Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/189486?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/189486?format=api", "purl": "pkg:ebuild/dev-java/openjdk@8.422_p05", "type": "ebuild", "namespace": "dev-java", "name": "openjdk", "version": "8.422_p05", "qualifiers": {}, "subpath": "", "is_vulnerable": false, "next_non_vulnerable_version": "11.0.14_p9", "latest_non_vulnerable_version": "17.0.12_p7", "affected_by_vulnerabilities": [], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/95403?format=api", "vulnerability_id": "VCID-1udc-zxe4-sbfs", "summary": "OpenJDK: weakness in AES implementation (8308682)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-22041.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-22041.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-22041", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00102", "scoring_system": "epss", "scoring_elements": "0.27519", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00102", "scoring_system": "epss", "scoring_elements": "0.27535", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00102", "scoring_system": "epss", "scoring_elements": "0.27586", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-22041" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21930", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21930" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21937", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21937" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21938", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21938" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21939", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21939" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21954", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21954" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21967", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21967" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21968", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21968" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22006", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22006" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22036", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22036" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22041", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22041" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22045", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22045" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22049", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22049" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2223207", "reference_id": "2223207", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2223207" }, { "reference_url": "https://www.oracle.com/security-alerts/cpujul2023.html", "reference_id": "cpujul2023.html", "reference_type": "", "scores": [ { "value": "5.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-03T16:22:42Z/" } ], "url": "https://www.oracle.com/security-alerts/cpujul2023.html" }, { "reference_url": "https://www.debian.org/security/2023/dsa-5458", "reference_id": "dsa-5458", "reference_type": "", "scores": [ { "value": "5.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-03T16:22:42Z/" } ], "url": "https://www.debian.org/security/2023/dsa-5458" }, { "reference_url": "https://www.debian.org/security/2023/dsa-5478", "reference_id": "dsa-5478", "reference_type": "", "scores": [ { "value": "5.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-03T16:22:42Z/" } ], "url": "https://www.debian.org/security/2023/dsa-5478" }, { "reference_url": "https://security.gentoo.org/glsa/202407-24", "reference_id": "GLSA-202407-24", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202407-24" }, { "reference_url": "https://security.gentoo.org/glsa/202412-07", "reference_id": "GLSA-202412-07", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-07" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00018.html", "reference_id": "msg00018.html", "reference_type": "", "scores": [ { "value": "5.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-03T16:22:42Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00018.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20230725-0006/", "reference_id": "ntap-20230725-0006", "reference_type": "", "scores": [ { "value": "5.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-03T16:22:42Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20230725-0006/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4157", "reference_id": "RHSA-2023:4157", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4157" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4158", "reference_id": "RHSA-2023:4158", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4158" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4159", "reference_id": "RHSA-2023:4159", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4159" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4161", "reference_id": "RHSA-2023:4161", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4161" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4162", "reference_id": "RHSA-2023:4162", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4162" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4163", "reference_id": "RHSA-2023:4163", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4163" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4164", "reference_id": "RHSA-2023:4164", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4164" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4165", "reference_id": "RHSA-2023:4165", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4165" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4169", "reference_id": "RHSA-2023:4169", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4169" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4170", "reference_id": "RHSA-2023:4170", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4170" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4171", "reference_id": "RHSA-2023:4171", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4171" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4175", "reference_id": "RHSA-2023:4175", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4175" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4177", "reference_id": "RHSA-2023:4177", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4177" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4208", "reference_id": "RHSA-2023:4208", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4208" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4210", "reference_id": "RHSA-2023:4210", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4210" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4211", "reference_id": "RHSA-2023:4211", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4211" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4233", "reference_id": "RHSA-2023:4233", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4233" }, { "reference_url": "https://usn.ubuntu.com/6263-1/", "reference_id": "USN-6263-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6263-1/" }, { "reference_url": "https://usn.ubuntu.com/6272-1/", "reference_id": "USN-6272-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6272-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/189486?format=api", "purl": "pkg:ebuild/dev-java/openjdk@8.422_p05", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk@8.422_p05" }, { "url": "http://public2.vulnerablecode.io/api/packages/189487?format=api", "purl": "pkg:ebuild/dev-java/openjdk@11.0.24_p8", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk@11.0.24_p8" }, { "url": "http://public2.vulnerablecode.io/api/packages/189488?format=api", "purl": "pkg:ebuild/dev-java/openjdk@17.0.12_p7", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk@17.0.12_p7" } ], "aliases": [ "CVE-2023-22041" ], "risk_score": 2.3, "exploitability": "0.5", "weighted_severity": "4.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1udc-zxe4-sbfs" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/88336?format=api", "vulnerability_id": "VCID-1zrm-rmy9-3bcs", "summary": "JDK: Array indexing integer overflow (8328544)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21210.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21210.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-21210", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00144", "scoring_system": "epss", "scoring_elements": "0.34437", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00144", "scoring_system": "epss", "scoring_elements": "0.34453", "published_at": "2026-06-06T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-21210" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21210", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21210" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1085696", "reference_id": "1085696", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1085696" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2318524", "reference_id": "2318524", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2318524" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:11.0.24:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:java_se:11.0.24:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:11.0.24:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:17.0.12:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:java_se:17.0.12:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:17.0.12:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:21.0.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:java_se:21.0.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:21.0.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:23:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:java_se:23:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:23:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:8u421:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:java_se:8u421:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:8u421:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:8u421:*:*:*:enterprise_performance:*:*:*", "reference_id": "cpe:2.3:a:oracle:java_se:8u421:*:*:*:enterprise_performance:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:8u421:*:*:*:enterprise_performance:*:*:*" }, { "reference_url": "https://security.gentoo.org/glsa/202412-07", "reference_id": "GLSA-202412-07", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-07" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10926", "reference_id": "RHSA-2024:10926", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10926" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8116", "reference_id": "RHSA-2024:8116", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8116" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8117", "reference_id": "RHSA-2024:8117", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8117" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8118", "reference_id": "RHSA-2024:8118", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8118" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8119", "reference_id": "RHSA-2024:8119", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8119" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8120", "reference_id": "RHSA-2024:8120", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8120" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8121", "reference_id": "RHSA-2024:8121", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8121" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8122", "reference_id": "RHSA-2024:8122", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8122" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8123", "reference_id": "RHSA-2024:8123", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8123" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8124", "reference_id": "RHSA-2024:8124", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8124" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8125", "reference_id": "RHSA-2024:8125", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8125" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8126", "reference_id": "RHSA-2024:8126", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8126" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8127", "reference_id": "RHSA-2024:8127", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8127" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8128", "reference_id": "RHSA-2024:8128", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8128" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8129", "reference_id": "RHSA-2024:8129", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8129" }, { "reference_url": "https://usn.ubuntu.com/7096-1/", "reference_id": "USN-7096-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7096-1/" }, { "reference_url": "https://usn.ubuntu.com/7097-1/", "reference_id": "USN-7097-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7097-1/" }, { "reference_url": "https://usn.ubuntu.com/7098-1/", "reference_id": "USN-7098-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7098-1/" }, { "reference_url": "https://usn.ubuntu.com/7099-1/", "reference_id": "USN-7099-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7099-1/" }, { "reference_url": "https://usn.ubuntu.com/7124-1/", "reference_id": "USN-7124-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7124-1/" }, { "reference_url": "https://usn.ubuntu.com/7338-1/", "reference_id": "USN-7338-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7338-1/" }, { "reference_url": "https://usn.ubuntu.com/7339-1/", "reference_id": "USN-7339-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7339-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/189486?format=api", "purl": "pkg:ebuild/dev-java/openjdk@8.422_p05", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk@8.422_p05" }, { "url": "http://public2.vulnerablecode.io/api/packages/189487?format=api", "purl": "pkg:ebuild/dev-java/openjdk@11.0.24_p8", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk@11.0.24_p8" }, { "url": "http://public2.vulnerablecode.io/api/packages/189488?format=api", "purl": "pkg:ebuild/dev-java/openjdk@17.0.12_p7", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk@17.0.12_p7" } ], "aliases": [ "CVE-2024-21210" ], "risk_score": 1.6, "exploitability": "0.5", "weighted_severity": "3.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1zrm-rmy9-3bcs" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/95350?format=api", "vulnerability_id": "VCID-24he-53kv-6qb4", "summary": "OpenJDK: ZIP file parsing infinite loop (8302483)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-22036.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-22036.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-22036", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00104", "scoring_system": "epss", "scoring_elements": "0.27918", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00104", "scoring_system": "epss", "scoring_elements": "0.27936", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00104", "scoring_system": "epss", "scoring_elements": "0.27986", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-22036" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21930", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21930" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21937", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21937" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21938", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21938" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21939", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21939" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21954", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21954" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21967", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21967" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21968", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21968" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22006", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22006" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22036", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22036" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22041", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22041" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22045", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22045" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22049", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22049" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2221634", "reference_id": "2221634", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2221634" }, { "reference_url": "https://www.oracle.com/security-alerts/cpujul2023.html", "reference_id": "cpujul2023.html", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T19:31:59Z/" } ], "url": "https://www.oracle.com/security-alerts/cpujul2023.html" }, { "reference_url": "https://www.debian.org/security/2023/dsa-5458", "reference_id": "dsa-5458", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T19:31:59Z/" } ], "url": "https://www.debian.org/security/2023/dsa-5458" }, { "reference_url": "https://www.debian.org/security/2023/dsa-5478", "reference_id": "dsa-5478", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T19:31:59Z/" } ], "url": "https://www.debian.org/security/2023/dsa-5478" }, { "reference_url": "https://security.gentoo.org/glsa/202407-24", "reference_id": "GLSA-202407-24", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202407-24" }, { "reference_url": "https://security.gentoo.org/glsa/202412-07", "reference_id": "GLSA-202412-07", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-07" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00018.html", "reference_id": "msg00018.html", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T19:31:59Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00018.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20230725-0006/", "reference_id": "ntap-20230725-0006", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-20T19:31:59Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20230725-0006/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4157", "reference_id": "RHSA-2023:4157", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4157" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4158", "reference_id": "RHSA-2023:4158", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4158" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4159", "reference_id": "RHSA-2023:4159", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4159" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4161", "reference_id": "RHSA-2023:4161", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4161" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4162", "reference_id": "RHSA-2023:4162", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4162" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4163", "reference_id": "RHSA-2023:4163", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4163" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4164", "reference_id": "RHSA-2023:4164", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4164" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4165", "reference_id": "RHSA-2023:4165", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4165" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4169", "reference_id": "RHSA-2023:4169", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4169" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4170", "reference_id": "RHSA-2023:4170", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4170" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4171", "reference_id": "RHSA-2023:4171", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4171" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4175", "reference_id": "RHSA-2023:4175", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4175" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4177", "reference_id": "RHSA-2023:4177", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4177" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4208", "reference_id": "RHSA-2023:4208", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4208" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4210", "reference_id": "RHSA-2023:4210", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4210" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4211", "reference_id": "RHSA-2023:4211", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4211" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4233", "reference_id": "RHSA-2023:4233", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4233" }, { "reference_url": "https://usn.ubuntu.com/6263-1/", "reference_id": "USN-6263-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6263-1/" }, { "reference_url": "https://usn.ubuntu.com/6272-1/", "reference_id": "USN-6272-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6272-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/189486?format=api", "purl": "pkg:ebuild/dev-java/openjdk@8.422_p05", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk@8.422_p05" }, { "url": "http://public2.vulnerablecode.io/api/packages/189487?format=api", "purl": "pkg:ebuild/dev-java/openjdk@11.0.24_p8", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk@11.0.24_p8" }, { "url": "http://public2.vulnerablecode.io/api/packages/189488?format=api", "purl": "pkg:ebuild/dev-java/openjdk@17.0.12_p7", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk@17.0.12_p7" } ], "aliases": [ "CVE-2023-22036" ], "risk_score": 1.6, "exploitability": "0.5", "weighted_severity": "3.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-24he-53kv-6qb4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/95368?format=api", "vulnerability_id": "VCID-2csv-3k96-abeu", "summary": "OpenJDK: array indexing integer overflow issue (8304468)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-22045.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-22045.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-22045", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00141", "scoring_system": "epss", "scoring_elements": "0.33876", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00141", "scoring_system": "epss", "scoring_elements": "0.33993", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00141", "scoring_system": "epss", "scoring_elements": "0.33978", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-22045" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21930", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21930" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21937", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21937" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21938", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21938" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21939", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21939" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21954", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21954" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21967", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21967" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21968", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21968" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22006", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22006" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22036", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22036" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22041", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22041" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22045", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22045" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22049", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22049" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2221645", "reference_id": "2221645", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2221645" }, { "reference_url": "https://www.oracle.com/security-alerts/cpujul2023.html", "reference_id": "cpujul2023.html", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-31T18:40:09Z/" } ], "url": "https://www.oracle.com/security-alerts/cpujul2023.html" }, { "reference_url": "https://www.debian.org/security/2023/dsa-5458", "reference_id": "dsa-5458", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-31T18:40:09Z/" } ], "url": "https://www.debian.org/security/2023/dsa-5458" }, { "reference_url": "https://www.debian.org/security/2023/dsa-5478", "reference_id": "dsa-5478", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-31T18:40:09Z/" } ], "url": "https://www.debian.org/security/2023/dsa-5478" }, { "reference_url": "https://security.gentoo.org/glsa/202407-24", "reference_id": "GLSA-202407-24", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202407-24" }, { "reference_url": "https://security.gentoo.org/glsa/202412-07", "reference_id": "GLSA-202412-07", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-07" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00018.html", "reference_id": "msg00018.html", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-31T18:40:09Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00018.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20230725-0006/", "reference_id": "ntap-20230725-0006", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-31T18:40:09Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20230725-0006/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4157", "reference_id": "RHSA-2023:4157", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4157" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4158", "reference_id": "RHSA-2023:4158", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4158" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4159", "reference_id": "RHSA-2023:4159", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4159" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4161", "reference_id": "RHSA-2023:4161", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4161" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4162", "reference_id": "RHSA-2023:4162", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4162" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4163", "reference_id": "RHSA-2023:4163", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4163" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4164", "reference_id": "RHSA-2023:4164", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4164" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4165", "reference_id": "RHSA-2023:4165", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4165" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4166", "reference_id": "RHSA-2023:4166", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4166" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4167", "reference_id": "RHSA-2023:4167", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4167" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4168", "reference_id": "RHSA-2023:4168", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4168" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4169", "reference_id": "RHSA-2023:4169", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4169" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4170", "reference_id": "RHSA-2023:4170", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4170" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4171", "reference_id": "RHSA-2023:4171", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4171" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4172", "reference_id": "RHSA-2023:4172", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4172" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4173", "reference_id": "RHSA-2023:4173", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4173" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4174", "reference_id": "RHSA-2023:4174", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4174" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4175", "reference_id": "RHSA-2023:4175", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4175" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4176", "reference_id": "RHSA-2023:4176", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4176" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4177", "reference_id": "RHSA-2023:4177", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4177" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4178", "reference_id": "RHSA-2023:4178", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4178" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4208", "reference_id": "RHSA-2023:4208", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4208" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4209", "reference_id": "RHSA-2023:4209", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4209" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4210", "reference_id": "RHSA-2023:4210", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4210" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4211", "reference_id": "RHSA-2023:4211", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4211" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4212", "reference_id": "RHSA-2023:4212", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4212" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4233", "reference_id": "RHSA-2023:4233", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4233" }, { "reference_url": "https://usn.ubuntu.com/6263-1/", "reference_id": "USN-6263-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6263-1/" }, { "reference_url": "https://usn.ubuntu.com/6272-1/", "reference_id": "USN-6272-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6272-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/189486?format=api", "purl": "pkg:ebuild/dev-java/openjdk@8.422_p05", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk@8.422_p05" }, { "url": "http://public2.vulnerablecode.io/api/packages/189487?format=api", "purl": "pkg:ebuild/dev-java/openjdk@11.0.24_p8", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk@11.0.24_p8" }, { "url": "http://public2.vulnerablecode.io/api/packages/189488?format=api", "purl": "pkg:ebuild/dev-java/openjdk@17.0.12_p7", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk@17.0.12_p7" } ], "aliases": [ "CVE-2023-22045" ], "risk_score": 1.6, "exploitability": "0.5", "weighted_severity": "3.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2csv-3k96-abeu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/88377?format=api", "vulnerability_id": "VCID-36zv-cekd-tqeb", "summary": "JDK: Integer conversion error leads to incorrect range check (8332644)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21235.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21235.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-21235", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00171", "scoring_system": "epss", "scoring_elements": "0.38127", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00171", "scoring_system": "epss", "scoring_elements": "0.3813", "published_at": "2026-06-06T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-21235" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21235", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21235" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1085696", "reference_id": "1085696", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1085696" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2318534", "reference_id": "2318534", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2318534" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm:20.3.15:*:*:*:enterprise:*:*:*", "reference_id": "cpe:2.3:a:oracle:graalvm:20.3.15:*:*:*:enterprise:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm:20.3.15:*:*:*:enterprise:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm:21.3.11:*:*:*:enterprise:*:*:*", "reference_id": "cpe:2.3:a:oracle:graalvm:21.3.11:*:*:*:enterprise:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm:21.3.11:*:*:*:enterprise:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:17.0.12:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:graalvm_for_jdk:17.0.12:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:17.0.12:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:21.0.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:graalvm_for_jdk:21.0.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:21.0.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:23:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:graalvm_for_jdk:23:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:23:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:11.0.24:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:java_se:11.0.24:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:11.0.24:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:17.0.12:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:java_se:17.0.12:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:17.0.12:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:21.0.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:java_se:21.0.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:21.0.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:23:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:java_se:23:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:23:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:8u421:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:java_se:8u421:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:8u421:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:8u421:*:*:*:enterprise_performance:*:*:*", "reference_id": "cpe:2.3:a:oracle:java_se:8u421:*:*:*:enterprise_performance:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:8u421:*:*:*:enterprise_performance:*:*:*" }, { "reference_url": "https://security.gentoo.org/glsa/202412-07", "reference_id": "GLSA-202412-07", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-07" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10926", "reference_id": "RHSA-2024:10926", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10926" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8116", "reference_id": "RHSA-2024:8116", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8116" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8117", "reference_id": "RHSA-2024:8117", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8117" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8118", "reference_id": "RHSA-2024:8118", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8118" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8119", "reference_id": "RHSA-2024:8119", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8119" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8120", "reference_id": "RHSA-2024:8120", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8120" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8121", "reference_id": "RHSA-2024:8121", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8121" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8122", "reference_id": "RHSA-2024:8122", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8122" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8123", "reference_id": "RHSA-2024:8123", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8123" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8124", "reference_id": "RHSA-2024:8124", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8124" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8125", "reference_id": "RHSA-2024:8125", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8125" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8126", "reference_id": "RHSA-2024:8126", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8126" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8127", "reference_id": "RHSA-2024:8127", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8127" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8128", "reference_id": "RHSA-2024:8128", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8128" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8129", "reference_id": "RHSA-2024:8129", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8129" }, { "reference_url": "https://usn.ubuntu.com/7096-1/", "reference_id": "USN-7096-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7096-1/" }, { "reference_url": "https://usn.ubuntu.com/7097-1/", "reference_id": "USN-7097-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7097-1/" }, { "reference_url": "https://usn.ubuntu.com/7098-1/", "reference_id": "USN-7098-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7098-1/" }, { "reference_url": "https://usn.ubuntu.com/7099-1/", "reference_id": "USN-7099-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7099-1/" }, { "reference_url": "https://usn.ubuntu.com/7124-1/", "reference_id": "USN-7124-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7124-1/" }, { "reference_url": "https://usn.ubuntu.com/7338-1/", "reference_id": "USN-7338-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7338-1/" }, { "reference_url": "https://usn.ubuntu.com/7339-1/", "reference_id": "USN-7339-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7339-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/189486?format=api", "purl": "pkg:ebuild/dev-java/openjdk@8.422_p05", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk@8.422_p05" }, { "url": "http://public2.vulnerablecode.io/api/packages/189487?format=api", "purl": "pkg:ebuild/dev-java/openjdk@11.0.24_p8", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk@11.0.24_p8" }, { "url": "http://public2.vulnerablecode.io/api/packages/189488?format=api", "purl": "pkg:ebuild/dev-java/openjdk@17.0.12_p7", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk@17.0.12_p7" } ], "aliases": [ "CVE-2024-21235" ], "risk_score": 2.1, "exploitability": "0.5", "weighted_severity": "4.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-36zv-cekd-tqeb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/91464?format=api", "vulnerability_id": "VCID-3mtb-zvse-pqdb", "summary": "OpenJDK: arbitrary Java code execution in Nashorn (8314284)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-20926.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-20926.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-20926", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00249", "scoring_system": "epss", "scoring_elements": "0.48371", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00249", "scoring_system": "epss", "scoring_elements": "0.48368", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-20926" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20918", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20918" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20919", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20919" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20921", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20921" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20926", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20926" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20932", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20932" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20945", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20945" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20952", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20952" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2257850", "reference_id": "2257850", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2257850" }, { "reference_url": "https://security.gentoo.org/glsa/202412-07", "reference_id": "GLSA-202412-07", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-07" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2024/01/msg00023.html", "reference_id": "msg00023.html", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-15T16:03:46Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2024/01/msg00023.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20240201-0002/", "reference_id": "ntap-20240201-0002", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-15T16:03:46Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20240201-0002/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0222", "reference_id": "RHSA-2024:0222", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0222" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0223", "reference_id": "RHSA-2024:0223", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0223" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0224", "reference_id": "RHSA-2024:0224", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0224" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0225", "reference_id": "RHSA-2024:0225", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0225" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0226", "reference_id": "RHSA-2024:0226", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0226" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0228", "reference_id": "RHSA-2024:0228", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0228" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0230", "reference_id": "RHSA-2024:0230", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0230" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0231", "reference_id": "RHSA-2024:0231", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0231" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0232", "reference_id": "RHSA-2024:0232", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0232" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0233", "reference_id": "RHSA-2024:0233", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0233" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0234", "reference_id": "RHSA-2024:0234", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0234" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0235", "reference_id": "RHSA-2024:0235", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0235" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0237", "reference_id": "RHSA-2024:0237", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0237" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0239", "reference_id": "RHSA-2024:0239", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0239" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0265", "reference_id": "RHSA-2024:0265", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0265" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0266", "reference_id": "RHSA-2024:0266", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0266" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1481", "reference_id": "RHSA-2024:1481", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1481" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1482", "reference_id": "RHSA-2024:1482", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1482" }, { "reference_url": "https://usn.ubuntu.com/6660-1/", "reference_id": "USN-6660-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6660-1/" }, { "reference_url": "https://usn.ubuntu.com/6696-1/", "reference_id": "USN-6696-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6696-1/" }, { "reference_url": "https://usn.ubuntu.com/7096-1/", "reference_id": "USN-7096-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7096-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/189486?format=api", "purl": "pkg:ebuild/dev-java/openjdk@8.422_p05", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk@8.422_p05" }, { "url": "http://public2.vulnerablecode.io/api/packages/189487?format=api", "purl": "pkg:ebuild/dev-java/openjdk@11.0.24_p8", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk@11.0.24_p8" }, { "url": "http://public2.vulnerablecode.io/api/packages/189488?format=api", "purl": "pkg:ebuild/dev-java/openjdk@17.0.12_p7", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk@17.0.12_p7" } ], "aliases": [ "CVE-2024-20926" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3mtb-zvse-pqdb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/93602?format=api", "vulnerability_id": "VCID-73dx-kjm5-8uea", "summary": "OpenJDK: memory corruption issue on x86_64 with AVX-512 (8317121)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-22025.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-22025.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-22025", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00128", "scoring_system": "epss", "scoring_elements": "0.31775", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00128", "scoring_system": "epss", "scoring_elements": "0.31813", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00128", "scoring_system": "epss", "scoring_elements": "0.31845", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-22025" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22025", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22025" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22081", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22081" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243805", "reference_id": "2243805", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243805" }, { "reference_url": "https://www.debian.org/security/2023/dsa-5548", "reference_id": "dsa-5548", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-13T16:28:29Z/" } ], "url": "https://www.debian.org/security/2023/dsa-5548" }, { "reference_url": "https://security.gentoo.org/glsa/202412-07", "reference_id": "GLSA-202412-07", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-07" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20231027-0006/", "reference_id": "ntap-20231027-0006", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-13T16:28:29Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20231027-0006/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5745", "reference_id": "RHSA-2023:5745", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5745" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5746", "reference_id": "RHSA-2023:5746", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5746" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5747", "reference_id": "RHSA-2023:5747", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5747" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5750", "reference_id": "RHSA-2023:5750", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5750" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5751", "reference_id": "RHSA-2023:5751", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5751" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5752", "reference_id": "RHSA-2023:5752", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5752" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5753", "reference_id": "RHSA-2023:5753", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5753" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6738", "reference_id": "RHSA-2023:6738", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6738" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6887", "reference_id": "RHSA-2023:6887", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6887" }, { "reference_url": "https://usn.ubuntu.com/6527-1/", "reference_id": "USN-6527-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6527-1/" }, { "reference_url": "https://usn.ubuntu.com/6528-1/", "reference_id": "USN-6528-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6528-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/189486?format=api", "purl": "pkg:ebuild/dev-java/openjdk@8.422_p05", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk@8.422_p05" }, { "url": "http://public2.vulnerablecode.io/api/packages/189487?format=api", "purl": "pkg:ebuild/dev-java/openjdk@11.0.24_p8", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk@11.0.24_p8" }, { "url": "http://public2.vulnerablecode.io/api/packages/189488?format=api", "purl": "pkg:ebuild/dev-java/openjdk@17.0.12_p7", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk@17.0.12_p7" } ], "aliases": [ "CVE-2023-22025" ], "risk_score": 1.6, "exploitability": "0.5", "weighted_severity": "3.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-73dx-kjm5-8uea" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/88349?format=api", "vulnerability_id": "VCID-7v19-naqh-fuf4", "summary": "JDK: HTTP client improper handling of maxHeaderSize (8328286)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21208.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21208.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-21208", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00054", "scoring_system": "epss", "scoring_elements": "0.17368", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00054", "scoring_system": "epss", "scoring_elements": "0.17363", "published_at": "2026-06-06T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-21208" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21208", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21208" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1085696", "reference_id": "1085696", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1085696" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2318526", "reference_id": "2318526", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2318526" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm:20.3.15:*:*:*:enterprise:*:*:*", "reference_id": "cpe:2.3:a:oracle:graalvm:20.3.15:*:*:*:enterprise:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm:20.3.15:*:*:*:enterprise:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm:21.3.11:*:*:*:enterprise:*:*:*", "reference_id": "cpe:2.3:a:oracle:graalvm:21.3.11:*:*:*:enterprise:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm:21.3.11:*:*:*:enterprise:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:17.0.12:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:graalvm_for_jdk:17.0.12:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:17.0.12:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:21.0.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:graalvm_for_jdk:21.0.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:21.0.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:23:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:graalvm_for_jdk:23:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:23:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:11.0.24:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:java_se:11.0.24:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:11.0.24:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:17.0.12:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:java_se:17.0.12:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:17.0.12:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:21.0.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:java_se:21.0.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:21.0.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:23:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:java_se:23:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:23:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:8u421:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:java_se:8u421:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:8u421:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:8u421:*:*:*:enterprise_performance:*:*:*", "reference_id": "cpe:2.3:a:oracle:java_se:8u421:*:*:*:enterprise_performance:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:8u421:*:*:*:enterprise_performance:*:*:*" }, { "reference_url": "https://security.gentoo.org/glsa/202412-07", "reference_id": "GLSA-202412-07", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-07" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10926", "reference_id": "RHSA-2024:10926", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10926" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8116", "reference_id": "RHSA-2024:8116", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8116" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8117", "reference_id": "RHSA-2024:8117", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8117" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8118", "reference_id": "RHSA-2024:8118", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8118" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8119", "reference_id": "RHSA-2024:8119", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8119" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8120", "reference_id": "RHSA-2024:8120", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8120" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8121", "reference_id": "RHSA-2024:8121", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8121" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8122", "reference_id": "RHSA-2024:8122", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8122" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8123", "reference_id": "RHSA-2024:8123", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8123" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8124", "reference_id": "RHSA-2024:8124", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8124" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8125", "reference_id": "RHSA-2024:8125", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8125" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8126", "reference_id": "RHSA-2024:8126", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8126" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8127", "reference_id": "RHSA-2024:8127", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8127" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8128", "reference_id": "RHSA-2024:8128", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8128" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8129", "reference_id": "RHSA-2024:8129", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8129" }, { "reference_url": "https://usn.ubuntu.com/7096-1/", "reference_id": "USN-7096-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7096-1/" }, { "reference_url": "https://usn.ubuntu.com/7097-1/", "reference_id": "USN-7097-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7097-1/" }, { "reference_url": "https://usn.ubuntu.com/7098-1/", "reference_id": "USN-7098-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7098-1/" }, { "reference_url": "https://usn.ubuntu.com/7099-1/", "reference_id": "USN-7099-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7099-1/" }, { "reference_url": "https://usn.ubuntu.com/7124-1/", "reference_id": "USN-7124-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7124-1/" }, { "reference_url": "https://usn.ubuntu.com/7338-1/", "reference_id": "USN-7338-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7338-1/" }, { "reference_url": "https://usn.ubuntu.com/7339-1/", "reference_id": "USN-7339-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7339-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/189486?format=api", "purl": "pkg:ebuild/dev-java/openjdk@8.422_p05", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk@8.422_p05" }, { "url": "http://public2.vulnerablecode.io/api/packages/189487?format=api", "purl": "pkg:ebuild/dev-java/openjdk@11.0.24_p8", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk@11.0.24_p8" }, { "url": "http://public2.vulnerablecode.io/api/packages/189488?format=api", "purl": "pkg:ebuild/dev-java/openjdk@17.0.12_p7", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk@17.0.12_p7" } ], "aliases": [ "CVE-2024-21208" ], "risk_score": 1.6, "exploitability": "0.5", "weighted_severity": "3.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-7v19-naqh-fuf4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/88362?format=api", "vulnerability_id": "VCID-hsx4-may7-13e7", "summary": "JDK: Unbounded allocation leads to out-of-memory error (8331446)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21217.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21217.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-21217", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00096", "scoring_system": "epss", "scoring_elements": "0.2668", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00096", "scoring_system": "epss", "scoring_elements": "0.2667", "published_at": "2026-06-06T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-21217" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21217", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21217" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1085696", "reference_id": "1085696", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1085696" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2318530", "reference_id": "2318530", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2318530" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm:20.3.15:*:*:*:enterprise:*:*:*", "reference_id": "cpe:2.3:a:oracle:graalvm:20.3.15:*:*:*:enterprise:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm:20.3.15:*:*:*:enterprise:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm:21.3.11:*:*:*:enterprise:*:*:*", "reference_id": "cpe:2.3:a:oracle:graalvm:21.3.11:*:*:*:enterprise:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm:21.3.11:*:*:*:enterprise:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:17.0.12:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:graalvm_for_jdk:17.0.12:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:17.0.12:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:21.0.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:graalvm_for_jdk:21.0.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:21.0.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:23:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:graalvm_for_jdk:23:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:23:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:11.0.24:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:java_se:11.0.24:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:11.0.24:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:17.0.12:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:java_se:17.0.12:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:17.0.12:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:21.0.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:java_se:21.0.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:21.0.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:23:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:java_se:23:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:23:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:8u421:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:java_se:8u421:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:8u421:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:8u421:*:*:*:enterprise_performance:*:*:*", "reference_id": "cpe:2.3:a:oracle:java_se:8u421:*:*:*:enterprise_performance:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:8u421:*:*:*:enterprise_performance:*:*:*" }, { "reference_url": "https://security.gentoo.org/glsa/202412-07", "reference_id": "GLSA-202412-07", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-07" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10926", "reference_id": "RHSA-2024:10926", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10926" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8116", "reference_id": "RHSA-2024:8116", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8116" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8117", "reference_id": "RHSA-2024:8117", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8117" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8118", "reference_id": "RHSA-2024:8118", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8118" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8119", "reference_id": "RHSA-2024:8119", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8119" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8120", "reference_id": "RHSA-2024:8120", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8120" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8121", "reference_id": "RHSA-2024:8121", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8121" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8122", "reference_id": "RHSA-2024:8122", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8122" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8123", "reference_id": "RHSA-2024:8123", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8123" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8124", "reference_id": "RHSA-2024:8124", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8124" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8125", "reference_id": "RHSA-2024:8125", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8125" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8126", "reference_id": "RHSA-2024:8126", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8126" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8127", "reference_id": "RHSA-2024:8127", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8127" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8128", "reference_id": "RHSA-2024:8128", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8128" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8129", "reference_id": "RHSA-2024:8129", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8129" }, { "reference_url": "https://usn.ubuntu.com/7096-1/", "reference_id": "USN-7096-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7096-1/" }, { "reference_url": "https://usn.ubuntu.com/7097-1/", "reference_id": "USN-7097-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7097-1/" }, { "reference_url": "https://usn.ubuntu.com/7098-1/", "reference_id": "USN-7098-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7098-1/" }, { "reference_url": "https://usn.ubuntu.com/7099-1/", "reference_id": "USN-7099-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7099-1/" }, { "reference_url": "https://usn.ubuntu.com/7124-1/", "reference_id": "USN-7124-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7124-1/" }, { "reference_url": "https://usn.ubuntu.com/7338-1/", "reference_id": "USN-7338-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7338-1/" }, { "reference_url": "https://usn.ubuntu.com/7339-1/", "reference_id": "USN-7339-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7339-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/189486?format=api", "purl": "pkg:ebuild/dev-java/openjdk@8.422_p05", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk@8.422_p05" }, { "url": "http://public2.vulnerablecode.io/api/packages/189487?format=api", "purl": "pkg:ebuild/dev-java/openjdk@11.0.24_p8", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk@11.0.24_p8" }, { "url": "http://public2.vulnerablecode.io/api/packages/189488?format=api", "purl": "pkg:ebuild/dev-java/openjdk@17.0.12_p7", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk@17.0.12_p7" } ], "aliases": [ "CVE-2024-21217" ], "risk_score": 1.6, "exploitability": "0.5", "weighted_severity": "3.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-hsx4-may7-13e7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/91452?format=api", "vulnerability_id": "VCID-jua2-s4g6-v3h2", "summary": "OpenJDK: incorrect handling of ZIP files with duplicate entries (8276123)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-20932.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-20932.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-20932", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00131", "scoring_system": "epss", "scoring_elements": "0.32251", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00131", "scoring_system": "epss", "scoring_elements": "0.32282", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-20932" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20918", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20918" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20919", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20919" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20921", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20921" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20926", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20926" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20932", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20932" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20945", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20945" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20952", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20952" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2257720", "reference_id": "2257720", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2257720" }, { "reference_url": "https://security.gentoo.org/glsa/202412-07", "reference_id": "GLSA-202412-07", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-07" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20240201-0002/", "reference_id": "ntap-20240201-0002", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-30T15:51:25Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20240201-0002/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0240", "reference_id": "RHSA-2024:0240", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0240" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0241", "reference_id": "RHSA-2024:0241", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0241" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0242", "reference_id": "RHSA-2024:0242", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0242" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0244", "reference_id": "RHSA-2024:0244", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0244" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0246", "reference_id": "RHSA-2024:0246", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0246" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0267", "reference_id": "RHSA-2024:0267", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0267" }, { "reference_url": "https://usn.ubuntu.com/6661-1/", "reference_id": "USN-6661-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6661-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/189486?format=api", "purl": "pkg:ebuild/dev-java/openjdk@8.422_p05", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk@8.422_p05" }, { "url": "http://public2.vulnerablecode.io/api/packages/189487?format=api", "purl": "pkg:ebuild/dev-java/openjdk@11.0.24_p8", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk@11.0.24_p8" }, { "url": "http://public2.vulnerablecode.io/api/packages/189488?format=api", "purl": "pkg:ebuild/dev-java/openjdk@17.0.12_p7", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk@17.0.12_p7" } ], "aliases": [ "CVE-2024-20932" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jua2-s4g6-v3h2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/91468?format=api", "vulnerability_id": "VCID-ka8g-1h5k-2qbj", "summary": "OpenJDK: range check loop optimization issue (8314307)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-20921.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-20921.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-20921", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0022", "scoring_system": "epss", "scoring_elements": "0.44728", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.0022", "scoring_system": "epss", "scoring_elements": "0.44736", "published_at": "2026-06-06T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-20921" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20918", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20918" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20919", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20919" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20921", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20921" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20926", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20926" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20932", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20932" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20945", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20945" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20952", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20952" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2257859", "reference_id": "2257859", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2257859" }, { "reference_url": "https://security.gentoo.org/glsa/202412-07", "reference_id": "GLSA-202412-07", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-07" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0222", "reference_id": "RHSA-2024:0222", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0222" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0223", "reference_id": "RHSA-2024:0223", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0223" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0224", "reference_id": "RHSA-2024:0224", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0224" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0225", "reference_id": "RHSA-2024:0225", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0225" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0226", "reference_id": "RHSA-2024:0226", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0226" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0228", "reference_id": "RHSA-2024:0228", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0228" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0230", "reference_id": "RHSA-2024:0230", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0230" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0231", "reference_id": "RHSA-2024:0231", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0231" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0232", "reference_id": "RHSA-2024:0232", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0232" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0233", "reference_id": "RHSA-2024:0233", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0233" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0234", "reference_id": "RHSA-2024:0234", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0234" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0235", "reference_id": "RHSA-2024:0235", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0235" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0237", "reference_id": "RHSA-2024:0237", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0237" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0239", "reference_id": "RHSA-2024:0239", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0239" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0240", "reference_id": "RHSA-2024:0240", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0240" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0241", "reference_id": "RHSA-2024:0241", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0241" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0242", "reference_id": "RHSA-2024:0242", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0242" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0244", "reference_id": "RHSA-2024:0244", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0244" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0246", "reference_id": "RHSA-2024:0246", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0246" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0247", "reference_id": "RHSA-2024:0247", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0247" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0248", "reference_id": "RHSA-2024:0248", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0248" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0249", "reference_id": "RHSA-2024:0249", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0249" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0250", "reference_id": "RHSA-2024:0250", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0250" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0265", "reference_id": "RHSA-2024:0265", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0265" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0266", "reference_id": "RHSA-2024:0266", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0266" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0267", "reference_id": "RHSA-2024:0267", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0267" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1481", "reference_id": "RHSA-2024:1481", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1481" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1482", "reference_id": "RHSA-2024:1482", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1482" }, { "reference_url": "https://usn.ubuntu.com/6660-1/", "reference_id": "USN-6660-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6660-1/" }, { "reference_url": "https://usn.ubuntu.com/6661-1/", "reference_id": "USN-6661-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6661-1/" }, { "reference_url": "https://usn.ubuntu.com/6662-1/", "reference_id": "USN-6662-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6662-1/" }, { "reference_url": "https://usn.ubuntu.com/6696-1/", "reference_id": "USN-6696-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6696-1/" }, { "reference_url": "https://usn.ubuntu.com/7096-1/", "reference_id": "USN-7096-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7096-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/189486?format=api", "purl": "pkg:ebuild/dev-java/openjdk@8.422_p05", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk@8.422_p05" }, { "url": "http://public2.vulnerablecode.io/api/packages/189487?format=api", "purl": "pkg:ebuild/dev-java/openjdk@11.0.24_p8", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk@11.0.24_p8" }, { "url": "http://public2.vulnerablecode.io/api/packages/189488?format=api", "purl": "pkg:ebuild/dev-java/openjdk@17.0.12_p7", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk@17.0.12_p7" } ], "aliases": [ "CVE-2024-20921" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ka8g-1h5k-2qbj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/91454?format=api", "vulnerability_id": "VCID-kkk4-xqv1-gug4", "summary": "OpenJDK: array out-of-bounds access due to missing range check in C1 compiler (8314468)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-20918.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-20918.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-20918", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00235", "scoring_system": "epss", "scoring_elements": "0.46652", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00235", "scoring_system": "epss", "scoring_elements": "0.46648", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-20918" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20918", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20918" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20919", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20919" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20921", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20921" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20926", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20926" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20932", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20932" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20945", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20945" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20952", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20952" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2257728", "reference_id": "2257728", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2257728" }, { "reference_url": "https://security.gentoo.org/glsa/202412-07", "reference_id": "GLSA-202412-07", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-07" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2024/01/msg00023.html", "reference_id": "msg00023.html", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-01-25T05:01:02Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2024/01/msg00023.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20240201-0002/", "reference_id": "ntap-20240201-0002", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-01-25T05:01:02Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20240201-0002/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0222", "reference_id": "RHSA-2024:0222", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0222" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0223", "reference_id": "RHSA-2024:0223", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0223" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0224", "reference_id": "RHSA-2024:0224", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0224" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0225", "reference_id": "RHSA-2024:0225", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0225" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0226", "reference_id": "RHSA-2024:0226", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0226" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0228", "reference_id": "RHSA-2024:0228", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0228" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0230", "reference_id": "RHSA-2024:0230", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0230" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0231", "reference_id": "RHSA-2024:0231", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0231" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0232", "reference_id": "RHSA-2024:0232", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0232" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0233", "reference_id": "RHSA-2024:0233", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0233" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0234", "reference_id": "RHSA-2024:0234", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0234" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0235", "reference_id": "RHSA-2024:0235", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0235" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0237", "reference_id": "RHSA-2024:0237", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0237" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0239", "reference_id": "RHSA-2024:0239", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0239" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0240", "reference_id": "RHSA-2024:0240", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0240" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0241", "reference_id": "RHSA-2024:0241", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0241" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0242", "reference_id": "RHSA-2024:0242", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0242" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0244", "reference_id": "RHSA-2024:0244", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0244" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0246", "reference_id": "RHSA-2024:0246", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0246" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0247", "reference_id": "RHSA-2024:0247", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0247" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0248", "reference_id": "RHSA-2024:0248", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0248" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0249", "reference_id": "RHSA-2024:0249", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0249" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0250", "reference_id": "RHSA-2024:0250", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0250" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0265", "reference_id": "RHSA-2024:0265", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0265" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0266", "reference_id": "RHSA-2024:0266", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0266" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0267", "reference_id": "RHSA-2024:0267", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0267" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1481", "reference_id": "RHSA-2024:1481", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1481" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1482", "reference_id": "RHSA-2024:1482", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1482" }, { "reference_url": "https://usn.ubuntu.com/6660-1/", "reference_id": "USN-6660-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6660-1/" }, { "reference_url": "https://usn.ubuntu.com/6661-1/", "reference_id": "USN-6661-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6661-1/" }, { "reference_url": "https://usn.ubuntu.com/6662-1/", "reference_id": "USN-6662-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6662-1/" }, { "reference_url": "https://usn.ubuntu.com/6696-1/", "reference_id": "USN-6696-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6696-1/" }, { "reference_url": "https://usn.ubuntu.com/7096-1/", "reference_id": "USN-7096-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7096-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/189486?format=api", "purl": "pkg:ebuild/dev-java/openjdk@8.422_p05", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk@8.422_p05" }, { "url": "http://public2.vulnerablecode.io/api/packages/189487?format=api", "purl": "pkg:ebuild/dev-java/openjdk@11.0.24_p8", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk@11.0.24_p8" }, { "url": "http://public2.vulnerablecode.io/api/packages/189488?format=api", "purl": "pkg:ebuild/dev-java/openjdk@17.0.12_p7", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk@17.0.12_p7" } ], "aliases": [ "CVE-2024-20918" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.7", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-kkk4-xqv1-gug4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/95362?format=api", "vulnerability_id": "VCID-re7t-zcdz-8qhc", "summary": "OpenJDK: modulo operator array indexing issue (8304460)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-22044.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-22044.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-22044", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0013", "scoring_system": "epss", "scoring_elements": "0.32029", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.0013", "scoring_system": "epss", "scoring_elements": "0.32069", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.0013", "scoring_system": "epss", "scoring_elements": "0.32101", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-22044" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22044", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22044" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2221642", "reference_id": "2221642", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2221642" }, { "reference_url": "https://www.oracle.com/security-alerts/cpujul2023.html", "reference_id": "cpujul2023.html", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-13T16:29:00Z/" } ], "url": "https://www.oracle.com/security-alerts/cpujul2023.html" }, { "reference_url": "https://www.debian.org/security/2023/dsa-5458", "reference_id": "dsa-5458", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-13T16:29:00Z/" } ], "url": "https://www.debian.org/security/2023/dsa-5458" }, { "reference_url": "https://security.gentoo.org/glsa/202407-24", "reference_id": "GLSA-202407-24", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202407-24" }, { "reference_url": "https://security.gentoo.org/glsa/202412-07", "reference_id": "GLSA-202412-07", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-07" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20230725-0006/", "reference_id": "ntap-20230725-0006", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-13T16:29:00Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20230725-0006/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4159", "reference_id": "RHSA-2023:4159", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4159" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4169", "reference_id": "RHSA-2023:4169", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4169" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4170", "reference_id": "RHSA-2023:4170", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4170" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4171", "reference_id": "RHSA-2023:4171", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4171" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4177", "reference_id": "RHSA-2023:4177", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4177" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4210", "reference_id": "RHSA-2023:4210", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4210" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4211", "reference_id": "RHSA-2023:4211", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4211" }, { "reference_url": "https://usn.ubuntu.com/6263-1/", "reference_id": "USN-6263-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6263-1/" }, { "reference_url": "https://usn.ubuntu.com/6272-1/", "reference_id": "USN-6272-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6272-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/189486?format=api", "purl": "pkg:ebuild/dev-java/openjdk@8.422_p05", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk@8.422_p05" }, { "url": "http://public2.vulnerablecode.io/api/packages/189487?format=api", "purl": "pkg:ebuild/dev-java/openjdk@11.0.24_p8", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk@11.0.24_p8" }, { "url": "http://public2.vulnerablecode.io/api/packages/189488?format=api", "purl": "pkg:ebuild/dev-java/openjdk@17.0.12_p7", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk@17.0.12_p7" } ], "aliases": [ "CVE-2023-22044" ], "risk_score": 1.6, "exploitability": "0.5", "weighted_severity": "3.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-re7t-zcdz-8qhc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/91465?format=api", "vulnerability_id": "VCID-t82y-9a1j-6few", "summary": "OpenJDK: JVM class file verifier flaw allows unverified bytecode execution (8314295)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-20919.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-20919.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-20919", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00156", "scoring_system": "epss", "scoring_elements": "0.3619", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00156", "scoring_system": "epss", "scoring_elements": "0.36198", "published_at": "2026-06-06T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-20919" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20918", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20918" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20919", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20919" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20921", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20921" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20926", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20926" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20932", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20932" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20945", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20945" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20952", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20952" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2257853", "reference_id": "2257853", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2257853" }, { "reference_url": "https://security.gentoo.org/glsa/202412-07", "reference_id": "GLSA-202412-07", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-07" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0222", "reference_id": "RHSA-2024:0222", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0222" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0223", "reference_id": "RHSA-2024:0223", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0223" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0224", "reference_id": "RHSA-2024:0224", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0224" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0225", "reference_id": "RHSA-2024:0225", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0225" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0226", "reference_id": "RHSA-2024:0226", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0226" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0228", "reference_id": "RHSA-2024:0228", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0228" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0230", "reference_id": "RHSA-2024:0230", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0230" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0231", "reference_id": "RHSA-2024:0231", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0231" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0232", "reference_id": "RHSA-2024:0232", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0232" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0233", "reference_id": "RHSA-2024:0233", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0233" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0234", "reference_id": "RHSA-2024:0234", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0234" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0235", "reference_id": "RHSA-2024:0235", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0235" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0237", "reference_id": "RHSA-2024:0237", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0237" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0239", "reference_id": "RHSA-2024:0239", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0239" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0240", "reference_id": "RHSA-2024:0240", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0240" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0241", "reference_id": "RHSA-2024:0241", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0241" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0242", "reference_id": "RHSA-2024:0242", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0242" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0244", "reference_id": "RHSA-2024:0244", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0244" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0246", "reference_id": "RHSA-2024:0246", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0246" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0247", "reference_id": "RHSA-2024:0247", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0247" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0248", "reference_id": "RHSA-2024:0248", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0248" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0249", "reference_id": "RHSA-2024:0249", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0249" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0250", "reference_id": "RHSA-2024:0250", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0250" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0265", "reference_id": "RHSA-2024:0265", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0265" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0266", "reference_id": "RHSA-2024:0266", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0266" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0267", "reference_id": "RHSA-2024:0267", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0267" }, { "reference_url": "https://usn.ubuntu.com/6660-1/", "reference_id": "USN-6660-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6660-1/" }, { "reference_url": "https://usn.ubuntu.com/6661-1/", "reference_id": "USN-6661-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6661-1/" }, { "reference_url": "https://usn.ubuntu.com/6662-1/", "reference_id": "USN-6662-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6662-1/" }, { "reference_url": "https://usn.ubuntu.com/6696-1/", "reference_id": "USN-6696-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6696-1/" }, { "reference_url": "https://usn.ubuntu.com/7096-1/", "reference_id": "USN-7096-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7096-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/189486?format=api", "purl": "pkg:ebuild/dev-java/openjdk@8.422_p05", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk@8.422_p05" }, { "url": "http://public2.vulnerablecode.io/api/packages/189487?format=api", "purl": "pkg:ebuild/dev-java/openjdk@11.0.24_p8", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk@11.0.24_p8" }, { "url": "http://public2.vulnerablecode.io/api/packages/189488?format=api", "purl": "pkg:ebuild/dev-java/openjdk@17.0.12_p7", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk@17.0.12_p7" } ], "aliases": [ "CVE-2024-20919" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-t82y-9a1j-6few" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/92211?format=api", "vulnerability_id": "VCID-uhzf-hpjc-afhv", "summary": "OpenJDK: certificate path validation issue during client authentication (8309966)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-22081.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-22081.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-22081", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00098", "scoring_system": "epss", "scoring_elements": "0.26843", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00098", "scoring_system": "epss", "scoring_elements": "0.26938", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00098", "scoring_system": "epss", "scoring_elements": "0.26946", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-22081" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22025", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22025" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22081", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22081" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243627", "reference_id": "2243627", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243627" }, { "reference_url": "https://www.debian.org/security/2023/dsa-5537", "reference_id": "dsa-5537", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T15:53:15Z/" } ], "url": "https://www.debian.org/security/2023/dsa-5537" }, { "reference_url": "https://www.debian.org/security/2023/dsa-5548", "reference_id": "dsa-5548", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T15:53:15Z/" } ], "url": "https://www.debian.org/security/2023/dsa-5548" }, { "reference_url": "https://security.gentoo.org/glsa/202412-07", "reference_id": "GLSA-202412-07", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-07" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00041.html", "reference_id": "msg00041.html", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T15:53:15Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00041.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20231027-0006/", "reference_id": "ntap-20231027-0006", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-03T15:53:15Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20231027-0006/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5725", "reference_id": "RHSA-2023:5725", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5725" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5726", "reference_id": "RHSA-2023:5726", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5726" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5727", "reference_id": "RHSA-2023:5727", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5727" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5728", "reference_id": "RHSA-2023:5728", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5728" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5729", "reference_id": "RHSA-2023:5729", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5729" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5730", "reference_id": "RHSA-2023:5730", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5730" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5731", "reference_id": "RHSA-2023:5731", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5731" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5732", "reference_id": "RHSA-2023:5732", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5732" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5733", "reference_id": "RHSA-2023:5733", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5733" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5734", "reference_id": "RHSA-2023:5734", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5734" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5735", "reference_id": "RHSA-2023:5735", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5735" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5736", "reference_id": "RHSA-2023:5736", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5736" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5737", "reference_id": "RHSA-2023:5737", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5737" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5739", "reference_id": "RHSA-2023:5739", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5739" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5740", "reference_id": "RHSA-2023:5740", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5740" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5741", "reference_id": "RHSA-2023:5741", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5741" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5742", "reference_id": "RHSA-2023:5742", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5742" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5743", "reference_id": "RHSA-2023:5743", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5743" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5744", "reference_id": "RHSA-2023:5744", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5744" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5745", "reference_id": "RHSA-2023:5745", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5745" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5746", "reference_id": "RHSA-2023:5746", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5746" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5747", "reference_id": "RHSA-2023:5747", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5747" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5750", "reference_id": "RHSA-2023:5750", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5750" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5751", "reference_id": "RHSA-2023:5751", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5751" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5752", "reference_id": "RHSA-2023:5752", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5752" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5753", "reference_id": "RHSA-2023:5753", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5753" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5761", "reference_id": "RHSA-2023:5761", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5761" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6738", "reference_id": "RHSA-2023:6738", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6738" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6887", "reference_id": "RHSA-2023:6887", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6887" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0866", "reference_id": "RHSA-2024:0866", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0866" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0879", "reference_id": "RHSA-2024:0879", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0879" }, { "reference_url": "https://usn.ubuntu.com/6527-1/", "reference_id": "USN-6527-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6527-1/" }, { "reference_url": "https://usn.ubuntu.com/6528-1/", "reference_id": "USN-6528-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6528-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/189486?format=api", "purl": "pkg:ebuild/dev-java/openjdk@8.422_p05", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk@8.422_p05" }, { "url": "http://public2.vulnerablecode.io/api/packages/189487?format=api", "purl": "pkg:ebuild/dev-java/openjdk@11.0.24_p8", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk@11.0.24_p8" }, { "url": "http://public2.vulnerablecode.io/api/packages/189488?format=api", "purl": "pkg:ebuild/dev-java/openjdk@17.0.12_p7", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk@17.0.12_p7" } ], "aliases": [ "CVE-2023-22081" ], "risk_score": 2.4, "exploitability": "0.5", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-uhzf-hpjc-afhv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/95343?format=api", "vulnerability_id": "VCID-wc2q-3w1y-h7gw", "summary": "OpenJDK: HTTP client insufficient file name validation (8302475)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-22006.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-22006.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-22006", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00143", "scoring_system": "epss", "scoring_elements": "0.34153", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00143", "scoring_system": "epss", "scoring_elements": "0.34268", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00143", "scoring_system": "epss", "scoring_elements": "0.34252", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-22006" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21930", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21930" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21937", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21937" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21938", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21938" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21939", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21939" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21954", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21954" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21967", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21967" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21968", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21968" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22006", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22006" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22036", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22036" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22041", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22041" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22045", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22045" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22049", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22049" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2221626", "reference_id": "2221626", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2221626" }, { "reference_url": "https://www.oracle.com/security-alerts/cpujul2023.html", "reference_id": "cpujul2023.html", "reference_type": "", "scores": [ { "value": "3.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-29T19:10:38Z/" } ], "url": "https://www.oracle.com/security-alerts/cpujul2023.html" }, { "reference_url": "https://www.debian.org/security/2023/dsa-5458", "reference_id": "dsa-5458", "reference_type": "", "scores": [ { "value": "3.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-29T19:10:38Z/" } ], "url": "https://www.debian.org/security/2023/dsa-5458" }, { "reference_url": "https://www.debian.org/security/2023/dsa-5478", "reference_id": "dsa-5478", "reference_type": "", "scores": [ { "value": "3.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-29T19:10:38Z/" } ], "url": "https://www.debian.org/security/2023/dsa-5478" }, { "reference_url": "https://security.gentoo.org/glsa/202407-24", "reference_id": "GLSA-202407-24", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202407-24" }, { "reference_url": "https://security.gentoo.org/glsa/202412-07", "reference_id": "GLSA-202412-07", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-07" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00018.html", "reference_id": "msg00018.html", "reference_type": "", "scores": [ { "value": "3.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-29T19:10:38Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00018.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20230725-0006/", "reference_id": "ntap-20230725-0006", "reference_type": "", "scores": [ { "value": "3.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-29T19:10:38Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20230725-0006/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4157", "reference_id": "RHSA-2023:4157", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4157" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4158", "reference_id": "RHSA-2023:4158", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4158" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4159", "reference_id": "RHSA-2023:4159", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4159" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4161", "reference_id": "RHSA-2023:4161", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4161" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4162", "reference_id": "RHSA-2023:4162", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4162" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4163", "reference_id": "RHSA-2023:4163", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4163" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4164", "reference_id": "RHSA-2023:4164", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4164" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4165", "reference_id": "RHSA-2023:4165", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4165" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4169", "reference_id": "RHSA-2023:4169", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4169" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4170", "reference_id": "RHSA-2023:4170", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4170" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4171", "reference_id": "RHSA-2023:4171", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4171" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4175", "reference_id": "RHSA-2023:4175", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4175" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4177", "reference_id": "RHSA-2023:4177", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4177" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4208", "reference_id": "RHSA-2023:4208", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4208" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4210", "reference_id": "RHSA-2023:4210", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4210" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4211", "reference_id": "RHSA-2023:4211", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4211" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4233", "reference_id": "RHSA-2023:4233", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4233" }, { "reference_url": "https://usn.ubuntu.com/6263-1/", "reference_id": "USN-6263-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6263-1/" }, { "reference_url": "https://usn.ubuntu.com/6272-1/", "reference_id": "USN-6272-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6272-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/189486?format=api", "purl": "pkg:ebuild/dev-java/openjdk@8.422_p05", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk@8.422_p05" }, { "url": "http://public2.vulnerablecode.io/api/packages/189487?format=api", "purl": "pkg:ebuild/dev-java/openjdk@11.0.24_p8", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk@11.0.24_p8" }, { "url": "http://public2.vulnerablecode.io/api/packages/189488?format=api", "purl": "pkg:ebuild/dev-java/openjdk@17.0.12_p7", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk@17.0.12_p7" } ], "aliases": [ "CVE-2023-22006" ], "risk_score": 1.4, "exploitability": "0.5", "weighted_severity": "2.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-wc2q-3w1y-h7gw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/95376?format=api", "vulnerability_id": "VCID-ws9k-anrz-1ubt", "summary": "OpenJDK: improper handling of slash characters in URI-to-path conversion (8305312)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-22049.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-22049.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-22049", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00083", "scoring_system": "epss", "scoring_elements": "0.24223", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00083", "scoring_system": "epss", "scoring_elements": "0.24304", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00083", "scoring_system": "epss", "scoring_elements": "0.24323", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-22049" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21930", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21930" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21937", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21937" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21938", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21938" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21939", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21939" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21954", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21954" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21967", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21967" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21968", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21968" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22006", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22006" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22036", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22036" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22041", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22041" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22045", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22045" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22049", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22049" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2221647", "reference_id": "2221647", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2221647" }, { "reference_url": "https://www.oracle.com/security-alerts/cpujul2023.html", "reference_id": "cpujul2023.html", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-22T16:37:01Z/" } ], "url": "https://www.oracle.com/security-alerts/cpujul2023.html" }, { "reference_url": "https://www.debian.org/security/2023/dsa-5458", "reference_id": "dsa-5458", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-22T16:37:01Z/" } ], "url": "https://www.debian.org/security/2023/dsa-5458" }, { "reference_url": "https://www.debian.org/security/2023/dsa-5478", "reference_id": "dsa-5478", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-22T16:37:01Z/" } ], "url": "https://www.debian.org/security/2023/dsa-5478" }, { "reference_url": "https://security.gentoo.org/glsa/202407-24", "reference_id": "GLSA-202407-24", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202407-24" }, { "reference_url": "https://security.gentoo.org/glsa/202412-07", "reference_id": "GLSA-202412-07", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-07" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00018.html", "reference_id": "msg00018.html", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-22T16:37:01Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00018.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20230725-0006/", "reference_id": "ntap-20230725-0006", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-22T16:37:01Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20230725-0006/" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20240621-0006/", "reference_id": "ntap-20240621-0006", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-22T16:37:01Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20240621-0006/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4157", "reference_id": "RHSA-2023:4157", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4157" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4158", "reference_id": "RHSA-2023:4158", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4158" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4159", "reference_id": "RHSA-2023:4159", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4159" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4161", "reference_id": "RHSA-2023:4161", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4161" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4162", "reference_id": "RHSA-2023:4162", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4162" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4163", "reference_id": "RHSA-2023:4163", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4163" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4164", "reference_id": "RHSA-2023:4164", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4164" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4165", "reference_id": "RHSA-2023:4165", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4165" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4166", "reference_id": "RHSA-2023:4166", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4166" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4167", "reference_id": "RHSA-2023:4167", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4167" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4168", "reference_id": "RHSA-2023:4168", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4168" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4169", "reference_id": "RHSA-2023:4169", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4169" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4170", "reference_id": "RHSA-2023:4170", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4170" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4171", "reference_id": "RHSA-2023:4171", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4171" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4172", "reference_id": "RHSA-2023:4172", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4172" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4173", "reference_id": "RHSA-2023:4173", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4173" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4174", "reference_id": "RHSA-2023:4174", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4174" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4175", "reference_id": "RHSA-2023:4175", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4175" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4176", "reference_id": "RHSA-2023:4176", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4176" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4177", "reference_id": "RHSA-2023:4177", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4177" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4178", "reference_id": "RHSA-2023:4178", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4178" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4208", "reference_id": "RHSA-2023:4208", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4208" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4209", "reference_id": "RHSA-2023:4209", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4209" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4210", "reference_id": "RHSA-2023:4210", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4210" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4211", "reference_id": "RHSA-2023:4211", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4211" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4212", "reference_id": "RHSA-2023:4212", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4212" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4233", "reference_id": "RHSA-2023:4233", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4233" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4876", "reference_id": "RHSA-2023:4876", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4876" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4877", "reference_id": "RHSA-2023:4877", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4877" }, { "reference_url": "https://usn.ubuntu.com/6263-1/", "reference_id": "USN-6263-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6263-1/" }, { "reference_url": "https://usn.ubuntu.com/6272-1/", "reference_id": "USN-6272-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6272-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/189486?format=api", "purl": "pkg:ebuild/dev-java/openjdk@8.422_p05", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk@8.422_p05" }, { "url": "http://public2.vulnerablecode.io/api/packages/189487?format=api", "purl": "pkg:ebuild/dev-java/openjdk@11.0.24_p8", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk@11.0.24_p8" }, { "url": "http://public2.vulnerablecode.io/api/packages/189488?format=api", "purl": "pkg:ebuild/dev-java/openjdk@17.0.12_p7", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk@17.0.12_p7" } ], "aliases": [ "CVE-2023-22049" ], "risk_score": 1.6, "exploitability": "0.5", "weighted_severity": "3.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ws9k-anrz-1ubt" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/91459?format=api", "vulnerability_id": "VCID-xk5g-kcya-fycf", "summary": "OpenJDK: RSA padding issue and timing side-channel attack against TLS (8317547)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-20952.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-20952.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-20952", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00319", "scoring_system": "epss", "scoring_elements": "0.55358", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00319", "scoring_system": "epss", "scoring_elements": "0.55353", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-20952" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20918", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20918" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20919", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20919" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20921", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20921" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20926", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20926" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20932", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20932" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20945", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20945" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20952", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20952" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2257837", "reference_id": "2257837", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2257837" }, { "reference_url": "https://security.gentoo.org/glsa/202412-07", "reference_id": "GLSA-202412-07", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-07" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2024/01/msg00023.html", "reference_id": "msg00023.html", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-01-25T05:01:04Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2024/01/msg00023.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20240201-0002/", "reference_id": "ntap-20240201-0002", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-01-25T05:01:04Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20240201-0002/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0222", "reference_id": "RHSA-2024:0222", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0222" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0223", "reference_id": "RHSA-2024:0223", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0223" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0224", "reference_id": "RHSA-2024:0224", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0224" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0225", "reference_id": "RHSA-2024:0225", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0225" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0226", "reference_id": "RHSA-2024:0226", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0226" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0228", "reference_id": "RHSA-2024:0228", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0228" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0230", "reference_id": "RHSA-2024:0230", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0230" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0231", "reference_id": "RHSA-2024:0231", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0231" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0232", "reference_id": "RHSA-2024:0232", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0232" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0233", "reference_id": "RHSA-2024:0233", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0233" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0234", "reference_id": "RHSA-2024:0234", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0234" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0235", "reference_id": "RHSA-2024:0235", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0235" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0237", "reference_id": "RHSA-2024:0237", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0237" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0239", "reference_id": "RHSA-2024:0239", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0239" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0240", "reference_id": "RHSA-2024:0240", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0240" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0241", "reference_id": "RHSA-2024:0241", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0241" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0242", "reference_id": "RHSA-2024:0242", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0242" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0244", "reference_id": "RHSA-2024:0244", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0244" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0246", "reference_id": "RHSA-2024:0246", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0246" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0247", "reference_id": "RHSA-2024:0247", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0247" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0248", "reference_id": "RHSA-2024:0248", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0248" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0249", "reference_id": "RHSA-2024:0249", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0249" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0250", "reference_id": "RHSA-2024:0250", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0250" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0265", "reference_id": "RHSA-2024:0265", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0265" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0266", "reference_id": "RHSA-2024:0266", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0266" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0267", "reference_id": "RHSA-2024:0267", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0267" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1481", "reference_id": "RHSA-2024:1481", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1481" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1482", "reference_id": "RHSA-2024:1482", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1482" }, { "reference_url": "https://usn.ubuntu.com/6660-1/", "reference_id": "USN-6660-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6660-1/" }, { "reference_url": "https://usn.ubuntu.com/6661-1/", "reference_id": "USN-6661-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6661-1/" }, { "reference_url": "https://usn.ubuntu.com/6662-1/", "reference_id": "USN-6662-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6662-1/" }, { "reference_url": "https://usn.ubuntu.com/6696-1/", "reference_id": "USN-6696-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6696-1/" }, { "reference_url": "https://usn.ubuntu.com/7096-1/", "reference_id": "USN-7096-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7096-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/189486?format=api", "purl": "pkg:ebuild/dev-java/openjdk@8.422_p05", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk@8.422_p05" }, { "url": "http://public2.vulnerablecode.io/api/packages/189487?format=api", "purl": "pkg:ebuild/dev-java/openjdk@11.0.24_p8", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk@11.0.24_p8" }, { "url": "http://public2.vulnerablecode.io/api/packages/189488?format=api", "purl": "pkg:ebuild/dev-java/openjdk@17.0.12_p7", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk@17.0.12_p7" } ], "aliases": [ "CVE-2024-20952" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.7", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-xk5g-kcya-fycf" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/91477?format=api", "vulnerability_id": "VCID-y2qt-658x-27c7", "summary": "OpenJDK: logging of digital signature private keys (8316976)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-20945.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-20945.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-20945", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00047", "scoring_system": "epss", "scoring_elements": "0.15036", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00047", "scoring_system": "epss", "scoring_elements": "0.15026", "published_at": "2026-06-06T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-20945" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20918", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20918" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20919", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20919" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20921", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20921" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20926", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20926" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20932", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20932" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20945", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20945" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20952", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20952" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2257874", "reference_id": "2257874", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2257874" }, { "reference_url": "https://security.gentoo.org/glsa/202412-07", "reference_id": "GLSA-202412-07", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-07" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0222", "reference_id": "RHSA-2024:0222", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0222" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0223", "reference_id": "RHSA-2024:0223", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0223" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0224", "reference_id": "RHSA-2024:0224", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0224" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0225", "reference_id": "RHSA-2024:0225", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0225" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0226", "reference_id": "RHSA-2024:0226", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0226" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0228", "reference_id": "RHSA-2024:0228", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0228" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0230", "reference_id": "RHSA-2024:0230", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0230" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0231", "reference_id": "RHSA-2024:0231", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0231" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0232", "reference_id": "RHSA-2024:0232", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0232" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0233", "reference_id": "RHSA-2024:0233", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0233" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0234", "reference_id": "RHSA-2024:0234", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0234" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0235", "reference_id": "RHSA-2024:0235", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0235" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0237", "reference_id": "RHSA-2024:0237", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0237" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0239", "reference_id": "RHSA-2024:0239", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0239" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0240", "reference_id": "RHSA-2024:0240", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0240" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0241", "reference_id": "RHSA-2024:0241", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0241" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0242", "reference_id": "RHSA-2024:0242", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0242" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0244", "reference_id": "RHSA-2024:0244", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0244" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0246", "reference_id": "RHSA-2024:0246", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0246" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0247", "reference_id": "RHSA-2024:0247", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0247" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0248", "reference_id": "RHSA-2024:0248", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0248" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0249", "reference_id": "RHSA-2024:0249", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0249" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0250", "reference_id": "RHSA-2024:0250", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0250" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0265", "reference_id": "RHSA-2024:0265", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0265" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0266", "reference_id": "RHSA-2024:0266", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0266" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0267", "reference_id": "RHSA-2024:0267", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0267" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1481", "reference_id": "RHSA-2024:1481", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1481" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1482", "reference_id": "RHSA-2024:1482", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1482" }, { "reference_url": "https://usn.ubuntu.com/6660-1/", "reference_id": "USN-6660-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6660-1/" }, { "reference_url": "https://usn.ubuntu.com/6661-1/", "reference_id": "USN-6661-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6661-1/" }, { "reference_url": "https://usn.ubuntu.com/6662-1/", "reference_id": "USN-6662-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6662-1/" }, { "reference_url": "https://usn.ubuntu.com/6696-1/", "reference_id": "USN-6696-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6696-1/" }, { "reference_url": "https://usn.ubuntu.com/7096-1/", "reference_id": "USN-7096-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7096-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/189486?format=api", "purl": "pkg:ebuild/dev-java/openjdk@8.422_p05", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk@8.422_p05" }, { "url": "http://public2.vulnerablecode.io/api/packages/189487?format=api", "purl": "pkg:ebuild/dev-java/openjdk@11.0.24_p8", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk@11.0.24_p8" }, { "url": "http://public2.vulnerablecode.io/api/packages/189488?format=api", "purl": "pkg:ebuild/dev-java/openjdk@17.0.12_p7", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk@17.0.12_p7" } ], "aliases": [ "CVE-2024-20945" ], "risk_score": 2.1, "exploitability": "0.5", "weighted_severity": "4.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-y2qt-658x-27c7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/92224?format=api", "vulnerability_id": "VCID-ywz4-n7hv-r7by", "summary": "OpenJDK: IOR deserialization issue in CORBA (8303384)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-22067.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-22067.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-22067", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00172", "scoring_system": "epss", "scoring_elements": "0.38358", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00172", "scoring_system": "epss", "scoring_elements": "0.38448", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00172", "scoring_system": "epss", "scoring_elements": "0.38445", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-22067" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243637", "reference_id": "2243637", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243637" }, { "reference_url": "https://www.debian.org/security/2023/dsa-5537", "reference_id": "dsa-5537", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-12T15:07:56Z/" } ], "url": "https://www.debian.org/security/2023/dsa-5537" }, { "reference_url": "https://security.gentoo.org/glsa/202412-07", "reference_id": "GLSA-202412-07", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-07" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20231027-0006/", "reference_id": "ntap-20231027-0006", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-12T15:07:56Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20231027-0006/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5725", "reference_id": "RHSA-2023:5725", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5725" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5726", "reference_id": "RHSA-2023:5726", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5726" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5727", "reference_id": "RHSA-2023:5727", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5727" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5728", "reference_id": "RHSA-2023:5728", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5728" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5729", "reference_id": "RHSA-2023:5729", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5729" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5730", "reference_id": "RHSA-2023:5730", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5730" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5731", "reference_id": "RHSA-2023:5731", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5731" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5732", "reference_id": "RHSA-2023:5732", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5732" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5733", "reference_id": "RHSA-2023:5733", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5733" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5761", "reference_id": "RHSA-2023:5761", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5761" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0866", "reference_id": "RHSA-2024:0866", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0866" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0879", "reference_id": "RHSA-2024:0879", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0879" }, { "reference_url": "https://usn.ubuntu.com/6528-1/", "reference_id": "USN-6528-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6528-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/189486?format=api", "purl": "pkg:ebuild/dev-java/openjdk@8.422_p05", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk@8.422_p05" }, { "url": "http://public2.vulnerablecode.io/api/packages/189487?format=api", "purl": "pkg:ebuild/dev-java/openjdk@11.0.24_p8", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk@11.0.24_p8" }, { "url": "http://public2.vulnerablecode.io/api/packages/189488?format=api", "purl": "pkg:ebuild/dev-java/openjdk@17.0.12_p7", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk@17.0.12_p7" } ], "aliases": [ "CVE-2023-22067" ], "risk_score": 2.4, "exploitability": "0.5", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ywz4-n7hv-r7by" } ], "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk@8.422_p05" }