSA-2025:10875
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:10875

reference_url	https://access.redhat.com/errata/RHSA-2025:13656
reference_id	RHSA-2025:13656
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:13656

reference_url	https://access.redhat.com/errata/RHSA-2026:0934
reference_id	RHSA-2026:0934
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:0934

reference_url	https://usn.ubuntu.com/7668-1/
reference_id	USN-7668-1
reference_type
scores
url	https://usn.ubuntu.com/7668-1/

reference_url	https://usn.ubuntu.com/7669-1/
reference_id	USN-7669-1
reference_type
scores
url	https://usn.ubuntu.com/7669-1/

reference_url	https://usn.ubuntu.com/7672-1/
reference_id	USN-7672-1
reference_type
scores
url	https://usn.ubuntu.com/7672-1/

reference_url	https://usn.ubuntu.com/7673-1/
reference_id	USN-7673-1
reference_type
scores
url	https://usn.ubuntu.com/7673-1/

reference_url	https://usn.ubuntu.com/7674-1/
reference_id	USN-7674-1
reference_type
scores
url	https://usn.ubuntu.com/7674-1/

reference_url	https://usn.ubuntu.com/7690-1/
reference_id	USN-7690-1
reference_type
scores
url	https://usn.ubuntu.com/7690-1/

fixed_packages

url pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1

purl pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1gha-995s-7qdg

vulnerability	VCID-4snj-etwf-eqe8

vulnerability	VCID-57sd-8y93-qqhu

vulnerability	VCID-6r1k-8y1c-q7fm

vulnerability	VCID-apsn-z1br-3bdy

vulnerability	VCID-duy9-6f1p-vqah

vulnerability	VCID-jxgd-j4wr-tyb7

vulnerability	VCID-mt9c-tby1-wqe9

vulnerability	VCID-sz6r-65q1-q3bh

vulnerability	VCID-xte1-h9nn-4bbk

vulnerability	VCID-zsun-4q6p-8fek

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.17%252B10-1~deb12u1

aliases CVE-2025-50059

risk_score 3.9

exploitability 0.5

weighted_severity 7.7

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-e6dm-6767-9kdk

url VCID-jxgd-j4wr-tyb7

vulnerability_id VCID-jxgd-j4wr-tyb7

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-34268.json

reference_id

reference_type

scores

value	2.9
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-34268.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2026-34268

reference_id

reference_type

scores

value	0.00012
scoring_system	epss
scoring_elements	0.01704
published_at	2026-04-24T12:55:00Z

value	0.00012
scoring_system	epss
scoring_elements	0.01698
published_at	2026-04-26T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2026-34268

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-34268
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-34268

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	2.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1134894
reference_id	1134894
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1134894

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2460043
reference_id	2460043
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2460043

reference_url

https://www.oracle.com/security-alerts/cpuapr2026.html

reference_id

cpuapr2026.html

reference_type

scores

value	2.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-22T13:55:07Z/

url

https://www.oracle.com/security-alerts/cpuapr2026.html

reference_url	https://access.redhat.com/errata/RHSA-2026:11403
reference_id	RHSA-2026:11403
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:11403

reference_url	https://access.redhat.com/errata/RHSA-2026:9254
reference_id	RHSA-2026:9254
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:9254

reference_url	https://access.redhat.com/errata/RHSA-2026:9255
reference_id	RHSA-2026:9255
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:9255

reference_url	https://access.redhat.com/errata/RHSA-2026:9256
reference_id	RHSA-2026:9256
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:9256

reference_url	https://access.redhat.com/errata/RHSA-2026:9682
reference_id	RHSA-2026:9682
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:9682

reference_url	https://access.redhat.com/errata/RHSA-2026:9683
reference_id	RHSA-2026:9683
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:9683

reference_url	https://access.redhat.com/errata/RHSA-2026:9684
reference_id	RHSA-2026:9684
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:9684

reference_url	https://access.redhat.com/errata/RHSA-2026:9685
reference_id	RHSA-2026:9685
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:9685

reference_url	https://access.redhat.com/errata/RHSA-2026:9686
reference_id	RHSA-2026:9686
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:9686

reference_url	https://access.redhat.com/errata/RHSA-2026:9687
reference_id	RHSA-2026:9687
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:9687

reference_url	https://access.redhat.com/errata/RHSA-2026:9688
reference_id	RHSA-2026:9688
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:9688

reference_url	https://access.redhat.com/errata/RHSA-2026:9689
reference_id	RHSA-2026:9689
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:9689

reference_url	https://access.redhat.com/errata/RHSA-2026:9690
reference_id	RHSA-2026:9690
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:9690

reference_url	https://access.redhat.com/errata/RHSA-2026:9691
reference_id	RHSA-2026:9691
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:9691

reference_url	https://access.redhat.com/errata/RHSA-2026:9693
reference_id	RHSA-2026:9693
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:9693

reference_url	https://access.redhat.com/errata/RHSA-2026:9694
reference_id	RHSA-2026:9694
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:9694

fixed_packages

url	pkg:deb/debian/openjdk-17@17.0.18%2B8-1~deb12u1
purl	pkg:deb/debian/openjdk-17@17.0.18%2B8-1~deb12u1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.18%252B8-1~deb12u1

aliases CVE-2026-34268

risk_score 1.3

exploitability 0.5

weighted_severity 2.6

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jxgd-j4wr-tyb7

url VCID-mt9c-tby1-wqe9

vulnerability_id VCID-mt9c-tby1-wqe9

summary openjdk: Improve JMX connections (Oracle CPU 2026-01)

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-21925.json

reference_id

reference_type

scores

value	4.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-21925.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2026-21925

reference_id

reference_type

scores

value	0.00035
scoring_system	epss
scoring_elements	0.10163
published_at	2026-04-02T12:55:00Z

value	0.00035
scoring_system	epss
scoring_elements	0.10172
published_at	2026-04-26T12:55:00Z

value	0.00035
scoring_system	epss
scoring_elements	0.10082
published_at	2026-04-18T12:55:00Z

value	0.00035
scoring_system	epss
scoring_elements	0.10215
published_at	2026-04-21T12:55:00Z

value	0.00035
scoring_system	epss
scoring_elements	0.10194
published_at	2026-04-24T12:55:00Z

value	0.00035
scoring_system	epss
scoring_elements	0.10229
published_at	2026-04-04T12:55:00Z

value	0.00035
scoring_system	epss
scoring_elements	0.10125
published_at	2026-04-07T12:55:00Z

value	0.00035
scoring_system	epss
scoring_elements	0.102
published_at	2026-04-08T12:55:00Z

value	0.00035
scoring_system	epss
scoring_elements	0.1026
published_at	2026-04-09T12:55:00Z

value	0.00035
scoring_system	epss
scoring_elements	0.10292
published_at	2026-04-11T12:55:00Z

value	0.00035
scoring_system	epss
scoring_elements	0.10251
published_at	2026-04-12T12:55:00Z

value	0.00035
scoring_system	epss
scoring_elements	0.10232
published_at	2026-04-13T12:55:00Z

value	0.00035
scoring_system	epss
scoring_elements	0.10104
published_at	2026-04-16T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2026-21925

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-21925
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-21925

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1126119
reference_id	1126119
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1126119

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2429924
reference_id	2429924
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2429924

reference_url

https://www.oracle.com/security-alerts/cpujan2026.html

reference_id

cpujan2026.html

reference_type

scores

value	4.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-21T20:50:27Z/

url

https://www.oracle.com/security-alerts/cpujan2026.html

reference_url	https://access.redhat.com/errata/RHSA-2026:0847
reference_id	RHSA-2026:0847
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:0847

reference_url	https://access.redhat.com/errata/RHSA-2026:0848
reference_id	RHSA-2026:0848
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:0848

reference_url	https://access.redhat.com/errata/RHSA-2026:0849
reference_id	RHSA-2026:0849
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:0849

reference_url	https://access.redhat.com/errata/RHSA-2026:0895
reference_id	RHSA-2026:0895
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:0895

reference_url	https://access.redhat.com/errata/RHSA-2026:0896
reference_id	RHSA-2026:0896
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:0896

reference_url	https://access.redhat.com/errata/RHSA-2026:0897
reference_id	RHSA-2026:0897
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:0897

reference_url	https://access.redhat.com/errata/RHSA-2026:0898
reference_id	RHSA-2026:0898
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:0898

reference_url	https://access.redhat.com/errata/RHSA-2026:0899
reference_id	RHSA-2026:0899
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:0899

reference_url	https://access.redhat.com/errata/RHSA-2026:0900
reference_id	RHSA-2026:0900
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:0900

reference_url	https://access.redhat.com/errata/RHSA-2026:0901
reference_id	RHSA-2026:0901
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:0901

reference_url	https://access.redhat.com/errata/RHSA-2026:0927
reference_id	RHSA-2026:0927
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:0927

reference_url	https://access.redhat.com/errata/RHSA-2026:0928
reference_id	RHSA-2026:0928
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:0928

reference_url	https://access.redhat.com/errata/RHSA-2026:0931
reference_id	RHSA-2026:0931
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:0931

reference_url	https://access.redhat.com/errata/RHSA-2026:0932
reference_id	RHSA-2026:0932
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:0932

reference_url	https://access.redhat.com/errata/RHSA-2026:0933
reference_id	RHSA-2026:0933
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:0933

reference_url	https://access.redhat.com/errata/RHSA-2026:1606
reference_id	RHSA-2026:1606
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:1606

reference_url	https://access.redhat.com/errata/RHSA-2026:4832
reference_id	RHSA-2026:4832
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:4832

reference_url	https://usn.ubuntu.com/7995-1/
reference_id	USN-7995-1
reference_type
scores
url	https://usn.ubuntu.com/7995-1/

reference_url	https://usn.ubuntu.com/7996-1/
reference_id	USN-7996-1
reference_type
scores
url	https://usn.ubuntu.com/7996-1/

reference_url	https://usn.ubuntu.com/7997-1/
reference_id	USN-7997-1
reference_type
scores
url	https://usn.ubuntu.com/7997-1/

reference_url	https://usn.ubuntu.com/7998-1/
reference_id	USN-7998-1
reference_type
scores
url	https://usn.ubuntu.com/7998-1/

reference_url	https://usn.ubuntu.com/8000-1/
reference_id	USN-8000-1
reference_type
scores
url	https://usn.ubuntu.com/8000-1/

reference_url	https://usn.ubuntu.com/8001-1/
reference_id	USN-8001-1
reference_type
scores
url	https://usn.ubuntu.com/8001-1/

reference_url	https://usn.ubuntu.com/8002-1/
reference_id	USN-8002-1
reference_type
scores
url	https://usn.ubuntu.com/8002-1/

reference_url	https://usn.ubuntu.com/8003-1/
reference_id	USN-8003-1
reference_type
scores
url	https://usn.ubuntu.com/8003-1/

fixed_packages

url	pkg:deb/debian/openjdk-17@17.0.18%2B8-1~deb12u1
purl	pkg:deb/debian/openjdk-17@17.0.18%2B8-1~deb12u1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.18%252B8-1~deb12u1

aliases CVE-2026-21925

risk_score 2.1

exploitability 0.5

weighted_severity 4.3

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-mt9c-tby1-wqe9

url VCID-ntga-y6cv-a3df

vulnerability_id VCID-ntga-y6cv-a3df

summary openjdk: Enhance array handling (Oracle CPU 2025-01)

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-21502.json

reference_id

reference_type

scores

value	4.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-21502.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-21502

reference_id

reference_type

scores

value	0.002
scoring_system	epss
scoring_elements	0.42064
published_at	2026-04-02T12:55:00Z

value	0.002
scoring_system	epss
scoring_elements	0.41942
published_at	2026-04-26T12:55:00Z

value	0.002
scoring_system	epss
scoring_elements	0.42078
published_at	2026-04-18T12:55:00Z

value	0.002
scoring_system	epss
scoring_elements	0.42008
published_at	2026-04-21T12:55:00Z

value	0.002
scoring_system	epss
scoring_elements	0.41948
published_at	2026-04-24T12:55:00Z

value	0.002
scoring_system	epss
scoring_elements	0.42092
published_at	2026-04-04T12:55:00Z

value	0.002
scoring_system	epss
scoring_elements	0.42029
published_at	2026-04-07T12:55:00Z

value	0.002
scoring_system	epss
scoring_elements	0.42081
published_at	2026-04-08T12:55:00Z

value	0.002
scoring_system	epss
scoring_elements	0.42094
published_at	2026-04-09T12:55:00Z

value	0.002
scoring_system	epss
scoring_elements	0.42116
published_at	2026-04-11T12:55:00Z

value	0.002
scoring_system	epss
scoring_elements	0.42079
published_at	2026-04-12T12:55:00Z

value	0.002
scoring_system	epss
scoring_elements	0.42054
published_at	2026-04-13T12:55:00Z

value	0.002
scoring_system	epss
scoring_elements	0.42104
published_at	2026-04-16T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-21502

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21502
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21502

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2338992
reference_id	2338992
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2338992

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm:20.3.16::::enterprise:::
reference_id	cpe:2.3:a:oracle:graalvm:20.3.16::::enterprise:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm:20.3.16::::enterprise:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm:21.3.12::::enterprise:::
reference_id	cpe:2.3:a:oracle:graalvm:21.3.12::::enterprise:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm:21.3.12::::enterprise:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:17.0.13:::::::*
reference_id	cpe:2.3:a:oracle:graalvm_for_jdk:17.0.13:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:17.0.13:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:21.0.5:::::::*
reference_id	cpe:2.3:a:oracle:graalvm_for_jdk:21.0.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:21.0.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:23.0.1:::::::*
reference_id	cpe:2.3:a:oracle:graalvm_for_jdk:23.0.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:23.0.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:11.0.25:::::::*
reference_id	cpe:2.3:a:oracle:java_se:11.0.25:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:11.0.25:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:17.0.13:::::::*
reference_id	cpe:2.3:a:oracle:java_se:17.0.13:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:17.0.13:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:21.0.5:::::::*
reference_id	cpe:2.3:a:oracle:java_se:21.0.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:21.0.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:23.0.1:::::::*
reference_id	cpe:2.3:a:oracle:java_se:23.0.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:23.0.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:8u431::::enterprise_performance:::
reference_id	cpe:2.3:a:oracle:java_se:8u431::::enterprise_performance:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:8u431::::enterprise_performance:::

reference_url

https://www.oracle.com/security-alerts/cpujan2025.html

reference_id

cpujan2025.html

reference_type

scores

value	4.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T16:29:12Z/

url

https://www.oracle.com/security-alerts/cpujan2025.html

reference_url	https://access.redhat.com/errata/RHSA-2025:0421
reference_id	RHSA-2025:0421
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:0421

reference_url	https://access.redhat.com/errata/RHSA-2025:0422
reference_id	RHSA-2025:0422
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:0422

reference_url	https://access.redhat.com/errata/RHSA-2025:0423
reference_id	RHSA-2025:0423
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:0423

reference_url	https://access.redhat.com/errata/RHSA-2025:0424
reference_id	RHSA-2025:0424
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:0424

reference_url	https://access.redhat.com/errata/RHSA-2025:0425
reference_id	RHSA-2025:0425
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:0425

reference_url	https://access.redhat.com/errata/RHSA-2025:0426
reference_id	RHSA-2025:0426
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:0426

reference_url	https://access.redhat.com/errata/RHSA-2025:0427
reference_id	RHSA-2025:0427
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:0427

reference_url	https://access.redhat.com/errata/RHSA-2025:0428
reference_id	RHSA-2025:0428
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:0428

reference_url	https://access.redhat.com/errata/RHSA-2025:0429
reference_id	RHSA-2025:0429
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:0429

reference_url	https://access.redhat.com/errata/RHSA-2025:1154
reference_id	RHSA-2025:1154
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:1154

reference_url	https://access.redhat.com/errata/RHSA-2025:2615
reference_id	RHSA-2025:2615
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:2615

reference_url	https://usn.ubuntu.com/7252-1/
reference_id	USN-7252-1
reference_type
scores
url	https://usn.ubuntu.com/7252-1/

reference_url	https://usn.ubuntu.com/7253-1/
reference_id	USN-7253-1
reference_type
scores
url	https://usn.ubuntu.com/7253-1/

reference_url	https://usn.ubuntu.com/7254-1/
reference_id	USN-7254-1
reference_type
scores
url	https://usn.ubuntu.com/7254-1/

reference_url	https://usn.ubuntu.com/7255-1/
reference_id	USN-7255-1
reference_type
scores
url	https://usn.ubuntu.com/7255-1/

reference_url	https://usn.ubuntu.com/7338-1/
reference_id	USN-7338-1
reference_type
scores
url	https://usn.ubuntu.com/7338-1/

reference_url	https://usn.ubuntu.com/7339-1/
reference_id	USN-7339-1
reference_type
scores
url	https://usn.ubuntu.com/7339-1/

fixed_packages

url pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1

purl pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1gha-995s-7qdg

vulnerability	VCID-4snj-etwf-eqe8

vulnerability	VCID-57sd-8y93-qqhu

vulnerability	VCID-6r1k-8y1c-q7fm

vulnerability	VCID-apsn-z1br-3bdy

vulnerability	VCID-duy9-6f1p-vqah

vulnerability	VCID-jxgd-j4wr-tyb7

vulnerability	VCID-mt9c-tby1-wqe9

vulnerability	VCID-sz6r-65q1-q3bh

vulnerability	VCID-xte1-h9nn-4bbk

vulnerability	VCID-zsun-4q6p-8fek

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.17%252B10-1~deb12u1

aliases CVE-2025-21502

risk_score 2.1

exploitability 0.5

weighted_severity 4.3

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ntga-y6cv-a3df

url VCID-nxx8-nehy-qyhg

vulnerability_id VCID-nxx8-nehy-qyhg

summary openjdk: Enhance Path Factories (Oracle CPU 2025-10)

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-53066.json

reference_id

reference_type

scores

value	4.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-53066.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-53066

reference_id

reference_type

scores

value	0.00055
scoring_system	epss
scoring_elements	0.17286
published_at	2026-04-02T12:55:00Z

value	0.00055
scoring_system	epss
scoring_elements	0.17002
published_at	2026-04-26T12:55:00Z

value	0.00055
scoring_system	epss
scoring_elements	0.17078
published_at	2026-04-18T12:55:00Z

value	0.00055
scoring_system	epss
scoring_elements	0.17113
published_at	2026-04-21T12:55:00Z

value	0.00055
scoring_system	epss
scoring_elements	0.17019
published_at	2026-04-24T12:55:00Z

value	0.00055
scoring_system	epss
scoring_elements	0.17335
published_at	2026-04-04T12:55:00Z

value	0.00055
scoring_system	epss
scoring_elements	0.17115
published_at	2026-04-07T12:55:00Z

value	0.00055
scoring_system	epss
scoring_elements	0.17207
published_at	2026-04-08T12:55:00Z

value	0.00055
scoring_system	epss
scoring_elements	0.17263
published_at	2026-04-09T12:55:00Z

value	0.00055
scoring_system	epss
scoring_elements	0.17241
published_at	2026-04-11T12:55:00Z

value	0.00055
scoring_system	epss
scoring_elements	0.17193
published_at	2026-04-12T12:55:00Z

value	0.00055
scoring_system	epss
scoring_elements	0.17132
published_at	2026-04-13T12:55:00Z

value	0.00055
scoring_system	epss
scoring_elements	0.17073
published_at	2026-04-16T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-53066

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-53066
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-53066

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1118944
reference_id	1118944
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1118944

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2403063
reference_id	2403063
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2403063

reference_url

https://www.oracle.com/security-alerts/cpuoct2025.html

reference_id

cpuoct2025.html

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-22T19:44:34Z/

url

https://www.oracle.com/security-alerts/cpuoct2025.html

reference_url	https://access.redhat.com/errata/RHSA-2025:18814
reference_id	RHSA-2025:18814
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:18814

reference_url	https://access.redhat.com/errata/RHSA-2025:18815
reference_id	RHSA-2025:18815
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:18815

reference_url	https://access.redhat.com/errata/RHSA-2025:18816
reference_id	RHSA-2025:18816
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:18816

reference_url	https://access.redhat.com/errata/RHSA-2025:18817
reference_id	RHSA-2025:18817
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:18817

reference_url	https://access.redhat.com/errata/RHSA-2025:18818
reference_id	RHSA-2025:18818
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:18818

reference_url	https://access.redhat.com/errata/RHSA-2025:18819
reference_id	RHSA-2025:18819
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:18819

reference_url	https://access.redhat.com/errata/RHSA-2025:18820
reference_id	RHSA-2025:18820
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:18820

reference_url	https://access.redhat.com/errata/RHSA-2025:18821
reference_id	RHSA-2025:18821
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:18821

reference_url	https://access.redhat.com/errata/RHSA-2025:18822
reference_id	RHSA-2025:18822
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:18822

reference_url	https://access.redhat.com/errata/RHSA-2025:18823
reference_id	RHSA-2025:18823
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:18823

reference_url	https://access.redhat.com/errata/RHSA-2025:18824
reference_id	RHSA-2025:18824
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:18824

reference_url	https://access.redhat.com/errata/RHSA-2025:18825
reference_id	RHSA-2025:18825
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:18825

reference_url	https://access.redhat.com/errata/RHSA-2025:18826
reference_id	RHSA-2025:18826
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:18826

reference_url	https://access.redhat.com/errata/RHSA-2025:21485
reference_id	RHSA-2025:21485
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:21485

reference_url	https://access.redhat.com/errata/RHSA-2025:22370
reference_id	RHSA-2025:22370
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:22370

reference_url	https://access.redhat.com/errata/RHSA-2025:22672
reference_id	RHSA-2025:22672
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:22672

reference_url	https://usn.ubuntu.com/7881-1/
reference_id	USN-7881-1
reference_type
scores
url	https://usn.ubuntu.com/7881-1/

reference_url	https://usn.ubuntu.com/7882-1/
reference_id	USN-7882-1
reference_type
scores
url	https://usn.ubuntu.com/7882-1/

reference_url	https://usn.ubuntu.com/7883-1/
reference_id	USN-7883-1
reference_type
scores
url	https://usn.ubuntu.com/7883-1/

reference_url	https://usn.ubuntu.com/7884-1/
reference_id	USN-7884-1
reference_type
scores
url	https://usn.ubuntu.com/7884-1/

reference_url	https://usn.ubuntu.com/7885-1/
reference_id	USN-7885-1
reference_type
scores
url	https://usn.ubuntu.com/7885-1/

reference_url	https://usn.ubuntu.com/7900-1/
reference_id	USN-7900-1
reference_type
scores
url	https://usn.ubuntu.com/7900-1/

reference_url	https://usn.ubuntu.com/7901-1/
reference_id	USN-7901-1
reference_type
scores
url	https://usn.ubuntu.com/7901-1/

reference_url	https://usn.ubuntu.com/7902-1/
reference_id	USN-7902-1
reference_type
scores
url	https://usn.ubuntu.com/7902-1/

fixed_packages

url pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1

purl pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1gha-995s-7qdg

vulnerability	VCID-4snj-etwf-eqe8

vulnerability	VCID-57sd-8y93-qqhu

vulnerability	VCID-6r1k-8y1c-q7fm

vulnerability	VCID-apsn-z1br-3bdy

vulnerability	VCID-duy9-6f1p-vqah

vulnerability	VCID-jxgd-j4wr-tyb7

vulnerability	VCID-mt9c-tby1-wqe9

vulnerability	VCID-sz6r-65q1-q3bh

vulnerability	VCID-xte1-h9nn-4bbk

vulnerability	VCID-zsun-4q6p-8fek

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.17%252B10-1~deb12u1

aliases CVE-2025-53066

risk_score 2.6

exploitability 0.5

weighted_severity 5.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-nxx8-nehy-qyhg

url VCID-p9na-7jta-9yg4

vulnerability_id VCID-p9na-7jta-9yg4

summary openjdk: Enhance TLS protocol support (Oracle CPU 2025-07)

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-30754.json

reference_id

reference_type

scores

value	4.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-30754.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-30754

reference_id

reference_type

scores

value	0.0009
scoring_system	epss
scoring_elements	0.25474
published_at	2026-04-21T12:55:00Z

value	0.00114
scoring_system	epss
scoring_elements	0.29988
published_at	2026-04-09T12:55:00Z

value	0.00114
scoring_system	epss
scoring_elements	0.3003
published_at	2026-04-02T12:55:00Z

value	0.00114
scoring_system	epss
scoring_elements	0.30077
published_at	2026-04-04T12:55:00Z

value	0.00114
scoring_system	epss
scoring_elements	0.29891
published_at	2026-04-07T12:55:00Z

value	0.00114
scoring_system	epss
scoring_elements	0.29952
published_at	2026-04-08T12:55:00Z

value	0.00116
scoring_system	epss
scoring_elements	0.30194
published_at	2026-04-24T12:55:00Z

value	0.00116
scoring_system	epss
scoring_elements	0.30321
published_at	2026-04-16T12:55:00Z

value	0.00116
scoring_system	epss
scoring_elements	0.30304
published_at	2026-04-18T12:55:00Z

value	0.00116
scoring_system	epss
scoring_elements	0.30078
published_at	2026-04-26T12:55:00Z

value	0.00116
scoring_system	epss
scoring_elements	0.30396
published_at	2026-04-11T12:55:00Z

value	0.00116
scoring_system	epss
scoring_elements	0.30352
published_at	2026-04-12T12:55:00Z

value	0.00116
scoring_system	epss
scoring_elements	0.30305
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-30754

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-30754
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-30754

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2376784
reference_id	2376784
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2376784

reference_url

https://www.oracle.com/security-alerts/cpujul2025.html

reference_id

cpujul2025.html

reference_type

scores

value	4.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-16T15:31:20Z/

url

https://www.oracle.com/security-alerts/cpujul2025.html

reference_url	https://access.redhat.com/errata/RHSA-2025:10861
reference_id	RHSA-2025:10861
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:10861

reference_url	https://access.redhat.com/errata/RHSA-2025:10862
reference_id	RHSA-2025:10862
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:10862

reference_url	https://access.redhat.com/errata/RHSA-2025:10863
reference_id	RHSA-2025:10863
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:10863

reference_url	https://access.redhat.com/errata/RHSA-2025:10864
reference_id	RHSA-2025:10864
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:10864

reference_url	https://access.redhat.com/errata/RHSA-2025:10865
reference_id	RHSA-2025:10865
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:10865

reference_url	https://access.redhat.com/errata/RHSA-2025:10866
reference_id	RHSA-2025:10866
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:10866

reference_url	https://access.redhat.com/errata/RHSA-2025:10867
reference_id	RHSA-2025:10867
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:10867

reference_url	https://access.redhat.com/errata/RHSA-2025:10868
reference_id	RHSA-2025:10868
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:10868

reference_url	https://access.redhat.com/errata/RHSA-2025:10869
reference_id	RHSA-2025:10869
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:10869

reference_url	https://access.redhat.com/errata/RHSA-2025:10870
reference_id	RHSA-2025:10870
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:10870

reference_url	https://access.redhat.com/errata/RHSA-2025:10873
reference_id	RHSA-2025:10873
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:10873

reference_url	https://access.redhat.com/errata/RHSA-2025:10874
reference_id	RHSA-2025:10874
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:10874

reference_url	https://access.redhat.com/errata/RHSA-2025:10875
reference_id	RHSA-2025:10875
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:10875

reference_url	https://access.redhat.com/errata/RHSA-2025:13656
reference_id	RHSA-2025:13656
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:13656

reference_url	https://access.redhat.com/errata/RHSA-2025:13675
reference_id	RHSA-2025:13675
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:13675

reference_url	https://usn.ubuntu.com/7667-1/
reference_id	USN-7667-1
reference_type
scores
url	https://usn.ubuntu.com/7667-1/

reference_url	https://usn.ubuntu.com/7668-1/
reference_id	USN-7668-1
reference_type
scores
url	https://usn.ubuntu.com/7668-1/

reference_url	https://usn.ubuntu.com/7669-1/
reference_id	USN-7669-1
reference_type
scores
url	https://usn.ubuntu.com/7669-1/

reference_url	https://usn.ubuntu.com/7672-1/
reference_id	USN-7672-1
reference_type
scores
url	https://usn.ubuntu.com/7672-1/

reference_url	https://usn.ubuntu.com/7673-1/
reference_id	USN-7673-1
reference_type
scores
url	https://usn.ubuntu.com/7673-1/

reference_url	https://usn.ubuntu.com/7674-1/
reference_id	USN-7674-1
reference_type
scores
url	https://usn.ubuntu.com/7674-1/

reference_url	https://usn.ubuntu.com/7690-1/
reference_id	USN-7690-1
reference_type
scores
url	https://usn.ubuntu.com/7690-1/

fixed_packages

url pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1

purl pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1gha-995s-7qdg

vulnerability	VCID-4snj-etwf-eqe8

vulnerability	VCID-57sd-8y93-qqhu

vulnerability	VCID-6r1k-8y1c-q7fm

vulnerability	VCID-apsn-z1br-3bdy

vulnerability	VCID-duy9-6f1p-vqah

vulnerability	VCID-jxgd-j4wr-tyb7

vulnerability	VCID-mt9c-tby1-wqe9

vulnerability	VCID-sz6r-65q1-q3bh

vulnerability	VCID-xte1-h9nn-4bbk

vulnerability	VCID-zsun-4q6p-8fek

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.17%252B10-1~deb12u1

aliases CVE-2025-30754

risk_score 2.1

exploitability 0.5

weighted_severity 4.3

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-p9na-7jta-9yg4

url VCID-sz6r-65q1-q3bh

vulnerability_id VCID-sz6r-65q1-q3bh

summary Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE). Supported versions that are affected are Oracle Java SE: 8u481, 8u481-b50, 8u481-perf, 11.0.30, 17.0.18, 21.0.10, 25.0.2, 26; Oracle GraalVM for JDK: 17.0.18 and 21.0.10; Oracle GraalVM Enterprise Edition: 21.3.17. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. CVSS 3.1 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-22021.json

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-22021.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2026-22021

reference_id

reference_type

scores

value	0.00039
scoring_system	epss
scoring_elements	0.11666
published_at	2026-04-24T12:55:00Z

value	0.00039
scoring_system	epss
scoring_elements	0.11627
published_at	2026-04-26T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2026-22021

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-22021
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-22021

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1134894
reference_id	1134894
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1134894

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2460042
reference_id	2460042
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2460042

reference_url

https://www.oracle.com/security-alerts/cpuapr2026.html

reference_id

cpuapr2026.html

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-22T13:58:16Z/

url

https://www.oracle.com/security-alerts/cpuapr2026.html

reference_url	https://access.redhat.com/errata/RHSA-2026:11403
reference_id	RHSA-2026:11403
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:11403

reference_url	https://access.redhat.com/errata/RHSA-2026:9254
reference_id	RHSA-2026:9254
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:9254

reference_url	https://access.redhat.com/errata/RHSA-2026:9255
reference_id	RHSA-2026:9255
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:9255

reference_url	https://access.redhat.com/errata/RHSA-2026:9256
reference_id	RHSA-2026:9256
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:9256

reference_url	https://access.redhat.com/errata/RHSA-2026:9682
reference_id	RHSA-2026:9682
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:9682

reference_url	https://access.redhat.com/errata/RHSA-2026:9683
reference_id	RHSA-2026:9683
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:9683

reference_url	https://access.redhat.com/errata/RHSA-2026:9684
reference_id	RHSA-2026:9684
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:9684

reference_url	https://access.redhat.com/errata/RHSA-2026:9685
reference_id	RHSA-2026:9685
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:9685

reference_url	https://access.redhat.com/errata/RHSA-2026:9686
reference_id	RHSA-2026:9686
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:9686

reference_url	https://access.redhat.com/errata/RHSA-2026:9687
reference_id	RHSA-2026:9687
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:9687

reference_url	https://access.redhat.com/errata/RHSA-2026:9688
reference_id	RHSA-2026:9688
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:9688

reference_url	https://access.redhat.com/errata/RHSA-2026:9689
reference_id	RHSA-2026:9689
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:9689

reference_url	https://access.redhat.com/errata/RHSA-2026:9690
reference_id	RHSA-2026:9690
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:9690

reference_url	https://access.redhat.com/errata/RHSA-2026:9691
reference_id	RHSA-2026:9691
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:9691

reference_url	https://access.redhat.com/errata/RHSA-2026:9693
reference_id	RHSA-2026:9693
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:9693

reference_url	https://access.redhat.com/errata/RHSA-2026:9694
reference_id	RHSA-2026:9694
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:9694

fixed_packages

url	pkg:deb/debian/openjdk-17@17.0.18%2B8-1~deb12u1
purl	pkg:deb/debian/openjdk-17@17.0.18%2B8-1~deb12u1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.18%252B8-1~deb12u1

aliases CVE-2026-22021

risk_score 2.4

exploitability 0.5

weighted_severity 4.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-sz6r-65q1-q3bh

url VCID-u81s-cs95-4yhx

vulnerability_id VCID-u81s-cs95-4yhx

summary openjdk: Better TLS connection support (Oracle CPU 2025-04)

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-21587.json

reference_id

reference_type

scores

value	7.4
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-21587.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-21587

reference_id

reference_type

scores

value	0.00575
scoring_system	epss
scoring_elements	0.687
published_at	2026-04-02T12:55:00Z

value	0.00575
scoring_system	epss
scoring_elements	0.6883
published_at	2026-04-26T12:55:00Z

value	0.00575
scoring_system	epss
scoring_elements	0.68798
published_at	2026-04-18T12:55:00Z

value	0.00575
scoring_system	epss
scoring_elements	0.68776
published_at	2026-04-21T12:55:00Z

value	0.00575
scoring_system	epss
scoring_elements	0.68825
published_at	2026-04-24T12:55:00Z

value	0.00575
scoring_system	epss
scoring_elements	0.68718
published_at	2026-04-04T12:55:00Z

value	0.00575
scoring_system	epss
scoring_elements	0.68696
published_at	2026-04-07T12:55:00Z

value	0.00575
scoring_system	epss
scoring_elements	0.68748
published_at	2026-04-08T12:55:00Z

value	0.00575
scoring_system	epss
scoring_elements	0.68767
published_at	2026-04-09T12:55:00Z

value	0.00575
scoring_system	epss
scoring_elements	0.68789
published_at	2026-04-11T12:55:00Z

value	0.00575
scoring_system	epss
scoring_elements	0.68775
published_at	2026-04-12T12:55:00Z

value	0.00575
scoring_system	epss
scoring_elements	0.68746
published_at	2026-04-13T12:55:00Z

value	0.00575
scoring_system	epss
scoring_elements	0.68788
published_at	2026-04-16T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-21587

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21587
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21587

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103897
reference_id	1103897
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103897

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103898
reference_id	1103898
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103898

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103899
reference_id	1103899
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103899

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103900
reference_id	1103900
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103900

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2359695
reference_id	2359695
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2359695

reference_url

https://www.oracle.com/security-alerts/cpuapr2025.html

reference_id

cpuapr2025.html

reference_type

scores

value	7.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-17T03:55:41Z/

url

https://www.oracle.com/security-alerts/cpuapr2025.html

reference_url	https://access.redhat.com/errata/RHSA-2025:3844
reference_id	RHSA-2025:3844
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:3844

reference_url	https://access.redhat.com/errata/RHSA-2025:3845
reference_id	RHSA-2025:3845
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:3845

reference_url	https://access.redhat.com/errata/RHSA-2025:3846
reference_id	RHSA-2025:3846
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:3846

reference_url	https://access.redhat.com/errata/RHSA-2025:3847
reference_id	RHSA-2025:3847
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:3847

reference_url	https://access.redhat.com/errata/RHSA-2025:3848
reference_id	RHSA-2025:3848
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:3848

reference_url	https://access.redhat.com/errata/RHSA-2025:3849
reference_id	RHSA-2025:3849
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:3849

reference_url	https://access.redhat.com/errata/RHSA-2025:3850
reference_id	RHSA-2025:3850
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:3850

reference_url	https://access.redhat.com/errata/RHSA-2025:3852
reference_id	RHSA-2025:3852
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:3852

reference_url	https://access.redhat.com/errata/RHSA-2025:3853
reference_id	RHSA-2025:3853
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:3853

reference_url	https://access.redhat.com/errata/RHSA-2025:3854
reference_id	RHSA-2025:3854
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:3854

reference_url	https://access.redhat.com/errata/RHSA-2025:3855
reference_id	RHSA-2025:3855
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:3855

reference_url	https://access.redhat.com/errata/RHSA-2025:3856
reference_id	RHSA-2025:3856
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:3856

reference_url	https://access.redhat.com/errata/RHSA-2025:3857
reference_id	RHSA-2025:3857
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:3857

reference_url	https://access.redhat.com/errata/RHSA-2025:7508
reference_id	RHSA-2025:7508
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:7508

reference_url	https://access.redhat.com/errata/RHSA-2025:8063
reference_id	RHSA-2025:8063
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:8063

reference_url	https://access.redhat.com/errata/RHSA-2025:8431
reference_id	RHSA-2025:8431
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:8431

reference_url	https://usn.ubuntu.com/7480-1/
reference_id	USN-7480-1
reference_type
scores
url	https://usn.ubuntu.com/7480-1/

reference_url	https://usn.ubuntu.com/7481-1/
reference_id	USN-7481-1
reference_type
scores
url	https://usn.ubuntu.com/7481-1/

reference_url	https://usn.ubuntu.com/7482-1/
reference_id	USN-7482-1
reference_type
scores
url	https://usn.ubuntu.com/7482-1/

reference_url	https://usn.ubuntu.com/7483-1/
reference_id	USN-7483-1
reference_type
scores
url	https://usn.ubuntu.com/7483-1/

reference_url	https://usn.ubuntu.com/7484-1/
reference_id	USN-7484-1
reference_type
scores
url	https://usn.ubuntu.com/7484-1/

reference_url	https://usn.ubuntu.com/7531-1/
reference_id	USN-7531-1
reference_type
scores
url	https://usn.ubuntu.com/7531-1/

reference_url	https://usn.ubuntu.com/7533-1/
reference_id	USN-7533-1
reference_type
scores
url	https://usn.ubuntu.com/7533-1/

fixed_packages

url pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1

purl pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1gha-995s-7qdg

vulnerability	VCID-4snj-etwf-eqe8

vulnerability	VCID-57sd-8y93-qqhu

vulnerability	VCID-6r1k-8y1c-q7fm

vulnerability	VCID-apsn-z1br-3bdy

vulnerability	VCID-duy9-6f1p-vqah

vulnerability	VCID-jxgd-j4wr-tyb7

vulnerability	VCID-mt9c-tby1-wqe9

vulnerability	VCID-sz6r-65q1-q3bh

vulnerability	VCID-xte1-h9nn-4bbk

vulnerability	VCID-zsun-4q6p-8fek

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.17%252B10-1~deb12u1

aliases CVE-2025-21587

risk_score 3.4

exploitability 0.5

weighted_severity 6.7

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-u81s-cs95-4yhx

url VCID-vbw8-4j9f-eya5

vulnerability_id VCID-vbw8-4j9f-eya5

summary openjdk: Glyph out-of-memory access and crash (Oracle CPU 2025-07)

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-50106.json

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-50106.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-50106

reference_id

reference_type

scores

value	0.00201
scoring_system	epss
scoring_elements	0.42096
published_at	2026-04-21T12:55:00Z

value	0.00232
scoring_system	epss
scoring_elements	0.46089
published_at	2026-04-09T12:55:00Z

value	0.00232
scoring_system	epss
scoring_elements	0.46067
published_at	2026-04-02T12:55:00Z

value	0.00232
scoring_system	epss
scoring_elements	0.46088
published_at	2026-04-04T12:55:00Z

value	0.00232
scoring_system	epss
scoring_elements	0.46035
published_at	2026-04-07T12:55:00Z

value	0.00232
scoring_system	epss
scoring_elements	0.46091
published_at	2026-04-08T12:55:00Z

value	0.00259
scoring_system	epss
scoring_elements	0.49246
published_at	2026-04-24T12:55:00Z

value	0.00259
scoring_system	epss
scoring_elements	0.49292
published_at	2026-04-16T12:55:00Z

value	0.00259
scoring_system	epss
scoring_elements	0.49288
published_at	2026-04-18T12:55:00Z

value	0.00259
scoring_system	epss
scoring_elements	0.49255
published_at	2026-04-26T12:55:00Z

value	0.00259
scoring_system	epss
scoring_elements	0.49267
published_at	2026-04-11T12:55:00Z

value	0.00259
scoring_system	epss
scoring_elements	0.4924
published_at	2026-04-12T12:55:00Z

value	0.00259
scoring_system	epss
scoring_elements	0.49245
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-50106

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-50106
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-50106

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2379031
reference_id	2379031
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2379031

reference_url

https://www.oracle.com/security-alerts/cpujul2025.html

reference_id

cpujul2025.html

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-07-15T20:22:48Z/

url

https://www.oracle.com/security-alerts/cpujul2025.html

reference_url	https://access.redhat.com/errata/RHSA-2025:10861
reference_id	RHSA-2025:10861
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:10861

reference_url	https://access.redhat.com/errata/RHSA-2025:10862
reference_id	RHSA-2025:10862
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:10862

reference_url	https://access.redhat.com/errata/RHSA-2025:10863
reference_id	RHSA-2025:10863
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:10863

reference_url	https://access.redhat.com/errata/RHSA-2025:10864
reference_id	RHSA-2025:10864
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:10864

reference_url	https://access.redhat.com/errata/RHSA-2025:10865
reference_id	RHSA-2025:10865
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:10865

reference_url	https://access.redhat.com/errata/RHSA-2025:10866
reference_id	RHSA-2025:10866
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:10866

reference_url	https://access.redhat.com/errata/RHSA-2025:10867
reference_id	RHSA-2025:10867
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:10867

reference_url	https://access.redhat.com/errata/RHSA-2025:10868
reference_id	RHSA-2025:10868
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:10868

reference_url	https://access.redhat.com/errata/RHSA-2025:10869
reference_id	RHSA-2025:10869
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:10869

reference_url	https://access.redhat.com/errata/RHSA-2025:10870
reference_id	RHSA-2025:10870
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:10870

reference_url	https://access.redhat.com/errata/RHSA-2025:10873
reference_id	RHSA-2025:10873
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:10873

reference_url	https://access.redhat.com/errata/RHSA-2025:10874
reference_id	RHSA-2025:10874
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:10874

reference_url	https://access.redhat.com/errata/RHSA-2025:10875
reference_id	RHSA-2025:10875
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:10875

reference_url	https://access.redhat.com/errata/RHSA-2025:13656
reference_id	RHSA-2025:13656
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:13656

reference_url	https://access.redhat.com/errata/RHSA-2025:13675
reference_id	RHSA-2025:13675
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:13675

reference_url	https://access.redhat.com/errata/RHSA-2026:0934
reference_id	RHSA-2026:0934
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:0934

reference_url	https://usn.ubuntu.com/7667-1/
reference_id	USN-7667-1
reference_type
scores
url	https://usn.ubuntu.com/7667-1/

reference_url	https://usn.ubuntu.com/7668-1/
reference_id	USN-7668-1
reference_type
scores
url	https://usn.ubuntu.com/7668-1/

reference_url	https://usn.ubuntu.com/7669-1/
reference_id	USN-7669-1
reference_type
scores
url	https://usn.ubuntu.com/7669-1/

reference_url	https://usn.ubuntu.com/7672-1/
reference_id	USN-7672-1
reference_type
scores
url	https://usn.ubuntu.com/7672-1/

reference_url	https://usn.ubuntu.com/7673-1/
reference_id	USN-7673-1
reference_type
scores
url	https://usn.ubuntu.com/7673-1/

reference_url	https://usn.ubuntu.com/7674-1/
reference_id	USN-7674-1
reference_type
scores
url	https://usn.ubuntu.com/7674-1/

reference_url	https://usn.ubuntu.com/7690-1/
reference_id	USN-7690-1
reference_type
scores
url	https://usn.ubuntu.com/7690-1/

fixed_packages

url pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1

purl pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1gha-995s-7qdg

vulnerability	VCID-4snj-etwf-eqe8

vulnerability	VCID-57sd-8y93-qqhu

vulnerability	VCID-6r1k-8y1c-q7fm

vulnerability	VCID-apsn-z1br-3bdy

vulnerability	VCID-duy9-6f1p-vqah

vulnerability	VCID-jxgd-j4wr-tyb7

vulnerability	VCID-mt9c-tby1-wqe9

vulnerability	VCID-sz6r-65q1-q3bh

vulnerability	VCID-xte1-h9nn-4bbk

vulnerability	VCID-zsun-4q6p-8fek

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.17%252B10-1~deb12u1

aliases CVE-2025-50106

risk_score 3.6

exploitability 0.5

weighted_severity 7.3

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-vbw8-4j9f-eya5

url VCID-vpnc-yu7r-bqb6

vulnerability_id VCID-vpnc-yu7r-bqb6

summary Multiple vulnerabilities have been discovered in OpenJDK, the worst of which could lead to remote code execution.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21208.json

reference_id

reference_type

scores

value	3.7
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21208.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-21208

reference_id

reference_type

scores

value	0.00054
scoring_system	epss
scoring_elements	0.16899
published_at	2026-04-26T12:55:00Z

value	0.00054
scoring_system	epss
scoring_elements	0.16975
published_at	2026-04-18T12:55:00Z

value	0.00054
scoring_system	epss
scoring_elements	0.17012
published_at	2026-04-21T12:55:00Z

value	0.00054
scoring_system	epss
scoring_elements	0.16915
published_at	2026-04-24T12:55:00Z

value	0.00054
scoring_system	epss
scoring_elements	0.1719
published_at	2026-04-02T12:55:00Z

value	0.00054
scoring_system	epss
scoring_elements	0.17241
published_at	2026-04-04T12:55:00Z

value	0.00054
scoring_system	epss
scoring_elements	0.17021
published_at	2026-04-07T12:55:00Z

value	0.00054
scoring_system	epss
scoring_elements	0.17111
published_at	2026-04-08T12:55:00Z

value	0.00054
scoring_system	epss
scoring_elements	0.17169
published_at	2026-04-09T12:55:00Z

value	0.00054
scoring_system	epss
scoring_elements	0.17144
published_at	2026-04-11T12:55:00Z

value	0.00054
scoring_system	epss
scoring_elements	0.17096
published_at	2026-04-12T12:55:00Z

value	0.00054
scoring_system	epss
scoring_elements	0.17036
published_at	2026-04-13T12:55:00Z

value	0.00054
scoring_system	epss
scoring_elements	0.16971
published_at	2026-04-16T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-21208

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21208
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21208

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	3.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1085696
reference_id	1085696
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1085696

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2318526
reference_id	2318526
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2318526

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm:20.3.15::::enterprise:::
reference_id	cpe:2.3:a:oracle:graalvm:20.3.15::::enterprise:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm:20.3.15::::enterprise:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm:21.3.11::::enterprise:::
reference_id	cpe:2.3:a:oracle:graalvm:21.3.11::::enterprise:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm:21.3.11::::enterprise:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:17.0.12:::::::*
reference_id	cpe:2.3:a:oracle:graalvm_for_jdk:17.0.12:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:17.0.12:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:21.0.4:::::::*
reference_id	cpe:2.3:a:oracle:graalvm_for_jdk:21.0.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:21.0.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:23:::::::*
reference_id	cpe:2.3:a:oracle:graalvm_for_jdk:23:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:23:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:11.0.24:::::::*
reference_id	cpe:2.3:a:oracle:java_se:11.0.24:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:11.0.24:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:17.0.12:::::::*
reference_id	cpe:2.3:a:oracle:java_se:17.0.12:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:17.0.12:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:21.0.4:::::::*
reference_id	cpe:2.3:a:oracle:java_se:21.0.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:21.0.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:23:::::::*
reference_id	cpe:2.3:a:oracle:java_se:23:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:23:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:8u421:::::::*
reference_id	cpe:2.3:a:oracle:java_se:8u421:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:8u421:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:8u421::::enterprise_performance:::
reference_id	cpe:2.3:a:oracle:java_se:8u421::::enterprise_performance:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:8u421::::enterprise_performance:::

reference_url	https://security.gentoo.org/glsa/202412-07
reference_id	GLSA-202412-07
reference_type
scores
url	https://security.gentoo.org/glsa/202412-07

reference_url	https://access.redhat.com/errata/RHSA-2024:10926
reference_id	RHSA-2024:10926
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:10926

reference_url	https://access.redhat.com/errata/RHSA-2024:8116
reference_id	RHSA-2024:8116
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:8116

reference_url	https://access.redhat.com/errata/RHSA-2024:8117
reference_id	RHSA-2024:8117
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:8117

reference_url	https://access.redhat.com/errata/RHSA-2024:8118
reference_id	RHSA-2024:8118
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:8118

reference_url	https://access.redhat.com/errata/RHSA-2024:8119
reference_id	RHSA-2024:8119
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:8119

reference_url	https://access.redhat.com/errata/RHSA-2024:8120
reference_id	RHSA-2024:8120
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:8120

reference_url	https://access.redhat.com/errata/RHSA-2024:8121
reference_id	RHSA-2024:8121
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:8121

reference_url	https://access.redhat.com/errata/RHSA-2024:8122
reference_id	RHSA-2024:8122
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:8122

reference_url	https://access.redhat.com/errata/RHSA-2024:8123
reference_id	RHSA-2024:8123
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:8123

reference_url	https://access.redhat.com/errata/RHSA-2024:8124
reference_id	RHSA-2024:8124
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:8124

reference_url	https://access.redhat.com/errata/RHSA-2024:8125
reference_id	RHSA-2024:8125
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:8125

reference_url	https://access.redhat.com/errata/RHSA-2024:8126
reference_id	RHSA-2024:8126
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:8126

reference_url	https://access.redhat.com/errata/RHSA-2024:8127
reference_id	RHSA-2024:8127
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:8127

reference_url	https://access.redhat.com/errata/RHSA-2024:8128
reference_id	RHSA-2024:8128
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:8128

reference_url	https://access.redhat.com/errata/RHSA-2024:8129
reference_id	RHSA-2024:8129
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:8129

reference_url	https://usn.ubuntu.com/7096-1/
reference_id	USN-7096-1
reference_type
scores
url	https://usn.ubuntu.com/7096-1/

reference_url	https://usn.ubuntu.com/7097-1/
reference_id	USN-7097-1
reference_type
scores
url	https://usn.ubuntu.com/7097-1/

reference_url	https://usn.ubuntu.com/7098-1/
reference_id	USN-7098-1
reference_type
scores
url	https://usn.ubuntu.com/7098-1/

reference_url	https://usn.ubuntu.com/7099-1/
reference_id	USN-7099-1
reference_type
scores
url	https://usn.ubuntu.com/7099-1/

reference_url	https://usn.ubuntu.com/7124-1/
reference_id	USN-7124-1
reference_type
scores
url	https://usn.ubuntu.com/7124-1/

reference_url	https://usn.ubuntu.com/7338-1/
reference_id	USN-7338-1
reference_type
scores
url	https://usn.ubuntu.com/7338-1/

reference_url	https://usn.ubuntu.com/7339-1/
reference_id	USN-7339-1
reference_type
scores
url	https://usn.ubuntu.com/7339-1/

fixed_packages

url pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1

purl pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1gha-995s-7qdg

vulnerability	VCID-4snj-etwf-eqe8

vulnerability	VCID-57sd-8y93-qqhu

vulnerability	VCID-6r1k-8y1c-q7fm

vulnerability	VCID-apsn-z1br-3bdy

vulnerability	VCID-duy9-6f1p-vqah

vulnerability	VCID-jxgd-j4wr-tyb7

vulnerability	VCID-mt9c-tby1-wqe9

vulnerability	VCID-sz6r-65q1-q3bh

vulnerability	VCID-xte1-h9nn-4bbk

vulnerability	VCID-zsun-4q6p-8fek

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.17%252B10-1~deb12u1

aliases CVE-2024-21208

risk_score 1.6

exploitability 0.5

weighted_severity 3.3

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-vpnc-yu7r-bqb6

url VCID-xte1-h9nn-4bbk

vulnerability_id VCID-xte1-h9nn-4bbk

summary Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Oracle Java SE: 8u481, 8u481-b50, 8u481-perf, 11.0.30, 17.0.18, 21.0.10, 25.0.2, 26; Oracle GraalVM for JDK: 17.0.18 and 21.0.10; Oracle GraalVM Enterprise Edition: 21.3.17. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. CVSS 3.1 Base Score 3.7 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L).

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-22018.json

reference_id

reference_type

scores

value	3.7
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-22018.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2026-22018

reference_id

reference_type

scores

value	0.00039
scoring_system	epss
scoring_elements	0.11666
published_at	2026-04-24T12:55:00Z

value	0.00039
scoring_system	epss
scoring_elements	0.11627
published_at	2026-04-26T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2026-22018

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-22018
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-22018

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	3.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1134894
reference_id	1134894
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1134894

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2460041
reference_id	2460041
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2460041

reference_url

https://www.oracle.com/security-alerts/cpuapr2026.html

reference_id

cpuapr2026.html

reference_type

scores

value	3.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-22T14:05:52Z/

url

https://www.oracle.com/security-alerts/cpuapr2026.html

reference_url	https://access.redhat.com/errata/RHSA-2026:11403
reference_id	RHSA-2026:11403
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:11403

reference_url	https://access.redhat.com/errata/RHSA-2026:9254
reference_id	RHSA-2026:9254
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:9254

reference_url	https://access.redhat.com/errata/RHSA-2026:9255
reference_id	RHSA-2026:9255
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:9255

reference_url	https://access.redhat.com/errata/RHSA-2026:9256
reference_id	RHSA-2026:9256
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:9256

reference_url	https://access.redhat.com/errata/RHSA-2026:9682
reference_id	RHSA-2026:9682
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:9682

reference_url	https://access.redhat.com/errata/RHSA-2026:9683
reference_id	RHSA-2026:9683
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:9683

reference_url	https://access.redhat.com/errata/RHSA-2026:9684
reference_id	RHSA-2026:9684
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:9684

reference_url	https://access.redhat.com/errata/RHSA-2026:9685
reference_id	RHSA-2026:9685
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:9685

reference_url	https://access.redhat.com/errata/RHSA-2026:9686
reference_id	RHSA-2026:9686
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:9686

reference_url	https://access.redhat.com/errata/RHSA-2026:9687
reference_id	RHSA-2026:9687
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:9687

reference_url	https://access.redhat.com/errata/RHSA-2026:9688
reference_id	RHSA-2026:9688
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:9688

reference_url	https://access.redhat.com/errata/RHSA-2026:9689
reference_id	RHSA-2026:9689
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:9689

reference_url	https://access.redhat.com/errata/RHSA-2026:9690
reference_id	RHSA-2026:9690
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:9690

reference_url	https://access.redhat.com/errata/RHSA-2026:9691
reference_id	RHSA-2026:9691
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:9691

reference_url	https://access.redhat.com/errata/RHSA-2026:9693
reference_id	RHSA-2026:9693
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:9693

reference_url	https://access.redhat.com/errata/RHSA-2026:9694
reference_id	RHSA-2026:9694
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:9694

fixed_packages

url	pkg:deb/debian/openjdk-17@17.0.18%2B8-1~deb12u1
purl	pkg:deb/debian/openjdk-17@17.0.18%2B8-1~deb12u1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.18%252B8-1~deb12u1

aliases CVE-2026-22018

risk_score 1.6

exploitability 0.5

weighted_severity 3.3

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-xte1-h9nn-4bbk

url VCID-y8bc-k5qu-c7f5

vulnerability_id VCID-y8bc-k5qu-c7f5

summary openjdk: Improve compiler transformations (Oracle CPU 2025-04)

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-30691.json

reference_id

reference_type

scores

value	4.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-30691.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-30691

reference_id

reference_type

scores

value	0.00369
scoring_system	epss
scoring_elements	0.58784
published_at	2026-04-02T12:55:00Z

value	0.00369
scoring_system	epss
scoring_elements	0.58826
published_at	2026-04-26T12:55:00Z

value	0.00369
scoring_system	epss
scoring_elements	0.58814
published_at	2026-04-13T12:55:00Z

value	0.00369
scoring_system	epss
scoring_elements	0.58846
published_at	2026-04-16T12:55:00Z

value	0.00369
scoring_system	epss
scoring_elements	0.58811
published_at	2026-04-24T12:55:00Z

value	0.00369
scoring_system	epss
scoring_elements	0.58805
published_at	2026-04-04T12:55:00Z

value	0.00369
scoring_system	epss
scoring_elements	0.58775
published_at	2026-04-07T12:55:00Z

value	0.00369
scoring_system	epss
scoring_elements	0.58827
published_at	2026-04-21T12:55:00Z

value	0.00369
scoring_system	epss
scoring_elements	0.58833
published_at	2026-04-12T12:55:00Z

value	0.00369
scoring_system	epss
scoring_elements	0.58851
published_at	2026-04-18T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-30691

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-30691
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-30691

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103897
reference_id	1103897
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103897

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103898
reference_id	1103898
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103898

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103899
reference_id	1103899
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103899

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103900
reference_id	1103900
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103900

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2359694
reference_id	2359694
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2359694

reference_url

https://www.oracle.com/security-alerts/cpuapr2025.html

reference_id

cpuapr2025.html

reference_type

scores

value	4.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-16T14:24:18Z/

url

https://www.oracle.com/security-alerts/cpuapr2025.html

reference_url	https://access.redhat.com/errata/RHSA-2025:3844
reference_id	RHSA-2025:3844
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:3844

reference_url	https://access.redhat.com/errata/RHSA-2025:3845
reference_id	RHSA-2025:3845
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:3845

reference_url	https://access.redhat.com/errata/RHSA-2025:3846
reference_id	RHSA-2025:3846
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:3846

reference_url	https://access.redhat.com/errata/RHSA-2025:3847
reference_id	RHSA-2025:3847
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:3847

reference_url	https://access.redhat.com/errata/RHSA-2025:3848
reference_id	RHSA-2025:3848
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:3848

reference_url	https://access.redhat.com/errata/RHSA-2025:3849
reference_id	RHSA-2025:3849
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:3849

reference_url	https://access.redhat.com/errata/RHSA-2025:3850
reference_id	RHSA-2025:3850
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:3850

reference_url	https://access.redhat.com/errata/RHSA-2025:3852
reference_id	RHSA-2025:3852
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:3852

reference_url	https://access.redhat.com/errata/RHSA-2025:3853
reference_id	RHSA-2025:3853
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:3853

reference_url	https://access.redhat.com/errata/RHSA-2025:3854
reference_id	RHSA-2025:3854
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:3854

reference_url	https://access.redhat.com/errata/RHSA-2025:3855
reference_id	RHSA-2025:3855
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:3855

reference_url	https://access.redhat.com/errata/RHSA-2025:3856
reference_id	RHSA-2025:3856
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:3856

reference_url	https://access.redhat.com/errata/RHSA-2025:3857
reference_id	RHSA-2025:3857
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:3857

reference_url	https://access.redhat.com/errata/RHSA-2025:7508
reference_id	RHSA-2025:7508
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:7508

reference_url	https://usn.ubuntu.com/7480-1/
reference_id	USN-7480-1
reference_type
scores
url	https://usn.ubuntu.com/7480-1/

reference_url	https://usn.ubuntu.com/7481-1/
reference_id	USN-7481-1
reference_type
scores
url	https://usn.ubuntu.com/7481-1/

reference_url	https://usn.ubuntu.com/7482-1/
reference_id	USN-7482-1
reference_type
scores
url	https://usn.ubuntu.com/7482-1/

reference_url	https://usn.ubuntu.com/7483-1/
reference_id	USN-7483-1
reference_type
scores
url	https://usn.ubuntu.com/7483-1/

reference_url	https://usn.ubuntu.com/7484-1/
reference_id	USN-7484-1
reference_type
scores
url	https://usn.ubuntu.com/7484-1/

reference_url	https://usn.ubuntu.com/7531-1/
reference_id	USN-7531-1
reference_type
scores
url	https://usn.ubuntu.com/7531-1/

reference_url	https://usn.ubuntu.com/7533-1/
reference_id	USN-7533-1
reference_type
scores
url	https://usn.ubuntu.com/7533-1/

fixed_packages

url pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1

purl pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1gha-995s-7qdg

vulnerability	VCID-4snj-etwf-eqe8

vulnerability	VCID-57sd-8y93-qqhu

vulnerability	VCID-6r1k-8y1c-q7fm

vulnerability	VCID-apsn-z1br-3bdy

vulnerability	VCID-duy9-6f1p-vqah

vulnerability	VCID-jxgd-j4wr-tyb7

vulnerability	VCID-mt9c-tby1-wqe9

vulnerability	VCID-sz6r-65q1-q3bh

vulnerability	VCID-xte1-h9nn-4bbk

vulnerability	VCID-zsun-4q6p-8fek

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.17%252B10-1~deb12u1

aliases CVE-2025-30691

risk_score 2.1

exploitability 0.5

weighted_severity 4.3

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-y8bc-k5qu-c7f5

url VCID-z356-tw9t-q7bp

vulnerability_id VCID-z356-tw9t-q7bp

summary Multiple vulnerabilities have been discovered in OpenJDK, the worst of which could lead to remote code execution.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21210.json

reference_id

reference_type

scores

value	3.7
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21210.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-21210

reference_id

reference_type

scores

value	0.00144
scoring_system	epss
scoring_elements	0.34375
published_at	2026-04-26T12:55:00Z

value	0.00144
scoring_system	epss
scoring_elements	0.34671
published_at	2026-04-18T12:55:00Z

value	0.00144
scoring_system	epss
scoring_elements	0.34631
published_at	2026-04-21T12:55:00Z

value	0.00144
scoring_system	epss
scoring_elements	0.34394
published_at	2026-04-24T12:55:00Z

value	0.00144
scoring_system	epss
scoring_elements	0.34732
published_at	2026-04-02T12:55:00Z

value	0.00144
scoring_system	epss
scoring_elements	0.34758
published_at	2026-04-04T12:55:00Z

value	0.00144
scoring_system	epss
scoring_elements	0.34636
published_at	2026-04-07T12:55:00Z

value	0.00144
scoring_system	epss
scoring_elements	0.34679
published_at	2026-04-08T12:55:00Z

value	0.00144
scoring_system	epss
scoring_elements	0.34708
published_at	2026-04-09T12:55:00Z

value	0.00144
scoring_system	epss
scoring_elements	0.34711
published_at	2026-04-11T12:55:00Z

value	0.00144
scoring_system	epss
scoring_elements	0.34672
published_at	2026-04-12T12:55:00Z

value	0.00144
scoring_system	epss
scoring_elements	0.34648
published_at	2026-04-13T12:55:00Z

value	0.00144
scoring_system	epss
scoring_elements	0.34685
published_at	2026-04-16T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-21210

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21210
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21210

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	3.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1085696
reference_id	1085696
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1085696

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2318524
reference_id	2318524
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2318524

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:11.0.24:::::::*
reference_id	cpe:2.3:a:oracle:java_se:11.0.24:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:11.0.24:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:17.0.12:::::::*
reference_id	cpe:2.3:a:oracle:java_se:17.0.12:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:17.0.12:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:21.0.4:::::::*
reference_id	cpe:2.3:a:oracle:java_se:21.0.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:21.0.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:23:::::::*
reference_id	cpe:2.3:a:oracle:java_se:23:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:23:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:8u421:::::::*
reference_id	cpe:2.3:a:oracle:java_se:8u421:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:8u421:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:8u421::::enterprise_performance:::
reference_id	cpe:2.3:a:oracle:java_se:8u421::::enterprise_performance:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:8u421::::enterprise_performance:::

reference_url	https://security.gentoo.org/glsa/202412-07
reference_id	GLSA-202412-07
reference_type
scores
url	https://security.gentoo.org/glsa/202412-07

reference_url	https://access.redhat.com/errata/RHSA-2024:10926
reference_id	RHSA-2024:10926
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:10926

reference_url	https://access.redhat.com/errata/RHSA-2024:8116
reference_id	RHSA-2024:8116
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:8116

reference_url	https://access.redhat.com/errata/RHSA-2024:8117
reference_id	RHSA-2024:8117
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:8117

reference_url	https://access.redhat.com/errata/RHSA-2024:8118
reference_id	RHSA-2024:8118
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:8118

reference_url	https://access.redhat.com/errata/RHSA-2024:8119
reference_id	RHSA-2024:8119
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:8119

reference_url	https://access.redhat.com/errata/RHSA-2024:8120
reference_id	RHSA-2024:8120
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:8120

reference_url	https://access.redhat.com/errata/RHSA-2024:8121
reference_id	RHSA-2024:8121
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:8121

reference_url	https://access.redhat.com/errata/RHSA-2024:8122
reference_id	RHSA-2024:8122
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:8122

reference_url	https://access.redhat.com/errata/RHSA-2024:8123
reference_id	RHSA-2024:8123
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:8123

reference_url	https://access.redhat.com/errata/RHSA-2024:8124
reference_id	RHSA-2024:8124
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:8124

reference_url	https://access.redhat.com/errata/RHSA-2024:8125
reference_id	RHSA-2024:8125
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:8125

reference_url	https://access.redhat.com/errata/RHSA-2024:8126
reference_id	RHSA-2024:8126
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:8126

reference_url	https://access.redhat.com/errata/RHSA-2024:8127
reference_id	RHSA-2024:8127
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:8127

reference_url	https://access.redhat.com/errata/RHSA-2024:8128
reference_id	RHSA-2024:8128
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:8128

reference_url	https://access.redhat.com/errata/RHSA-2024:8129
reference_id	RHSA-2024:8129
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:8129

reference_url	https://usn.ubuntu.com/7096-1/
reference_id	USN-7096-1
reference_type
scores
url	https://usn.ubuntu.com/7096-1/

reference_url	https://usn.ubuntu.com/7097-1/
reference_id	USN-7097-1
reference_type
scores
url	https://usn.ubuntu.com/7097-1/

reference_url	https://usn.ubuntu.com/7098-1/
reference_id	USN-7098-1
reference_type
scores
url	https://usn.ubuntu.com/7098-1/

reference_url	https://usn.ubuntu.com/7099-1/
reference_id	USN-7099-1
reference_type
scores
url	https://usn.ubuntu.com/7099-1/

reference_url	https://usn.ubuntu.com/7124-1/
reference_id	USN-7124-1
reference_type
scores
url	https://usn.ubuntu.com/7124-1/

reference_url	https://usn.ubuntu.com/7338-1/
reference_id	USN-7338-1
reference_type
scores
url	https://usn.ubuntu.com/7338-1/

reference_url	https://usn.ubuntu.com/7339-1/
reference_id	USN-7339-1
reference_type
scores
url	https://usn.ubuntu.com/7339-1/

fixed_packages

url pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1

purl pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1gha-995s-7qdg

vulnerability	VCID-4snj-etwf-eqe8

vulnerability	VCID-57sd-8y93-qqhu

vulnerability	VCID-6r1k-8y1c-q7fm

vulnerability	VCID-apsn-z1br-3bdy

vulnerability	VCID-duy9-6f1p-vqah

vulnerability	VCID-jxgd-j4wr-tyb7

vulnerability	VCID-mt9c-tby1-wqe9

vulnerability	VCID-sz6r-65q1-q3bh

vulnerability	VCID-xte1-h9nn-4bbk

vulnerability	VCID-zsun-4q6p-8fek

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.17%252B10-1~deb12u1

aliases CVE-2024-21210

risk_score 1.6

exploitability 0.5

weighted_severity 3.3

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-z356-tw9t-q7bp

url VCID-zsun-4q6p-8fek

vulnerability_id VCID-zsun-4q6p-8fek

summary Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JGSS). Supported versions that are affected are Oracle Java SE: 8u481, 8u481-b50, 8u481-perf, 11.0.30, 17.0.18, 21.0.10, 25.0.2, 26; Oracle GraalVM for JDK: 17.0.18 and 21.0.10; Oracle GraalVM Enterprise Edition: 21.3.17. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.1 Base Score 5.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N).

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-22013.json

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-22013.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2026-22013

reference_id

reference_type

scores

value	0.0004
scoring_system	epss
scoring_elements	0.12118
published_at	2026-04-24T12:55:00Z

value	0.0004
scoring_system	epss
scoring_elements	0.12084
published_at	2026-04-26T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2026-22013

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-22013
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-22013

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1134894
reference_id	1134894
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1134894

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2460040
reference_id	2460040
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2460040

reference_url

https://www.oracle.com/security-alerts/cpuapr2026.html

reference_id

cpuapr2026.html

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-22T14:09:34Z/

url

https://www.oracle.com/security-alerts/cpuapr2026.html

reference_url	https://access.redhat.com/errata/RHSA-2026:11403
reference_id	RHSA-2026:11403
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:11403

reference_url	https://access.redhat.com/errata/RHSA-2026:9254
reference_id	RHSA-2026:9254
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:9254

reference_url	https://access.redhat.com/errata/RHSA-2026:9255
reference_id	RHSA-2026:9255
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:9255

reference_url	https://access.redhat.com/errata/RHSA-2026:9256
reference_id	RHSA-2026:9256
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:9256

reference_url	https://access.redhat.com/errata/RHSA-2026:9682
reference_id	RHSA-2026:9682
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:9682

reference_url	https://access.redhat.com/errata/RHSA-2026:9683
reference_id	RHSA-2026:9683
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:9683

reference_url	https://access.redhat.com/errata/RHSA-2026:9684
reference_id	RHSA-2026:9684
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:9684

reference_url	https://access.redhat.com/errata/RHSA-2026:9685
reference_id	RHSA-2026:9685
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:9685

reference_url	https://access.redhat.com/errata/RHSA-2026:9686
reference_id	RHSA-2026:9686
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:9686

reference_url	https://access.redhat.com/errata/RHSA-2026:9687
reference_id	RHSA-2026:9687
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:9687

reference_url	https://access.redhat.com/errata/RHSA-2026:9688
reference_id	RHSA-2026:9688
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:9688

reference_url	https://access.redhat.com/errata/RHSA-2026:9689
reference_id	RHSA-2026:9689
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:9689

reference_url	https://access.redhat.com/errata/RHSA-2026:9690
reference_id	RHSA-2026:9690
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:9690

reference_url	https://access.redhat.com/errata/RHSA-2026:9691
reference_id	RHSA-2026:9691
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:9691

reference_url	https://access.redhat.com/errata/RHSA-2026:9693
reference_id	RHSA-2026:9693
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:9693

reference_url	https://access.redhat.com/errata/RHSA-2026:9694
reference_id	RHSA-2026:9694
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:9694

fixed_packages

url	pkg:deb/debian/openjdk-17@17.0.18%2B8-1~deb12u1
purl	pkg:deb/debian/openjdk-17@17.0.18%2B8-1~deb12u1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.18%252B8-1~deb12u1

aliases CVE-2026-22013

risk_score 2.4

exploitability 0.5

weighted_severity 4.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-zsun-4q6p-8fek

Fixing_vulnerabilities

Risk_score 3.9

Resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.12%252B7-2~deb11u1

Package Instance