Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/190339?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/190339?format=api", "purl": "pkg:ebuild/dev-java/openjdk-bin@17.0.2_p8", "type": "ebuild", "namespace": "dev-java", "name": "openjdk-bin", "version": "17.0.2_p8", "qualifiers": {}, "subpath": "", "is_vulnerable": false, "next_non_vulnerable_version": "17.0.7_p7", "latest_non_vulnerable_version": "17.0.12_p7", "affected_by_vulnerabilities": [], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96421?format=api", "vulnerability_id": "VCID-34f4-1cgf-mff6", "summary": "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21340.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21340.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-21340", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.05612", "scoring_system": "epss", "scoring_elements": "0.90485", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.05612", "scoring_system": "epss", "scoring_elements": "0.905", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-21340" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21248", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21248" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21277", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21277" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21282", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21282" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21283", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21283" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21291", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21291" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21293", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21293" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21294", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21294" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21296", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21296" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21299", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21299" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21305", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21305" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21340", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21340" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21341", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21341" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21360", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21360" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21365", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21365" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21366", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21366" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2041884", "reference_id": "2041884", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2041884" }, { "reference_url": "https://www.debian.org/security/2022/dsa-5057", "reference_id": "dsa-5057", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-28T01:09:22Z/" } ], "url": "https://www.debian.org/security/2022/dsa-5057" }, { "reference_url": "https://www.debian.org/security/2022/dsa-5058", "reference_id": "dsa-5058", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-28T01:09:22Z/" } ], "url": "https://www.debian.org/security/2022/dsa-5058" }, { "reference_url": "https://security.gentoo.org/glsa/202209-05", "reference_id": "GLSA-202209-05", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-28T01:09:22Z/" } ], "url": "https://security.gentoo.org/glsa/202209-05" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2022/02/msg00011.html", "reference_id": "msg00011.html", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-28T01:09:22Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2022/02/msg00011.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20220121-0007/", "reference_id": "ntap-20220121-0007", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-28T01:09:22Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20220121-0007/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0161", "reference_id": "RHSA-2022:0161", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0161" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0165", "reference_id": "RHSA-2022:0165", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0165" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0166", "reference_id": "RHSA-2022:0166", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0166" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0185", "reference_id": "RHSA-2022:0185", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0185" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0204", "reference_id": "RHSA-2022:0204", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0204" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0209", "reference_id": "RHSA-2022:0209", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0209" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0211", "reference_id": "RHSA-2022:0211", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0211" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0228", "reference_id": "RHSA-2022:0228", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0228" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0229", "reference_id": "RHSA-2022:0229", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0229" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0233", "reference_id": "RHSA-2022:0233", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0233" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0304", "reference_id": "RHSA-2022:0304", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0304" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0305", "reference_id": "RHSA-2022:0305", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0305" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0306", "reference_id": "RHSA-2022:0306", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0306" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0307", "reference_id": "RHSA-2022:0307", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0307" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0312", "reference_id": "RHSA-2022:0312", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0312" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0317", "reference_id": "RHSA-2022:0317", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0317" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0321", "reference_id": "RHSA-2022:0321", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0321" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0968", "reference_id": "RHSA-2022:0968", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0968" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0969", "reference_id": "RHSA-2022:0969", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0969" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0970", "reference_id": "RHSA-2022:0970", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0970" }, { "reference_url": "https://usn.ubuntu.com/5313-1/", "reference_id": "USN-5313-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5313-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/190337?format=api", "purl": "pkg:ebuild/dev-java/openjdk-bin@8.322_p06", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk-bin@8.322_p06" }, { "url": "http://public2.vulnerablecode.io/api/packages/190338?format=api", "purl": "pkg:ebuild/dev-java/openjdk-bin@11.0.14_p9", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk-bin@11.0.14_p9" }, { "url": "http://public2.vulnerablecode.io/api/packages/190339?format=api", "purl": "pkg:ebuild/dev-java/openjdk-bin@17.0.2_p8", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk-bin@17.0.2_p8" } ], "aliases": [ "CVE-2022-21340" ], "risk_score": 2.4, "exploitability": "0.5", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-34f4-1cgf-mff6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96424?format=api", "vulnerability_id": "VCID-4gfe-39tn-gyha", "summary": "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: ImageIO). Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21365.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21365.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-21365", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00117", "scoring_system": "epss", "scoring_elements": "0.30139", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00117", "scoring_system": "epss", "scoring_elements": "0.30213", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-21365" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21248", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21248" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21277", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21277" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21282", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21282" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21283", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21283" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21291", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21291" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21293", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21293" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21294", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21294" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21296", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21296" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21299", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21299" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21305", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21305" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21340", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21340" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21341", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21341" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21360", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21360" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21365", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21365" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21366", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21366" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2041785", "reference_id": "2041785", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2041785" }, { "reference_url": "https://www.debian.org/security/2022/dsa-5057", "reference_id": "dsa-5057", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-30T20:59:23Z/" } ], "url": "https://www.debian.org/security/2022/dsa-5057" }, { "reference_url": "https://www.debian.org/security/2022/dsa-5058", "reference_id": "dsa-5058", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-30T20:59:23Z/" } ], "url": "https://www.debian.org/security/2022/dsa-5058" }, { "reference_url": "https://security.gentoo.org/glsa/202209-05", "reference_id": "GLSA-202209-05", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-30T20:59:23Z/" } ], "url": "https://security.gentoo.org/glsa/202209-05" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2022/02/msg00011.html", "reference_id": "msg00011.html", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-30T20:59:23Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2022/02/msg00011.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20220121-0007/", "reference_id": "ntap-20220121-0007", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-30T20:59:23Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20220121-0007/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0161", "reference_id": "RHSA-2022:0161", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0161" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0165", "reference_id": "RHSA-2022:0165", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0165" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0166", "reference_id": "RHSA-2022:0166", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0166" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0185", "reference_id": "RHSA-2022:0185", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0185" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0204", "reference_id": "RHSA-2022:0204", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0204" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0209", "reference_id": "RHSA-2022:0209", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0209" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0211", "reference_id": "RHSA-2022:0211", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0211" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0228", "reference_id": "RHSA-2022:0228", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0228" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0229", "reference_id": "RHSA-2022:0229", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0229" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0233", "reference_id": "RHSA-2022:0233", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0233" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0304", "reference_id": "RHSA-2022:0304", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0304" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0305", "reference_id": "RHSA-2022:0305", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0305" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0306", "reference_id": "RHSA-2022:0306", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0306" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0307", "reference_id": "RHSA-2022:0307", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0307" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0312", "reference_id": "RHSA-2022:0312", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0312" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0317", "reference_id": "RHSA-2022:0317", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0317" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0321", "reference_id": "RHSA-2022:0321", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0321" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0968", "reference_id": "RHSA-2022:0968", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0968" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0969", "reference_id": "RHSA-2022:0969", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0969" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0970", "reference_id": "RHSA-2022:0970", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0970" }, { "reference_url": "https://usn.ubuntu.com/5313-1/", "reference_id": "USN-5313-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5313-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/190337?format=api", "purl": "pkg:ebuild/dev-java/openjdk-bin@8.322_p06", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk-bin@8.322_p06" }, { "url": "http://public2.vulnerablecode.io/api/packages/190338?format=api", "purl": "pkg:ebuild/dev-java/openjdk-bin@11.0.14_p9", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk-bin@11.0.14_p9" }, { "url": "http://public2.vulnerablecode.io/api/packages/190339?format=api", "purl": "pkg:ebuild/dev-java/openjdk-bin@17.0.2_p8", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk-bin@17.0.2_p8" } ], "aliases": [ "CVE-2022-21365" ], "risk_score": 2.4, "exploitability": "0.5", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4gfe-39tn-gyha" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96413?format=api", "vulnerability_id": "VCID-5nt3-j9sy-hkc1", "summary": "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JAXP). Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N).", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21282.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21282.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-21282", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00144", "scoring_system": "epss", "scoring_elements": "0.34372", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00144", "scoring_system": "epss", "scoring_elements": "0.3447", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-21282" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21248", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21248" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21277", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21277" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21282", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21282" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21283", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21283" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21291", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21291" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21293", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21293" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21294", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21294" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21296", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21296" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21299", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21299" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21305", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21305" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21340", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21340" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21341", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21341" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21360", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21360" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21365", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21365" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21366", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21366" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2041435", "reference_id": "2041435", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2041435" }, { "reference_url": "https://www.debian.org/security/2022/dsa-5057", "reference_id": "dsa-5057", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-20T16:54:44Z/" } ], "url": "https://www.debian.org/security/2022/dsa-5057" }, { "reference_url": "https://www.debian.org/security/2022/dsa-5058", "reference_id": "dsa-5058", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-20T16:54:44Z/" } ], "url": "https://www.debian.org/security/2022/dsa-5058" }, { "reference_url": "https://security.gentoo.org/glsa/202209-05", "reference_id": "GLSA-202209-05", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-20T16:54:44Z/" } ], "url": "https://security.gentoo.org/glsa/202209-05" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2022/02/msg00011.html", "reference_id": "msg00011.html", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-20T16:54:44Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2022/02/msg00011.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20220121-0007/", "reference_id": "ntap-20220121-0007", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-20T16:54:44Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20220121-0007/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0161", "reference_id": "RHSA-2022:0161", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0161" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0165", "reference_id": "RHSA-2022:0165", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0165" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0166", "reference_id": "RHSA-2022:0166", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0166" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0185", "reference_id": "RHSA-2022:0185", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0185" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0204", "reference_id": "RHSA-2022:0204", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0204" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0209", "reference_id": "RHSA-2022:0209", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0209" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0211", "reference_id": "RHSA-2022:0211", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0211" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0228", "reference_id": "RHSA-2022:0228", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0228" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0229", "reference_id": "RHSA-2022:0229", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0229" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0233", "reference_id": "RHSA-2022:0233", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0233" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0304", "reference_id": "RHSA-2022:0304", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0304" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0305", "reference_id": "RHSA-2022:0305", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0305" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0306", "reference_id": "RHSA-2022:0306", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0306" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0307", "reference_id": "RHSA-2022:0307", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0307" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0312", "reference_id": "RHSA-2022:0312", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0312" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0317", "reference_id": "RHSA-2022:0317", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0317" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0321", "reference_id": "RHSA-2022:0321", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0321" }, { "reference_url": "https://usn.ubuntu.com/5313-1/", "reference_id": "USN-5313-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5313-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/190337?format=api", "purl": "pkg:ebuild/dev-java/openjdk-bin@8.322_p06", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk-bin@8.322_p06" }, { "url": "http://public2.vulnerablecode.io/api/packages/190338?format=api", "purl": "pkg:ebuild/dev-java/openjdk-bin@11.0.14_p9", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk-bin@11.0.14_p9" }, { "url": "http://public2.vulnerablecode.io/api/packages/190339?format=api", "purl": "pkg:ebuild/dev-java/openjdk-bin@17.0.2_p8", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk-bin@17.0.2_p8" } ], "aliases": [ "CVE-2022-21282" ], "risk_score": 2.4, "exploitability": "0.5", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5nt3-j9sy-hkc1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/6949?format=api", "vulnerability_id": "VCID-754t-89mm-43h2", "summary": "multiple issues", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-35565.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-35565.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-35565", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00153", "scoring_system": "epss", "scoring_elements": "0.35697", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00153", "scoring_system": "epss", "scoring_elements": "0.35793", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-35565" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35550", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35550" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35556", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35556" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35559", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35559" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35561", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35561" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35564", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35564" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35565", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35565" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35567", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35567" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35578", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35578" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35586", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35586" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35603", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35603" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2014508", "reference_id": "2014508", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2014508" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6EUURAQOIJYFZHQ7DFZCO6IKDPIAWTNK/", "reference_id": "6EUURAQOIJYFZHQ7DFZCO6IKDPIAWTNK", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-25T19:32:11Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6EUURAQOIJYFZHQ7DFZCO6IKDPIAWTNK/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7WTVCIVHTX3XONYOEGUMLKCM4QEC6INT/", "reference_id": "7WTVCIVHTX3XONYOEGUMLKCM4QEC6INT", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-25T19:32:11Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7WTVCIVHTX3XONYOEGUMLKCM4QEC6INT/" }, { "reference_url": "https://security.archlinux.org/AVG-2478", "reference_id": "AVG-2478", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2478" }, { "reference_url": "https://security.archlinux.org/AVG-2479", "reference_id": "AVG-2479", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2479" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DJILEHYV2U37HKMGFEQ7CAVOV4DUWW2O/", "reference_id": "DJILEHYV2U37HKMGFEQ7CAVOV4DUWW2O", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-25T19:32:11Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DJILEHYV2U37HKMGFEQ7CAVOV4DUWW2O/" }, { "reference_url": "https://www.debian.org/security/2021/dsa-5000", "reference_id": "dsa-5000", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-25T19:32:11Z/" } ], "url": "https://www.debian.org/security/2021/dsa-5000" }, { "reference_url": "https://security.gentoo.org/glsa/202209-05", "reference_id": "GLSA-202209-05", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-25T19:32:11Z/" } ], "url": "https://security.gentoo.org/glsa/202209-05" }, { "reference_url": "https://security.gentoo.org/glsa/202409-26", "reference_id": "GLSA-202409-26", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202409-26" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GTYZWIXDFUV2H57YQZJWPOD3BC3I3EIQ/", "reference_id": "GTYZWIXDFUV2H57YQZJWPOD3BC3I3EIQ", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-25T19:32:11Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GTYZWIXDFUV2H57YQZJWPOD3BC3I3EIQ/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GXTUWAWXVU37GRNIG4TPMA47THO6VAE6/", "reference_id": "GXTUWAWXVU37GRNIG4TPMA47THO6VAE6", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-25T19:32:11Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GXTUWAWXVU37GRNIG4TPMA47THO6VAE6/" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2021/11/msg00008.html", "reference_id": "msg00008.html", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-25T19:32:11Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2021/11/msg00008.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20240621-0006/", "reference_id": "ntap-20240621-0006", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-25T19:32:11Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20240621-0006/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3884", "reference_id": "RHSA-2021:3884", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3884" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3885", "reference_id": "RHSA-2021:3885", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3885" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3886", "reference_id": "RHSA-2021:3886", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3886" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3887", "reference_id": "RHSA-2021:3887", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3887" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3889", "reference_id": "RHSA-2021:3889", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3889" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3891", "reference_id": "RHSA-2021:3891", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3891" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3892", "reference_id": "RHSA-2021:3892", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3892" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3893", "reference_id": "RHSA-2021:3893", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3893" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3960", "reference_id": "RHSA-2021:3960", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3960" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3961", "reference_id": "RHSA-2021:3961", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3961" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3967", "reference_id": "RHSA-2021:3967", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3967" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3968", "reference_id": "RHSA-2021:3968", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3968" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:5030", "reference_id": "RHSA-2021:5030", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:5030" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0310", "reference_id": "RHSA-2022:0310", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0310" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0345", "reference_id": "RHSA-2022:0345", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0345" }, { "reference_url": "https://usn.ubuntu.com/5202-1/", "reference_id": "USN-5202-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5202-1/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/V362B2BWTH5IJDL45QPQGMBKIQOG7JX5/", "reference_id": "V362B2BWTH5IJDL45QPQGMBKIQOG7JX5", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-25T19:32:11Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/V362B2BWTH5IJDL45QPQGMBKIQOG7JX5/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/190337?format=api", "purl": "pkg:ebuild/dev-java/openjdk-bin@8.322_p06", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk-bin@8.322_p06" }, { "url": "http://public2.vulnerablecode.io/api/packages/190338?format=api", "purl": "pkg:ebuild/dev-java/openjdk-bin@11.0.14_p9", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk-bin@11.0.14_p9" }, { "url": "http://public2.vulnerablecode.io/api/packages/190339?format=api", "purl": "pkg:ebuild/dev-java/openjdk-bin@17.0.2_p8", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk-bin@17.0.2_p8" } ], "aliases": [ "CVE-2021-35565" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-754t-89mm-43h2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96414?format=api", "vulnerability_id": "VCID-766u-6sxf-xyfc", "summary": "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Oracle Java SE: 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21283.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21283.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-21283", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00133", "scoring_system": "epss", "scoring_elements": "0.32358", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00133", "scoring_system": "epss", "scoring_elements": "0.32429", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-21283" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21248", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21248" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21277", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21277" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21282", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21282" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21283", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21283" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21291", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21291" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21293", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21293" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21294", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21294" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21296", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21296" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21299", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21299" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21305", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21305" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21340", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21340" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21341", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21341" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21360", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21360" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21365", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21365" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21366", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21366" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2041400", "reference_id": "2041400", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2041400" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2DIN3L6L3SVZK75CKW2GPSU4HIGZR7XG/", "reference_id": "2DIN3L6L3SVZK75CKW2GPSU4HIGZR7XG", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-08-15T14:45:26Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2DIN3L6L3SVZK75CKW2GPSU4HIGZR7XG/" }, { "reference_url": "https://www.debian.org/security/2022/dsa-5057", "reference_id": "dsa-5057", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-08-15T14:45:26Z/" } ], "url": "https://www.debian.org/security/2022/dsa-5057" }, { "reference_url": "https://www.debian.org/security/2022/dsa-5058", "reference_id": "dsa-5058", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-08-15T14:45:26Z/" } ], "url": "https://www.debian.org/security/2022/dsa-5058" }, { "reference_url": "https://security.gentoo.org/glsa/202209-05", "reference_id": "GLSA-202209-05", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-08-15T14:45:26Z/" } ], "url": "https://security.gentoo.org/glsa/202209-05" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2022/02/msg00011.html", "reference_id": "msg00011.html", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-08-15T14:45:26Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2022/02/msg00011.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20220121-0007/", "reference_id": "ntap-20220121-0007", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-08-15T14:45:26Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20220121-0007/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0161", "reference_id": "RHSA-2022:0161", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0161" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0165", "reference_id": "RHSA-2022:0165", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0165" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0166", "reference_id": "RHSA-2022:0166", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0166" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0185", "reference_id": "RHSA-2022:0185", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0185" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0204", "reference_id": "RHSA-2022:0204", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0204" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0209", "reference_id": "RHSA-2022:0209", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0209" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0211", "reference_id": "RHSA-2022:0211", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0211" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0228", "reference_id": "RHSA-2022:0228", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0228" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0229", "reference_id": "RHSA-2022:0229", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0229" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0233", "reference_id": "RHSA-2022:0233", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0233" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0304", "reference_id": "RHSA-2022:0304", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0304" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0305", "reference_id": "RHSA-2022:0305", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0305" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0306", "reference_id": "RHSA-2022:0306", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0306" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0307", "reference_id": "RHSA-2022:0307", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0307" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0312", "reference_id": "RHSA-2022:0312", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0312" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0317", "reference_id": "RHSA-2022:0317", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0317" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0321", "reference_id": "RHSA-2022:0321", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0321" }, { "reference_url": "https://usn.ubuntu.com/5313-1/", "reference_id": "USN-5313-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5313-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/190337?format=api", "purl": "pkg:ebuild/dev-java/openjdk-bin@8.322_p06", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk-bin@8.322_p06" }, { "url": "http://public2.vulnerablecode.io/api/packages/190338?format=api", "purl": "pkg:ebuild/dev-java/openjdk-bin@11.0.14_p9", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk-bin@11.0.14_p9" }, { "url": "http://public2.vulnerablecode.io/api/packages/190339?format=api", "purl": "pkg:ebuild/dev-java/openjdk-bin@17.0.2_p8", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk-bin@17.0.2_p8" } ], "aliases": [ "CVE-2022-21283" ], "risk_score": 2.4, "exploitability": "0.5", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-766u-6sxf-xyfc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96409?format=api", "vulnerability_id": "VCID-895e-vekz-yyag", "summary": "Vulnerability in the Java SE product of Oracle Java SE (component: JNDI). The supported version that is affected is Java SE: 7u301. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 3.7 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L).", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-2432.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-2432.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-2432", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00233", "scoring_system": "epss", "scoring_elements": "0.46282", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00233", "scoring_system": "epss", "scoring_elements": "0.4635", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-2432" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1994980", "reference_id": "1994980", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1994980" }, { "reference_url": "https://security.gentoo.org/glsa/202209-05", "reference_id": "GLSA-202209-05", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-25T19:15:34Z/" } ], "url": "https://security.gentoo.org/glsa/202209-05" }, { "reference_url": "https://security.gentoo.org/glsa/202409-26", "reference_id": "GLSA-202409-26", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202409-26" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20210723-0002/", "reference_id": "ntap-20210723-0002", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-25T19:15:34Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20210723-0002/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3293", "reference_id": "RHSA-2021:3293", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3293" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/190337?format=api", "purl": "pkg:ebuild/dev-java/openjdk-bin@8.322_p06", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk-bin@8.322_p06" }, { "url": "http://public2.vulnerablecode.io/api/packages/190338?format=api", "purl": "pkg:ebuild/dev-java/openjdk-bin@11.0.14_p9", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk-bin@11.0.14_p9" }, { "url": "http://public2.vulnerablecode.io/api/packages/190339?format=api", "purl": "pkg:ebuild/dev-java/openjdk-bin@17.0.2_p8", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk-bin@17.0.2_p8" } ], "aliases": [ "CVE-2021-2432" ], "risk_score": 1.6, "exploitability": "0.5", "weighted_severity": "3.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-895e-vekz-yyag" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96425?format=api", "vulnerability_id": "VCID-8gzb-g6vx-mqbj", "summary": "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: ImageIO). Supported versions that are affected are Oracle Java SE: 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21366.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21366.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-21366", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01201", "scoring_system": "epss", "scoring_elements": "0.79252", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.01201", "scoring_system": "epss", "scoring_elements": "0.79278", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-21366" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21248", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21248" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21277", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21277" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21282", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21282" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21283", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21283" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21291", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21291" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21293", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21293" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21294", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21294" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21296", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21296" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21299", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21299" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21305", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21305" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21340", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21340" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21341", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21341" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21360", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21360" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21365", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21365" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21366", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21366" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2041789", "reference_id": "2041789", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2041789" }, { "reference_url": "https://www.debian.org/security/2022/dsa-5057", "reference_id": "dsa-5057", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-08-15T14:45:04Z/" } ], "url": "https://www.debian.org/security/2022/dsa-5057" }, { "reference_url": "https://www.debian.org/security/2022/dsa-5058", "reference_id": "dsa-5058", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-08-15T14:45:04Z/" } ], "url": "https://www.debian.org/security/2022/dsa-5058" }, { "reference_url": "https://security.gentoo.org/glsa/202209-05", "reference_id": "GLSA-202209-05", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-08-15T14:45:04Z/" } ], "url": "https://security.gentoo.org/glsa/202209-05" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20220121-0007/", "reference_id": "ntap-20220121-0007", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-08-15T14:45:04Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20220121-0007/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0161", "reference_id": "RHSA-2022:0161", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0161" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0165", "reference_id": "RHSA-2022:0165", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0165" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0166", "reference_id": "RHSA-2022:0166", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0166" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0185", "reference_id": "RHSA-2022:0185", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0185" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0204", "reference_id": "RHSA-2022:0204", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0204" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0209", "reference_id": "RHSA-2022:0209", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0209" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0211", "reference_id": "RHSA-2022:0211", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0211" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0228", "reference_id": "RHSA-2022:0228", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0228" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0229", "reference_id": "RHSA-2022:0229", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0229" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0233", "reference_id": "RHSA-2022:0233", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0233" }, { "reference_url": "https://usn.ubuntu.com/5313-1/", "reference_id": "USN-5313-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5313-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/190337?format=api", "purl": "pkg:ebuild/dev-java/openjdk-bin@8.322_p06", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk-bin@8.322_p06" }, { "url": "http://public2.vulnerablecode.io/api/packages/190338?format=api", "purl": "pkg:ebuild/dev-java/openjdk-bin@11.0.14_p9", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk-bin@11.0.14_p9" }, { "url": "http://public2.vulnerablecode.io/api/packages/190339?format=api", "purl": "pkg:ebuild/dev-java/openjdk-bin@17.0.2_p8", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk-bin@17.0.2_p8" } ], "aliases": [ "CVE-2022-21366" ], "risk_score": 2.4, "exploitability": "0.5", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8gzb-g6vx-mqbj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3315?format=api", "vulnerability_id": "VCID-9awt-wevr-53d7", "summary": "multiple issues", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-2341.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-2341.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-2341", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00378", "scoring_system": "epss", "scoring_elements": "0.5969", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00378", "scoring_system": "epss", "scoring_elements": "0.59639", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-2341" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-2341", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-2341" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-2369", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-2369" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-2388", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-2388" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1982874", "reference_id": "1982874", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1982874" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/A4TTUHVQF2MGUTP6GTCXLZS4GXK3XUWC/", "reference_id": "A4TTUHVQF2MGUTP6GTCXLZS4GXK3XUWC", "reference_type": "", "scores": [ { "value": "3.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T13:52:12Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/A4TTUHVQF2MGUTP6GTCXLZS4GXK3XUWC/" }, { "reference_url": "https://security.archlinux.org/ASA-202107-53", "reference_id": "ASA-202107-53", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202107-53" }, { "reference_url": "https://security.archlinux.org/ASA-202107-54", "reference_id": "ASA-202107-54", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202107-54" }, { "reference_url": "https://security.archlinux.org/ASA-202107-65", "reference_id": "ASA-202107-65", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202107-65" }, { "reference_url": "https://security.archlinux.org/ASA-202107-66", "reference_id": "ASA-202107-66", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202107-66" }, { "reference_url": "https://security.archlinux.org/AVG-2188", "reference_id": "AVG-2188", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2188" }, { "reference_url": "https://security.archlinux.org/AVG-2189", "reference_id": "AVG-2189", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2189" }, { "reference_url": "https://security.archlinux.org/AVG-2190", "reference_id": "AVG-2190", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2190" }, { "reference_url": "https://www.debian.org/security/2021/dsa-4946", "reference_id": "dsa-4946", "reference_type": "", "scores": [ { "value": "3.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T13:52:12Z/" } ], "url": "https://www.debian.org/security/2021/dsa-4946" }, { "reference_url": "https://security.gentoo.org/glsa/202209-05", "reference_id": "GLSA-202209-05", "reference_type": "", "scores": [ { "value": "3.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T13:52:12Z/" } ], "url": "https://security.gentoo.org/glsa/202209-05" }, { "reference_url": "https://security.gentoo.org/glsa/202409-26", "reference_id": "GLSA-202409-26", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202409-26" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2021/08/msg00011.html", "reference_id": "msg00011.html", "reference_type": "", "scores": [ { "value": "3.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T13:52:12Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2021/08/msg00011.html" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/N57OFX5EJKHHDW4WAOBZFWA5CL4VIIK5/", "reference_id": "N57OFX5EJKHHDW4WAOBZFWA5CL4VIIK5", "reference_type": "", "scores": [ { "value": "3.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T13:52:12Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/N57OFX5EJKHHDW4WAOBZFWA5CL4VIIK5/" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20210723-0002/", "reference_id": "ntap-20210723-0002", "reference_type": "", "scores": [ { "value": "3.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T13:52:12Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20210723-0002/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PJJ75FHSUZGWPV4UJTSMQHWLOQ77LHTG/", "reference_id": "PJJ75FHSUZGWPV4UJTSMQHWLOQ77LHTG", "reference_type": "", "scores": [ { "value": "3.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T13:52:12Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PJJ75FHSUZGWPV4UJTSMQHWLOQ77LHTG/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2774", "reference_id": "RHSA-2021:2774", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2774" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2775", "reference_id": "RHSA-2021:2775", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2775" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2776", "reference_id": "RHSA-2021:2776", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2776" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2777", "reference_id": "RHSA-2021:2777", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2777" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2778", "reference_id": "RHSA-2021:2778", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2778" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2779", "reference_id": "RHSA-2021:2779", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2779" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2780", "reference_id": "RHSA-2021:2780", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2780" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2781", "reference_id": "RHSA-2021:2781", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2781" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2782", "reference_id": "RHSA-2021:2782", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2782" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2783", "reference_id": "RHSA-2021:2783", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2783" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2784", "reference_id": "RHSA-2021:2784", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2784" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2845", "reference_id": "RHSA-2021:2845", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2845" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3292", "reference_id": "RHSA-2021:3292", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3292" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3293", "reference_id": "RHSA-2021:3293", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3293" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4089", "reference_id": "RHSA-2021:4089", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4089" }, { "reference_url": "https://usn.ubuntu.com/5202-1/", "reference_id": "USN-5202-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5202-1/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VTRQIXB52KIXUAO6JBYUKYWXST2NKNAK/", "reference_id": "VTRQIXB52KIXUAO6JBYUKYWXST2NKNAK", "reference_type": "", "scores": [ { "value": "3.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T13:52:12Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VTRQIXB52KIXUAO6JBYUKYWXST2NKNAK/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/190337?format=api", "purl": "pkg:ebuild/dev-java/openjdk-bin@8.322_p06", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk-bin@8.322_p06" }, { "url": "http://public2.vulnerablecode.io/api/packages/190338?format=api", "purl": "pkg:ebuild/dev-java/openjdk-bin@11.0.14_p9", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk-bin@11.0.14_p9" }, { "url": "http://public2.vulnerablecode.io/api/packages/190339?format=api", "purl": "pkg:ebuild/dev-java/openjdk-bin@17.0.2_p8", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk-bin@17.0.2_p8" } ], "aliases": [ "CVE-2021-2341" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-9awt-wevr-53d7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/6946?format=api", "vulnerability_id": "VCID-9q99-7g57-kkg9", "summary": "multiple issues", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-35586.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-35586.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-35586", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00167", "scoring_system": "epss", "scoring_elements": "0.37584", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00167", "scoring_system": "epss", "scoring_elements": "0.37491", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-35586" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35550", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35550" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35556", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35556" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35559", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35559" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35561", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35561" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35564", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35564" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35565", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35565" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35567", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35567" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35578", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35578" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35586", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35586" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35603", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35603" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2015308", "reference_id": "2015308", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2015308" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6EUURAQOIJYFZHQ7DFZCO6IKDPIAWTNK/", "reference_id": "6EUURAQOIJYFZHQ7DFZCO6IKDPIAWTNK", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-25T19:32:02Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6EUURAQOIJYFZHQ7DFZCO6IKDPIAWTNK/" }, { "reference_url": "https://security.archlinux.org/AVG-2477", "reference_id": "AVG-2477", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2477" }, { "reference_url": "https://security.archlinux.org/AVG-2478", "reference_id": "AVG-2478", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2478" }, { "reference_url": "https://security.archlinux.org/AVG-2479", "reference_id": "AVG-2479", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2479" }, { "reference_url": "https://www.debian.org/security/2021/dsa-5000", "reference_id": "dsa-5000", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-25T19:32:02Z/" } ], "url": "https://www.debian.org/security/2021/dsa-5000" }, { "reference_url": "https://www.debian.org/security/2021/dsa-5012", "reference_id": "dsa-5012", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-25T19:32:02Z/" } ], "url": "https://www.debian.org/security/2021/dsa-5012" }, { "reference_url": "https://security.gentoo.org/glsa/202209-05", "reference_id": "GLSA-202209-05", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-25T19:32:02Z/" } ], "url": "https://security.gentoo.org/glsa/202209-05" }, { "reference_url": "https://security.gentoo.org/glsa/202409-26", "reference_id": "GLSA-202409-26", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202409-26" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GTYZWIXDFUV2H57YQZJWPOD3BC3I3EIQ/", "reference_id": "GTYZWIXDFUV2H57YQZJWPOD3BC3I3EIQ", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-25T19:32:02Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GTYZWIXDFUV2H57YQZJWPOD3BC3I3EIQ/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GXTUWAWXVU37GRNIG4TPMA47THO6VAE6/", "reference_id": "GXTUWAWXVU37GRNIG4TPMA47THO6VAE6", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-25T19:32:02Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GXTUWAWXVU37GRNIG4TPMA47THO6VAE6/" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2021/11/msg00008.html", "reference_id": "msg00008.html", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-25T19:32:02Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2021/11/msg00008.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20240621-0006/", "reference_id": "ntap-20240621-0006", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-25T19:32:02Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20240621-0006/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3884", "reference_id": "RHSA-2021:3884", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3884" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3885", "reference_id": "RHSA-2021:3885", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3885" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3886", "reference_id": "RHSA-2021:3886", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3886" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3887", "reference_id": "RHSA-2021:3887", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3887" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3889", "reference_id": "RHSA-2021:3889", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3889" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3891", "reference_id": "RHSA-2021:3891", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3891" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3892", "reference_id": "RHSA-2021:3892", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3892" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3893", "reference_id": "RHSA-2021:3893", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3893" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3960", "reference_id": "RHSA-2021:3960", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3960" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3961", "reference_id": "RHSA-2021:3961", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3961" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3967", "reference_id": "RHSA-2021:3967", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3967" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3968", "reference_id": "RHSA-2021:3968", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3968" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4135", "reference_id": "RHSA-2021:4135", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4135" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4531", "reference_id": "RHSA-2021:4531", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4531" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4532", "reference_id": "RHSA-2021:4532", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4532" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:5030", "reference_id": "RHSA-2021:5030", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:5030" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0310", "reference_id": "RHSA-2022:0310", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0310" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0345", "reference_id": "RHSA-2022:0345", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0345" }, { "reference_url": "https://usn.ubuntu.com/5202-1/", "reference_id": "USN-5202-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5202-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/190337?format=api", "purl": "pkg:ebuild/dev-java/openjdk-bin@8.322_p06", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk-bin@8.322_p06" }, { "url": "http://public2.vulnerablecode.io/api/packages/190338?format=api", "purl": "pkg:ebuild/dev-java/openjdk-bin@11.0.14_p9", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk-bin@11.0.14_p9" }, { "url": "http://public2.vulnerablecode.io/api/packages/190339?format=api", "purl": "pkg:ebuild/dev-java/openjdk-bin@17.0.2_p8", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk-bin@17.0.2_p8" } ], "aliases": [ "CVE-2021-35586" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-9q99-7g57-kkg9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/6952?format=api", "vulnerability_id": "VCID-ajdd-f5y6-ykbf", "summary": "multiple issues", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-35559.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-35559.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-35559", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00117", "scoring_system": "epss", "scoring_elements": "0.30218", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00117", "scoring_system": "epss", "scoring_elements": "0.30144", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-35559" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35550", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35550" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35556", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35556" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35559", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35559" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35561", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35561" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35564", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35564" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35565", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35565" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35567", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35567" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35578", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35578" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35586", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35586" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35603", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35603" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2014518", "reference_id": "2014518", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2014518" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6EUURAQOIJYFZHQ7DFZCO6IKDPIAWTNK/", "reference_id": "6EUURAQOIJYFZHQ7DFZCO6IKDPIAWTNK", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-06-25T16:02:35Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6EUURAQOIJYFZHQ7DFZCO6IKDPIAWTNK/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7WTVCIVHTX3XONYOEGUMLKCM4QEC6INT/", "reference_id": "7WTVCIVHTX3XONYOEGUMLKCM4QEC6INT", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-06-25T16:02:35Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7WTVCIVHTX3XONYOEGUMLKCM4QEC6INT/" }, { "reference_url": "https://security.archlinux.org/AVG-2477", "reference_id": "AVG-2477", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2477" }, { "reference_url": "https://security.archlinux.org/AVG-2478", "reference_id": "AVG-2478", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2478" }, { "reference_url": "https://security.archlinux.org/AVG-2479", "reference_id": "AVG-2479", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2479" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DJILEHYV2U37HKMGFEQ7CAVOV4DUWW2O/", "reference_id": "DJILEHYV2U37HKMGFEQ7CAVOV4DUWW2O", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-06-25T16:02:35Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DJILEHYV2U37HKMGFEQ7CAVOV4DUWW2O/" }, { "reference_url": "https://www.debian.org/security/2021/dsa-5000", "reference_id": "dsa-5000", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-06-25T16:02:35Z/" } ], "url": "https://www.debian.org/security/2021/dsa-5000" }, { "reference_url": "https://www.debian.org/security/2021/dsa-5012", "reference_id": "dsa-5012", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-06-25T16:02:35Z/" } ], "url": "https://www.debian.org/security/2021/dsa-5012" }, { "reference_url": "https://security.gentoo.org/glsa/202209-05", "reference_id": "GLSA-202209-05", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-06-25T16:02:35Z/" } ], "url": "https://security.gentoo.org/glsa/202209-05" }, { "reference_url": "https://security.gentoo.org/glsa/202409-26", "reference_id": "GLSA-202409-26", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202409-26" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GTYZWIXDFUV2H57YQZJWPOD3BC3I3EIQ/", "reference_id": "GTYZWIXDFUV2H57YQZJWPOD3BC3I3EIQ", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-06-25T16:02:35Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GTYZWIXDFUV2H57YQZJWPOD3BC3I3EIQ/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GXTUWAWXVU37GRNIG4TPMA47THO6VAE6/", "reference_id": "GXTUWAWXVU37GRNIG4TPMA47THO6VAE6", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-06-25T16:02:35Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GXTUWAWXVU37GRNIG4TPMA47THO6VAE6/" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2021/11/msg00008.html", "reference_id": "msg00008.html", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-06-25T16:02:35Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2021/11/msg00008.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20240621-0006/", "reference_id": "ntap-20240621-0006", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-06-25T16:02:35Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20240621-0006/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3884", "reference_id": "RHSA-2021:3884", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3884" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3885", "reference_id": "RHSA-2021:3885", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3885" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3886", "reference_id": "RHSA-2021:3886", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3886" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3887", "reference_id": "RHSA-2021:3887", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3887" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3889", "reference_id": "RHSA-2021:3889", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3889" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3891", "reference_id": "RHSA-2021:3891", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3891" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3892", "reference_id": "RHSA-2021:3892", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3892" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3893", "reference_id": "RHSA-2021:3893", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3893" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3960", "reference_id": "RHSA-2021:3960", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3960" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3961", "reference_id": "RHSA-2021:3961", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3961" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3967", "reference_id": "RHSA-2021:3967", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3967" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3968", "reference_id": "RHSA-2021:3968", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3968" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4135", "reference_id": "RHSA-2021:4135", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4135" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4531", "reference_id": "RHSA-2021:4531", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4531" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4532", "reference_id": "RHSA-2021:4532", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4532" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:5030", "reference_id": "RHSA-2021:5030", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:5030" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0310", "reference_id": "RHSA-2022:0310", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0310" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0345", "reference_id": "RHSA-2022:0345", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0345" }, { "reference_url": "https://usn.ubuntu.com/5202-1/", "reference_id": "USN-5202-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5202-1/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/V362B2BWTH5IJDL45QPQGMBKIQOG7JX5/", "reference_id": "V362B2BWTH5IJDL45QPQGMBKIQOG7JX5", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-06-25T16:02:35Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/V362B2BWTH5IJDL45QPQGMBKIQOG7JX5/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/190337?format=api", "purl": "pkg:ebuild/dev-java/openjdk-bin@8.322_p06", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk-bin@8.322_p06" }, { "url": "http://public2.vulnerablecode.io/api/packages/190338?format=api", "purl": "pkg:ebuild/dev-java/openjdk-bin@11.0.14_p9", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk-bin@11.0.14_p9" }, { "url": "http://public2.vulnerablecode.io/api/packages/190339?format=api", "purl": "pkg:ebuild/dev-java/openjdk-bin@17.0.2_p8", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk-bin@17.0.2_p8" } ], "aliases": [ "CVE-2021-35559" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ajdd-f5y6-ykbf" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3314?format=api", "vulnerability_id": "VCID-bn6d-evcd-mfdd", "summary": "multiple issues", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-2369.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-2369.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-2369", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00376", "scoring_system": "epss", "scoring_elements": "0.59537", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00376", "scoring_system": "epss", "scoring_elements": "0.59487", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-2369" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-2341", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-2341" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-2369", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-2369" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-2388", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-2388" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1982879", "reference_id": "1982879", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T13:52:28Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1982879" }, { "reference_url": "https://security.archlinux.org/ASA-202107-53", "reference_id": "ASA-202107-53", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202107-53" }, { "reference_url": "https://security.archlinux.org/ASA-202107-54", "reference_id": "ASA-202107-54", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202107-54" }, { "reference_url": "https://security.archlinux.org/ASA-202107-65", "reference_id": "ASA-202107-65", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202107-65" }, { "reference_url": "https://security.archlinux.org/ASA-202107-66", "reference_id": "ASA-202107-66", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202107-66" }, { "reference_url": "https://security.archlinux.org/AVG-2188", "reference_id": "AVG-2188", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2188" }, { "reference_url": "https://security.archlinux.org/AVG-2189", "reference_id": "AVG-2189", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2189" }, { "reference_url": "https://security.archlinux.org/AVG-2190", "reference_id": "AVG-2190", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2190" }, { "reference_url": "https://www.debian.org/security/2021/dsa-4946", "reference_id": "dsa-4946", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T13:52:28Z/" } ], "url": "https://www.debian.org/security/2021/dsa-4946" }, { "reference_url": "https://security.gentoo.org/glsa/202209-05", "reference_id": "GLSA-202209-05", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T13:52:28Z/" } ], "url": "https://security.gentoo.org/glsa/202209-05" }, { "reference_url": "https://security.gentoo.org/glsa/202409-26", "reference_id": "GLSA-202409-26", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202409-26" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2021/08/msg00011.html", "reference_id": "msg00011.html", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T13:52:28Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2021/08/msg00011.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20210723-0002/", "reference_id": "ntap-20210723-0002", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T13:52:28Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20210723-0002/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2774", "reference_id": "RHSA-2021:2774", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2774" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2775", "reference_id": "RHSA-2021:2775", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2775" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2776", "reference_id": "RHSA-2021:2776", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2776" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2777", "reference_id": "RHSA-2021:2777", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2777" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2778", "reference_id": "RHSA-2021:2778", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2778" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2779", "reference_id": "RHSA-2021:2779", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2779" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2780", "reference_id": "RHSA-2021:2780", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2780" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2781", "reference_id": "RHSA-2021:2781", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2781" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2782", "reference_id": "RHSA-2021:2782", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2782" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2783", "reference_id": "RHSA-2021:2783", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2783" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2784", "reference_id": "RHSA-2021:2784", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2784" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2845", "reference_id": "RHSA-2021:2845", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2845" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3292", "reference_id": "RHSA-2021:3292", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3292" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3293", "reference_id": "RHSA-2021:3293", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3293" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4089", "reference_id": "RHSA-2021:4089", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4089" }, { "reference_url": "https://usn.ubuntu.com/5202-1/", "reference_id": "USN-5202-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5202-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/190337?format=api", "purl": "pkg:ebuild/dev-java/openjdk-bin@8.322_p06", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk-bin@8.322_p06" }, { "url": "http://public2.vulnerablecode.io/api/packages/190338?format=api", "purl": "pkg:ebuild/dev-java/openjdk-bin@11.0.14_p9", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk-bin@11.0.14_p9" }, { "url": "http://public2.vulnerablecode.io/api/packages/190339?format=api", "purl": "pkg:ebuild/dev-java/openjdk-bin@17.0.2_p8", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk-bin@17.0.2_p8" } ], "aliases": [ "CVE-2021-2369" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-bn6d-evcd-mfdd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/6948?format=api", "vulnerability_id": "VCID-cwky-3rmp-97b4", "summary": "multiple issues", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-35567.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-35567.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-35567", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00162", "scoring_system": "epss", "scoring_elements": "0.36892", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00162", "scoring_system": "epss", "scoring_elements": "0.368", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-35567" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35550", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35550" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35556", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35556" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35559", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35559" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35561", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35561" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35564", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35564" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35565", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35565" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35567", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35567" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35578", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35578" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35586", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35586" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35603", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35603" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2015658", "reference_id": "2015658", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2015658" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6EUURAQOIJYFZHQ7DFZCO6IKDPIAWTNK/", "reference_id": "6EUURAQOIJYFZHQ7DFZCO6IKDPIAWTNK", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-25T19:14:55Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6EUURAQOIJYFZHQ7DFZCO6IKDPIAWTNK/" }, { "reference_url": "https://security.archlinux.org/AVG-2477", "reference_id": "AVG-2477", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2477" }, { "reference_url": "https://security.archlinux.org/AVG-2478", "reference_id": "AVG-2478", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2478" }, { "reference_url": "https://security.archlinux.org/AVG-2479", "reference_id": "AVG-2479", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2479" }, { "reference_url": "https://www.debian.org/security/2021/dsa-5000", "reference_id": "dsa-5000", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-25T19:14:55Z/" } ], "url": "https://www.debian.org/security/2021/dsa-5000" }, { "reference_url": "https://www.debian.org/security/2021/dsa-5012", "reference_id": "dsa-5012", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-25T19:14:55Z/" } ], "url": "https://www.debian.org/security/2021/dsa-5012" }, { "reference_url": "https://security.gentoo.org/glsa/202209-05", "reference_id": "GLSA-202209-05", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-25T19:14:55Z/" } ], "url": "https://security.gentoo.org/glsa/202209-05" }, { "reference_url": "https://security.gentoo.org/glsa/202409-26", "reference_id": "GLSA-202409-26", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202409-26" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GTYZWIXDFUV2H57YQZJWPOD3BC3I3EIQ/", "reference_id": "GTYZWIXDFUV2H57YQZJWPOD3BC3I3EIQ", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-25T19:14:55Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GTYZWIXDFUV2H57YQZJWPOD3BC3I3EIQ/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GXTUWAWXVU37GRNIG4TPMA47THO6VAE6/", "reference_id": "GXTUWAWXVU37GRNIG4TPMA47THO6VAE6", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-25T19:14:55Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GXTUWAWXVU37GRNIG4TPMA47THO6VAE6/" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2021/11/msg00008.html", "reference_id": "msg00008.html", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-25T19:14:55Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2021/11/msg00008.html" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3884", "reference_id": "RHSA-2021:3884", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3884" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3885", "reference_id": "RHSA-2021:3885", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3885" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3886", "reference_id": "RHSA-2021:3886", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3886" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3887", "reference_id": "RHSA-2021:3887", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3887" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3889", "reference_id": "RHSA-2021:3889", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3889" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3891", "reference_id": "RHSA-2021:3891", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3891" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3892", "reference_id": "RHSA-2021:3892", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3892" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3893", "reference_id": "RHSA-2021:3893", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3893" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3960", "reference_id": "RHSA-2021:3960", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3960" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3961", "reference_id": "RHSA-2021:3961", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3961" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3967", "reference_id": "RHSA-2021:3967", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3967" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3968", "reference_id": "RHSA-2021:3968", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3968" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4135", "reference_id": "RHSA-2021:4135", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4135" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4531", "reference_id": "RHSA-2021:4531", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4531" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4532", "reference_id": "RHSA-2021:4532", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4532" }, { "reference_url": "https://usn.ubuntu.com/5202-1/", "reference_id": "USN-5202-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5202-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/190337?format=api", "purl": "pkg:ebuild/dev-java/openjdk-bin@8.322_p06", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk-bin@8.322_p06" }, { "url": "http://public2.vulnerablecode.io/api/packages/190338?format=api", "purl": "pkg:ebuild/dev-java/openjdk-bin@11.0.14_p9", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk-bin@11.0.14_p9" }, { "url": "http://public2.vulnerablecode.io/api/packages/190339?format=api", "purl": "pkg:ebuild/dev-java/openjdk-bin@17.0.2_p8", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk-bin@17.0.2_p8" } ], "aliases": [ "CVE-2021-35567" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-cwky-3rmp-97b4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96415?format=api", "vulnerability_id": "VCID-d7ba-cav8-fyac", "summary": "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N).", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21291.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21291.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-21291", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00111", "scoring_system": "epss", "scoring_elements": "0.29189", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00111", "scoring_system": "epss", "scoring_elements": "0.29259", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-21291" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21248", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21248" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21277", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21277" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21282", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21282" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21283", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21283" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21291", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21291" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21293", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21293" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21294", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21294" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21296", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21296" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21299", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21299" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21305", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21305" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21340", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21340" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21341", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21341" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21360", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21360" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21365", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21365" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21366", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21366" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2041831", "reference_id": "2041831", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2041831" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2DIN3L6L3SVZK75CKW2GPSU4HIGZR7XG/", "reference_id": "2DIN3L6L3SVZK75CKW2GPSU4HIGZR7XG", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-27T14:59:32Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2DIN3L6L3SVZK75CKW2GPSU4HIGZR7XG/" }, { "reference_url": "https://www.debian.org/security/2022/dsa-5057", "reference_id": "dsa-5057", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-27T14:59:32Z/" } ], "url": "https://www.debian.org/security/2022/dsa-5057" }, { "reference_url": "https://www.debian.org/security/2022/dsa-5058", "reference_id": "dsa-5058", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-27T14:59:32Z/" } ], "url": "https://www.debian.org/security/2022/dsa-5058" }, { "reference_url": "https://security.gentoo.org/glsa/202209-05", "reference_id": "GLSA-202209-05", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-27T14:59:32Z/" } ], "url": "https://security.gentoo.org/glsa/202209-05" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20220121-0007/", "reference_id": "ntap-20220121-0007", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-27T14:59:32Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20220121-0007/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0161", "reference_id": "RHSA-2022:0161", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0161" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0165", "reference_id": "RHSA-2022:0165", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0165" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0166", "reference_id": "RHSA-2022:0166", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0166" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0185", "reference_id": "RHSA-2022:0185", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0185" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0204", "reference_id": "RHSA-2022:0204", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0204" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0209", "reference_id": "RHSA-2022:0209", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0209" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0211", "reference_id": "RHSA-2022:0211", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0211" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0228", "reference_id": "RHSA-2022:0228", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0228" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0229", "reference_id": "RHSA-2022:0229", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0229" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0233", "reference_id": "RHSA-2022:0233", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0233" }, { "reference_url": "https://usn.ubuntu.com/5313-1/", "reference_id": "USN-5313-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5313-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/190337?format=api", "purl": "pkg:ebuild/dev-java/openjdk-bin@8.322_p06", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk-bin@8.322_p06" }, { "url": "http://public2.vulnerablecode.io/api/packages/190338?format=api", "purl": "pkg:ebuild/dev-java/openjdk-bin@11.0.14_p9", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk-bin@11.0.14_p9" }, { "url": "http://public2.vulnerablecode.io/api/packages/190339?format=api", "purl": "pkg:ebuild/dev-java/openjdk-bin@17.0.2_p8", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk-bin@17.0.2_p8" } ], "aliases": [ "CVE-2022-21291" ], "risk_score": 2.4, "exploitability": "0.5", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-d7ba-cav8-fyac" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96423?format=api", "vulnerability_id": "VCID-db7n-s9z9-xbcr", "summary": "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: ImageIO). Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21360.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21360.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-21360", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00117", "scoring_system": "epss", "scoring_elements": "0.30139", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00117", "scoring_system": "epss", "scoring_elements": "0.30213", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-21360" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21248", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21248" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21277", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21277" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21282", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21282" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21283", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21283" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21291", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21291" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21293", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21293" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21294", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21294" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21296", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21296" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21299", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21299" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21305", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21305" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21340", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21340" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21341", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21341" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21360", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21360" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21365", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21365" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21366", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21366" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2041491", "reference_id": "2041491", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2041491" }, { "reference_url": "https://www.debian.org/security/2022/dsa-5057", "reference_id": "dsa-5057", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-27T14:48:36Z/" } ], "url": "https://www.debian.org/security/2022/dsa-5057" }, { "reference_url": "https://www.debian.org/security/2022/dsa-5058", "reference_id": "dsa-5058", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-27T14:48:36Z/" } ], "url": "https://www.debian.org/security/2022/dsa-5058" }, { "reference_url": "https://security.gentoo.org/glsa/202209-05", "reference_id": "GLSA-202209-05", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-27T14:48:36Z/" } ], "url": "https://security.gentoo.org/glsa/202209-05" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2022/02/msg00011.html", "reference_id": "msg00011.html", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-27T14:48:36Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2022/02/msg00011.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20220121-0007/", "reference_id": "ntap-20220121-0007", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-27T14:48:36Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20220121-0007/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0161", "reference_id": "RHSA-2022:0161", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0161" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0165", "reference_id": "RHSA-2022:0165", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0165" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0166", "reference_id": "RHSA-2022:0166", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0166" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0185", "reference_id": "RHSA-2022:0185", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0185" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0204", "reference_id": "RHSA-2022:0204", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0204" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0209", "reference_id": "RHSA-2022:0209", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0209" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0211", "reference_id": "RHSA-2022:0211", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0211" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0228", "reference_id": "RHSA-2022:0228", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0228" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0229", "reference_id": "RHSA-2022:0229", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0229" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0233", "reference_id": "RHSA-2022:0233", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0233" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0304", "reference_id": "RHSA-2022:0304", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0304" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0305", "reference_id": "RHSA-2022:0305", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0305" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0306", "reference_id": "RHSA-2022:0306", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0306" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0307", "reference_id": "RHSA-2022:0307", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0307" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0312", "reference_id": "RHSA-2022:0312", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0312" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0317", "reference_id": "RHSA-2022:0317", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0317" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0321", "reference_id": "RHSA-2022:0321", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0321" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0968", "reference_id": "RHSA-2022:0968", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0968" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0969", "reference_id": "RHSA-2022:0969", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0969" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0970", "reference_id": "RHSA-2022:0970", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0970" }, { "reference_url": "https://usn.ubuntu.com/5313-1/", "reference_id": "USN-5313-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5313-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/190337?format=api", "purl": "pkg:ebuild/dev-java/openjdk-bin@8.322_p06", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk-bin@8.322_p06" }, { "url": "http://public2.vulnerablecode.io/api/packages/190338?format=api", "purl": "pkg:ebuild/dev-java/openjdk-bin@11.0.14_p9", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk-bin@11.0.14_p9" }, { "url": "http://public2.vulnerablecode.io/api/packages/190339?format=api", "purl": "pkg:ebuild/dev-java/openjdk-bin@17.0.2_p8", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk-bin@17.0.2_p8" } ], "aliases": [ "CVE-2022-21360" ], "risk_score": 2.4, "exploitability": "0.5", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-db7n-s9z9-xbcr" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/6947?format=api", "vulnerability_id": "VCID-e6dp-udwu-4bcz", "summary": "multiple issues", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-35578.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-35578.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-35578", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00144", "scoring_system": "epss", "scoring_elements": "0.34436", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00144", "scoring_system": "epss", "scoring_elements": "0.34339", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-35578" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35550", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35550" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35556", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35556" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35559", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35559" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35561", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35561" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35564", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35564" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35565", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35565" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35567", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35567" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35578", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35578" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35586", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35586" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35603", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35603" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2015653", "reference_id": "2015653", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2015653" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6EUURAQOIJYFZHQ7DFZCO6IKDPIAWTNK/", "reference_id": "6EUURAQOIJYFZHQ7DFZCO6IKDPIAWTNK", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-18T17:53:39Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6EUURAQOIJYFZHQ7DFZCO6IKDPIAWTNK/" }, { "reference_url": "https://security.archlinux.org/AVG-2477", "reference_id": "AVG-2477", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2477" }, { "reference_url": "https://security.archlinux.org/AVG-2478", "reference_id": "AVG-2478", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2478" }, { "reference_url": "https://security.archlinux.org/AVG-2479", "reference_id": "AVG-2479", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2479" }, { "reference_url": "https://www.debian.org/security/2021/dsa-5000", "reference_id": "dsa-5000", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-18T17:53:39Z/" } ], "url": "https://www.debian.org/security/2021/dsa-5000" }, { "reference_url": "https://www.debian.org/security/2021/dsa-5012", "reference_id": "dsa-5012", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-18T17:53:39Z/" } ], "url": "https://www.debian.org/security/2021/dsa-5012" }, { "reference_url": "https://security.gentoo.org/glsa/202209-05", "reference_id": "GLSA-202209-05", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-18T17:53:39Z/" } ], "url": "https://security.gentoo.org/glsa/202209-05" }, { "reference_url": "https://security.gentoo.org/glsa/202409-26", "reference_id": "GLSA-202409-26", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202409-26" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GTYZWIXDFUV2H57YQZJWPOD3BC3I3EIQ/", "reference_id": "GTYZWIXDFUV2H57YQZJWPOD3BC3I3EIQ", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-18T17:53:39Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GTYZWIXDFUV2H57YQZJWPOD3BC3I3EIQ/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GXTUWAWXVU37GRNIG4TPMA47THO6VAE6/", "reference_id": "GXTUWAWXVU37GRNIG4TPMA47THO6VAE6", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-18T17:53:39Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GXTUWAWXVU37GRNIG4TPMA47THO6VAE6/" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2021/11/msg00008.html", "reference_id": "msg00008.html", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-18T17:53:39Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2021/11/msg00008.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20240621-0006/", "reference_id": "ntap-20240621-0006", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-18T17:53:39Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20240621-0006/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3884", "reference_id": "RHSA-2021:3884", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3884" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3885", "reference_id": "RHSA-2021:3885", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3885" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3886", "reference_id": "RHSA-2021:3886", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3886" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3887", "reference_id": "RHSA-2021:3887", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3887" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3889", "reference_id": "RHSA-2021:3889", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3889" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3891", "reference_id": "RHSA-2021:3891", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3891" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3892", "reference_id": "RHSA-2021:3892", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3892" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3893", "reference_id": "RHSA-2021:3893", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3893" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3960", "reference_id": "RHSA-2021:3960", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3960" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3961", "reference_id": "RHSA-2021:3961", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3961" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3967", "reference_id": "RHSA-2021:3967", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3967" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3968", "reference_id": "RHSA-2021:3968", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3968" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4135", "reference_id": "RHSA-2021:4135", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4135" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4531", "reference_id": "RHSA-2021:4531", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4531" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4532", "reference_id": "RHSA-2021:4532", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4532" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:5030", "reference_id": "RHSA-2021:5030", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:5030" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0345", "reference_id": "RHSA-2022:0345", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0345" }, { "reference_url": "https://usn.ubuntu.com/5202-1/", "reference_id": "USN-5202-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5202-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/190337?format=api", "purl": "pkg:ebuild/dev-java/openjdk-bin@8.322_p06", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk-bin@8.322_p06" }, { "url": "http://public2.vulnerablecode.io/api/packages/190338?format=api", "purl": "pkg:ebuild/dev-java/openjdk-bin@11.0.14_p9", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk-bin@11.0.14_p9" }, { "url": "http://public2.vulnerablecode.io/api/packages/190339?format=api", "purl": "pkg:ebuild/dev-java/openjdk-bin@17.0.2_p8", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk-bin@17.0.2_p8" } ], "aliases": [ "CVE-2021-35578" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-e6dp-udwu-4bcz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96410?format=api", "vulnerability_id": "VCID-f3vv-zzht-cbhy", "summary": "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Serialization). Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 3.7 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N).", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21248.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21248.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-21248", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00083", "scoring_system": "epss", "scoring_elements": "0.24213", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00083", "scoring_system": "epss", "scoring_elements": "0.24313", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-21248" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21248", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21248" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21277", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21277" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21282", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21282" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21283", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21283" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21291", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21291" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21293", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21293" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21294", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21294" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21296", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21296" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21299", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21299" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21305", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21305" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21340", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21340" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21341", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21341" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21360", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21360" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21365", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21365" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21366", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21366" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2041801", "reference_id": "2041801", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2041801" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2DIN3L6L3SVZK75CKW2GPSU4HIGZR7XG/", "reference_id": "2DIN3L6L3SVZK75CKW2GPSU4HIGZR7XG", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-24T17:45:14Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2DIN3L6L3SVZK75CKW2GPSU4HIGZR7XG/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4J2N4FNXW6JKJBWUZH6SNI2UHCZXQXCY/", "reference_id": "4J2N4FNXW6JKJBWUZH6SNI2UHCZXQXCY", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-24T17:45:14Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4J2N4FNXW6JKJBWUZH6SNI2UHCZXQXCY/" }, { "reference_url": "https://www.debian.org/security/2022/dsa-5057", "reference_id": "dsa-5057", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-24T17:45:14Z/" } ], "url": "https://www.debian.org/security/2022/dsa-5057" }, { "reference_url": "https://www.debian.org/security/2022/dsa-5058", "reference_id": "dsa-5058", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-24T17:45:14Z/" } ], "url": "https://www.debian.org/security/2022/dsa-5058" }, { "reference_url": "https://security.gentoo.org/glsa/202209-05", "reference_id": "GLSA-202209-05", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-24T17:45:14Z/" } ], "url": "https://security.gentoo.org/glsa/202209-05" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KPIWQ6DL5IPOT54UBWTISG5T24FQJ7MN/", "reference_id": "KPIWQ6DL5IPOT54UBWTISG5T24FQJ7MN", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-24T17:45:14Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KPIWQ6DL5IPOT54UBWTISG5T24FQJ7MN/" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2022/02/msg00011.html", "reference_id": "msg00011.html", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-24T17:45:14Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2022/02/msg00011.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20220121-0007/", "reference_id": "ntap-20220121-0007", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-24T17:45:14Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20220121-0007/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0161", "reference_id": "RHSA-2022:0161", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0161" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0165", "reference_id": "RHSA-2022:0165", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0165" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0166", "reference_id": "RHSA-2022:0166", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0166" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0185", "reference_id": "RHSA-2022:0185", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0185" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0204", "reference_id": "RHSA-2022:0204", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0204" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0209", "reference_id": "RHSA-2022:0209", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0209" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0211", "reference_id": "RHSA-2022:0211", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0211" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0228", "reference_id": "RHSA-2022:0228", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0228" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0229", "reference_id": "RHSA-2022:0229", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0229" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0233", "reference_id": "RHSA-2022:0233", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0233" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0304", "reference_id": "RHSA-2022:0304", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0304" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0305", "reference_id": "RHSA-2022:0305", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0305" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0306", "reference_id": "RHSA-2022:0306", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0306" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0307", "reference_id": "RHSA-2022:0307", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0307" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0312", "reference_id": "RHSA-2022:0312", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0312" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0317", "reference_id": "RHSA-2022:0317", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0317" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0321", "reference_id": "RHSA-2022:0321", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0321" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0968", "reference_id": "RHSA-2022:0968", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0968" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0969", "reference_id": "RHSA-2022:0969", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0969" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0970", "reference_id": "RHSA-2022:0970", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0970" }, { "reference_url": "https://usn.ubuntu.com/5313-1/", "reference_id": "USN-5313-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5313-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/190337?format=api", "purl": "pkg:ebuild/dev-java/openjdk-bin@8.322_p06", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk-bin@8.322_p06" }, { "url": "http://public2.vulnerablecode.io/api/packages/190338?format=api", "purl": "pkg:ebuild/dev-java/openjdk-bin@11.0.14_p9", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk-bin@11.0.14_p9" }, { "url": "http://public2.vulnerablecode.io/api/packages/190339?format=api", "purl": "pkg:ebuild/dev-java/openjdk-bin@17.0.2_p8", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk-bin@17.0.2_p8" } ], "aliases": [ "CVE-2022-21248" ], "risk_score": 1.6, "exploitability": "0.5", "weighted_severity": "3.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-f3vv-zzht-cbhy" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/6950?format=api", "vulnerability_id": "VCID-fd7c-w5ta-1yc1", "summary": "multiple issues", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-35564.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-35564.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-35564", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00106", "scoring_system": "epss", "scoring_elements": "0.2842", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00106", "scoring_system": "epss", "scoring_elements": "0.28347", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-35564" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35550", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35550" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35556", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35556" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35559", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35559" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35561", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35561" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35564", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35564" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35565", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35565" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35567", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35567" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35578", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35578" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35586", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35586" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35603", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35603" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2015061", "reference_id": "2015061", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2015061" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6EUURAQOIJYFZHQ7DFZCO6IKDPIAWTNK/", "reference_id": "6EUURAQOIJYFZHQ7DFZCO6IKDPIAWTNK", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-19T18:55:09Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6EUURAQOIJYFZHQ7DFZCO6IKDPIAWTNK/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7WTVCIVHTX3XONYOEGUMLKCM4QEC6INT/", "reference_id": "7WTVCIVHTX3XONYOEGUMLKCM4QEC6INT", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-19T18:55:09Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7WTVCIVHTX3XONYOEGUMLKCM4QEC6INT/" }, { "reference_url": "https://security.archlinux.org/AVG-2477", "reference_id": "AVG-2477", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2477" }, { "reference_url": "https://security.archlinux.org/AVG-2478", "reference_id": "AVG-2478", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2478" }, { "reference_url": "https://security.archlinux.org/AVG-2479", "reference_id": "AVG-2479", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2479" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DJILEHYV2U37HKMGFEQ7CAVOV4DUWW2O/", "reference_id": "DJILEHYV2U37HKMGFEQ7CAVOV4DUWW2O", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-19T18:55:09Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DJILEHYV2U37HKMGFEQ7CAVOV4DUWW2O/" }, { "reference_url": "https://www.debian.org/security/2021/dsa-5000", "reference_id": "dsa-5000", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-19T18:55:09Z/" } ], "url": "https://www.debian.org/security/2021/dsa-5000" }, { "reference_url": "https://www.debian.org/security/2021/dsa-5012", "reference_id": "dsa-5012", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-19T18:55:09Z/" } ], "url": "https://www.debian.org/security/2021/dsa-5012" }, { "reference_url": "https://security.gentoo.org/glsa/202209-05", "reference_id": "GLSA-202209-05", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-19T18:55:09Z/" } ], "url": "https://security.gentoo.org/glsa/202209-05" }, { "reference_url": "https://security.gentoo.org/glsa/202409-26", "reference_id": "GLSA-202409-26", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202409-26" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GTYZWIXDFUV2H57YQZJWPOD3BC3I3EIQ/", "reference_id": "GTYZWIXDFUV2H57YQZJWPOD3BC3I3EIQ", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-19T18:55:09Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GTYZWIXDFUV2H57YQZJWPOD3BC3I3EIQ/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GXTUWAWXVU37GRNIG4TPMA47THO6VAE6/", "reference_id": "GXTUWAWXVU37GRNIG4TPMA47THO6VAE6", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-19T18:55:09Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GXTUWAWXVU37GRNIG4TPMA47THO6VAE6/" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2021/11/msg00008.html", "reference_id": "msg00008.html", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-19T18:55:09Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2021/11/msg00008.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20240621-0006/", "reference_id": "ntap-20240621-0006", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-19T18:55:09Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20240621-0006/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3884", "reference_id": "RHSA-2021:3884", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3884" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3885", "reference_id": "RHSA-2021:3885", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3885" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3886", "reference_id": "RHSA-2021:3886", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3886" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3887", "reference_id": "RHSA-2021:3887", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3887" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3889", "reference_id": "RHSA-2021:3889", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3889" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3891", "reference_id": "RHSA-2021:3891", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3891" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3892", "reference_id": "RHSA-2021:3892", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3892" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3893", "reference_id": "RHSA-2021:3893", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3893" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3960", "reference_id": "RHSA-2021:3960", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3960" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3961", "reference_id": "RHSA-2021:3961", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3961" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3967", "reference_id": "RHSA-2021:3967", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3967" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3968", "reference_id": "RHSA-2021:3968", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3968" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4135", "reference_id": "RHSA-2021:4135", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4135" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4531", "reference_id": "RHSA-2021:4531", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4531" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4532", "reference_id": "RHSA-2021:4532", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4532" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:5030", "reference_id": "RHSA-2021:5030", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:5030" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0310", "reference_id": "RHSA-2022:0310", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0310" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0345", "reference_id": "RHSA-2022:0345", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0345" }, { "reference_url": "https://usn.ubuntu.com/5202-1/", "reference_id": "USN-5202-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5202-1/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/V362B2BWTH5IJDL45QPQGMBKIQOG7JX5/", "reference_id": "V362B2BWTH5IJDL45QPQGMBKIQOG7JX5", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-19T18:55:09Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/V362B2BWTH5IJDL45QPQGMBKIQOG7JX5/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/190337?format=api", "purl": "pkg:ebuild/dev-java/openjdk-bin@8.322_p06", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk-bin@8.322_p06" }, { "url": "http://public2.vulnerablecode.io/api/packages/190338?format=api", "purl": "pkg:ebuild/dev-java/openjdk-bin@11.0.14_p9", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk-bin@11.0.14_p9" }, { "url": "http://public2.vulnerablecode.io/api/packages/190339?format=api", "purl": "pkg:ebuild/dev-java/openjdk-bin@17.0.2_p8", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk-bin@17.0.2_p8" } ], "aliases": [ "CVE-2021-35564" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fd7c-w5ta-1yc1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/6944?format=api", "vulnerability_id": "VCID-fk6t-6cx2-ckh7", "summary": "multiple issues", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-35603.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-35603.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-35603", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00136", "scoring_system": "epss", "scoring_elements": "0.3329", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00136", "scoring_system": "epss", "scoring_elements": "0.33188", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-35603" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35550", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35550" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35556", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35556" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35559", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35559" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35561", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35561" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35564", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35564" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35565", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35565" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35567", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35567" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35578", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35578" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35586", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35586" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35603", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35603" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2015311", "reference_id": "2015311", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2015311" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6EUURAQOIJYFZHQ7DFZCO6IKDPIAWTNK/", "reference_id": "6EUURAQOIJYFZHQ7DFZCO6IKDPIAWTNK", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-18T17:52:57Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6EUURAQOIJYFZHQ7DFZCO6IKDPIAWTNK/" }, { "reference_url": "https://security.archlinux.org/AVG-2477", "reference_id": "AVG-2477", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2477" }, { "reference_url": "https://security.archlinux.org/AVG-2478", "reference_id": "AVG-2478", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2478" }, { "reference_url": "https://security.archlinux.org/AVG-2479", "reference_id": "AVG-2479", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2479" }, { "reference_url": "https://www.debian.org/security/2021/dsa-5000", "reference_id": "dsa-5000", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-18T17:52:57Z/" } ], "url": "https://www.debian.org/security/2021/dsa-5000" }, { "reference_url": "https://www.debian.org/security/2021/dsa-5012", "reference_id": "dsa-5012", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-18T17:52:57Z/" } ], "url": "https://www.debian.org/security/2021/dsa-5012" }, { "reference_url": "https://security.gentoo.org/glsa/202209-05", "reference_id": "GLSA-202209-05", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-18T17:52:57Z/" } ], "url": "https://security.gentoo.org/glsa/202209-05" }, { "reference_url": "https://security.gentoo.org/glsa/202409-26", "reference_id": "GLSA-202409-26", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202409-26" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GTYZWIXDFUV2H57YQZJWPOD3BC3I3EIQ/", "reference_id": "GTYZWIXDFUV2H57YQZJWPOD3BC3I3EIQ", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-18T17:52:57Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GTYZWIXDFUV2H57YQZJWPOD3BC3I3EIQ/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GXTUWAWXVU37GRNIG4TPMA47THO6VAE6/", "reference_id": "GXTUWAWXVU37GRNIG4TPMA47THO6VAE6", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-18T17:52:57Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GXTUWAWXVU37GRNIG4TPMA47THO6VAE6/" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2021/11/msg00008.html", "reference_id": "msg00008.html", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-18T17:52:57Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2021/11/msg00008.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20240621-0006/", "reference_id": "ntap-20240621-0006", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-18T17:52:57Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20240621-0006/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3884", "reference_id": "RHSA-2021:3884", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3884" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3885", "reference_id": "RHSA-2021:3885", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3885" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3886", "reference_id": "RHSA-2021:3886", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3886" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3887", "reference_id": "RHSA-2021:3887", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3887" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3889", "reference_id": "RHSA-2021:3889", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3889" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3891", "reference_id": "RHSA-2021:3891", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3891" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3892", "reference_id": "RHSA-2021:3892", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3892" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3893", "reference_id": "RHSA-2021:3893", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3893" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3960", "reference_id": "RHSA-2021:3960", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3960" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3961", "reference_id": "RHSA-2021:3961", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3961" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3967", "reference_id": "RHSA-2021:3967", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3967" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3968", "reference_id": "RHSA-2021:3968", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3968" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4135", "reference_id": "RHSA-2021:4135", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4135" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4531", "reference_id": "RHSA-2021:4531", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4531" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4532", "reference_id": "RHSA-2021:4532", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4532" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0968", "reference_id": "RHSA-2022:0968", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0968" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0969", "reference_id": "RHSA-2022:0969", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0969" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0970", "reference_id": "RHSA-2022:0970", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0970" }, { "reference_url": "https://usn.ubuntu.com/5202-1/", "reference_id": "USN-5202-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5202-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/190337?format=api", "purl": "pkg:ebuild/dev-java/openjdk-bin@8.322_p06", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk-bin@8.322_p06" }, { "url": "http://public2.vulnerablecode.io/api/packages/190338?format=api", "purl": "pkg:ebuild/dev-java/openjdk-bin@11.0.14_p9", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk-bin@11.0.14_p9" }, { "url": "http://public2.vulnerablecode.io/api/packages/190339?format=api", "purl": "pkg:ebuild/dev-java/openjdk-bin@17.0.2_p8", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk-bin@17.0.2_p8" } ], "aliases": [ "CVE-2021-35603" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fk6t-6cx2-ckh7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/6953?format=api", "vulnerability_id": "VCID-fubs-k5u5-1yf8", "summary": "multiple issues", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-35556.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-35556.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-35556", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00137", "scoring_system": "epss", "scoring_elements": "0.33352", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00137", "scoring_system": "epss", "scoring_elements": "0.3325", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-35556" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35550", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35550" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35556", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35556" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35559", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35559" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35561", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35561" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35564", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35564" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35565", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35565" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35567", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35567" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35578", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35578" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35586", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35586" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35603", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35603" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2014515", "reference_id": "2014515", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2014515" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6EUURAQOIJYFZHQ7DFZCO6IKDPIAWTNK/", "reference_id": "6EUURAQOIJYFZHQ7DFZCO6IKDPIAWTNK", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-06-24T14:32:53Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6EUURAQOIJYFZHQ7DFZCO6IKDPIAWTNK/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7WTVCIVHTX3XONYOEGUMLKCM4QEC6INT/", "reference_id": "7WTVCIVHTX3XONYOEGUMLKCM4QEC6INT", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-06-24T14:32:53Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7WTVCIVHTX3XONYOEGUMLKCM4QEC6INT/" }, { "reference_url": "https://security.archlinux.org/AVG-2477", "reference_id": "AVG-2477", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2477" }, { "reference_url": "https://security.archlinux.org/AVG-2478", "reference_id": "AVG-2478", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2478" }, { "reference_url": "https://security.archlinux.org/AVG-2479", "reference_id": "AVG-2479", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2479" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DJILEHYV2U37HKMGFEQ7CAVOV4DUWW2O/", "reference_id": "DJILEHYV2U37HKMGFEQ7CAVOV4DUWW2O", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-06-24T14:32:53Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DJILEHYV2U37HKMGFEQ7CAVOV4DUWW2O/" }, { "reference_url": "https://www.debian.org/security/2021/dsa-5000", "reference_id": "dsa-5000", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-06-24T14:32:53Z/" } ], "url": "https://www.debian.org/security/2021/dsa-5000" }, { "reference_url": "https://www.debian.org/security/2021/dsa-5012", "reference_id": "dsa-5012", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-06-24T14:32:53Z/" } ], "url": "https://www.debian.org/security/2021/dsa-5012" }, { "reference_url": "https://security.gentoo.org/glsa/202209-05", "reference_id": "GLSA-202209-05", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-06-24T14:32:53Z/" } ], "url": "https://security.gentoo.org/glsa/202209-05" }, { "reference_url": "https://security.gentoo.org/glsa/202409-26", "reference_id": "GLSA-202409-26", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202409-26" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GTYZWIXDFUV2H57YQZJWPOD3BC3I3EIQ/", "reference_id": "GTYZWIXDFUV2H57YQZJWPOD3BC3I3EIQ", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-06-24T14:32:53Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GTYZWIXDFUV2H57YQZJWPOD3BC3I3EIQ/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GXTUWAWXVU37GRNIG4TPMA47THO6VAE6/", "reference_id": "GXTUWAWXVU37GRNIG4TPMA47THO6VAE6", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-06-24T14:32:53Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GXTUWAWXVU37GRNIG4TPMA47THO6VAE6/" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2021/11/msg00008.html", "reference_id": "msg00008.html", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-06-24T14:32:53Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2021/11/msg00008.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20240621-0006/", "reference_id": "ntap-20240621-0006", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-06-24T14:32:53Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20240621-0006/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3884", "reference_id": "RHSA-2021:3884", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3884" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3885", "reference_id": "RHSA-2021:3885", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3885" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3886", "reference_id": "RHSA-2021:3886", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3886" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3887", "reference_id": "RHSA-2021:3887", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3887" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3889", "reference_id": "RHSA-2021:3889", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3889" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3891", "reference_id": "RHSA-2021:3891", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3891" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3892", "reference_id": "RHSA-2021:3892", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3892" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3893", "reference_id": "RHSA-2021:3893", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3893" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3960", "reference_id": "RHSA-2021:3960", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3960" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3961", "reference_id": "RHSA-2021:3961", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3961" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3967", "reference_id": "RHSA-2021:3967", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3967" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3968", "reference_id": "RHSA-2021:3968", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3968" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4135", "reference_id": "RHSA-2021:4135", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4135" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4531", "reference_id": "RHSA-2021:4531", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4531" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4532", "reference_id": "RHSA-2021:4532", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4532" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:5030", "reference_id": "RHSA-2021:5030", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:5030" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0310", "reference_id": "RHSA-2022:0310", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0310" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0345", "reference_id": "RHSA-2022:0345", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0345" }, { "reference_url": "https://usn.ubuntu.com/5202-1/", "reference_id": "USN-5202-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5202-1/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/V362B2BWTH5IJDL45QPQGMBKIQOG7JX5/", "reference_id": "V362B2BWTH5IJDL45QPQGMBKIQOG7JX5", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-06-24T14:32:53Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/V362B2BWTH5IJDL45QPQGMBKIQOG7JX5/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/190337?format=api", "purl": "pkg:ebuild/dev-java/openjdk-bin@8.322_p06", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk-bin@8.322_p06" }, { "url": "http://public2.vulnerablecode.io/api/packages/190338?format=api", "purl": "pkg:ebuild/dev-java/openjdk-bin@11.0.14_p9", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk-bin@11.0.14_p9" }, { "url": "http://public2.vulnerablecode.io/api/packages/190339?format=api", "purl": "pkg:ebuild/dev-java/openjdk-bin@17.0.2_p8", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk-bin@17.0.2_p8" } ], "aliases": [ "CVE-2021-35556" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fubs-k5u5-1yf8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96408?format=api", "vulnerability_id": "VCID-j4db-1hse-ybhy", "summary": "Vulnerability in the Java SE, Java SE Embedded, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Java SE: 7u291, 8u281, 11.0.10, 16; Java SE Embedded: 8u281; Oracle GraalVM Enterprise Edition: 19.3.5, 20.3.1.2 and 21.0.0.2. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Java SE, Java SE Embedded, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. It can also be exploited by supplying untrusted data to APIs in the specified Component. CVSS 3.1 Base Score 5.9 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N).", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-2161.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-2161.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-2161", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01132", "scoring_system": "epss", "scoring_elements": "0.78704", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.01132", "scoring_system": "epss", "scoring_elements": "0.78678", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-2161" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1951231", "reference_id": "1951231", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1951231" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5ACX4JEVYH6H4PSMGMYWTGABPOFPH3TS/", "reference_id": "5ACX4JEVYH6H4PSMGMYWTGABPOFPH3TS", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T14:44:10Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5ACX4JEVYH6H4PSMGMYWTGABPOFPH3TS/" }, { "reference_url": "https://docs.azul.com/core/zulu-openjdk/release-notes/april-2021.html#fixed-common-vulnerabilities-and-exposures", "reference_id": "april-2021.html#fixed-common-vulnerabilities-and-exposures", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T14:44:10Z/" } ], "url": "https://docs.azul.com/core/zulu-openjdk/release-notes/april-2021.html#fixed-common-vulnerabilities-and-exposures" }, { "reference_url": "https://security.archlinux.org/AVG-1865", "reference_id": "AVG-1865", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1865" }, { "reference_url": "https://security.archlinux.org/AVG-1866", "reference_id": "AVG-1866", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1866" }, { "reference_url": "https://security.archlinux.org/AVG-1867", "reference_id": "AVG-1867", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1867" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CFXOKM2233JVGYDOWW77BN54X3GZTIBK/", "reference_id": "CFXOKM2233JVGYDOWW77BN54X3GZTIBK", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T14:44:10Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CFXOKM2233JVGYDOWW77BN54X3GZTIBK/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CG7EWXSO6JUCVHP7R3SOZQ7WPNBOISJH/", "reference_id": "CG7EWXSO6JUCVHP7R3SOZQ7WPNBOISJH", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T14:44:10Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CG7EWXSO6JUCVHP7R3SOZQ7WPNBOISJH/" }, { "reference_url": "https://www.oracle.com/security-alerts/cpuapr2021.html", "reference_id": "cpuapr2021.html", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T14:44:10Z/" } ], "url": "https://www.oracle.com/security-alerts/cpuapr2021.html" }, { "reference_url": "https://www.debian.org/security/2021/dsa-4899", "reference_id": "dsa-4899", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T14:44:10Z/" } ], "url": "https://www.debian.org/security/2021/dsa-4899" }, { "reference_url": "https://security.gentoo.org/glsa/202209-05", "reference_id": "GLSA-202209-05", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T14:44:10Z/" } ], "url": "https://security.gentoo.org/glsa/202209-05" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MAULPCQFLAMBJIS27YLNNX6IHRFJMVP4/", "reference_id": "MAULPCQFLAMBJIS27YLNNX6IHRFJMVP4", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T14:44:10Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MAULPCQFLAMBJIS27YLNNX6IHRFJMVP4/" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2021/04/msg00021.html", "reference_id": "msg00021.html", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T14:44:10Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2021/04/msg00021.html" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MVDY4T5XMSYDQT6RRKPMRCV4MVGS7KXF/", "reference_id": "MVDY4T5XMSYDQT6RRKPMRCV4MVGS7KXF", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T14:44:10Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MVDY4T5XMSYDQT6RRKPMRCV4MVGS7KXF/" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20210513-0001/", "reference_id": "ntap-20210513-0001", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T14:44:10Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20210513-0001/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1445", "reference_id": "RHSA-2021:1445", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1445" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1447", "reference_id": "RHSA-2021:1447", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1447" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UD3JEP4HPLK7MNZHVUMKIJPBP74M3A2V/", "reference_id": "UD3JEP4HPLK7MNZHVUMKIJPBP74M3A2V", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T14:44:10Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UD3JEP4HPLK7MNZHVUMKIJPBP74M3A2V/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/190337?format=api", "purl": "pkg:ebuild/dev-java/openjdk-bin@8.322_p06", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk-bin@8.322_p06" }, { "url": "http://public2.vulnerablecode.io/api/packages/190338?format=api", "purl": "pkg:ebuild/dev-java/openjdk-bin@11.0.14_p9", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk-bin@11.0.14_p9" }, { "url": "http://public2.vulnerablecode.io/api/packages/190339?format=api", "purl": "pkg:ebuild/dev-java/openjdk-bin@17.0.2_p8", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk-bin@17.0.2_p8" } ], "aliases": [ "CVE-2021-2161" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-j4db-1hse-ybhy" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96417?format=api", "vulnerability_id": "VCID-kfvv-nw6p-qfbe", "summary": "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21294.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21294.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-21294", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00132", "scoring_system": "epss", "scoring_elements": "0.32229", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00132", "scoring_system": "epss", "scoring_elements": "0.32301", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-21294" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21248", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21248" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21277", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21277" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21282", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21282" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21283", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21283" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21291", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21291" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21293", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21293" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21294", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21294" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21296", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21296" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21299", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21299" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21305", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21305" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21340", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21340" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21341", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21341" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21360", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21360" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21365", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21365" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21366", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21366" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2041427", "reference_id": "2041427", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2041427" }, { "reference_url": "https://www.debian.org/security/2022/dsa-5057", "reference_id": "dsa-5057", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-27T15:12:30Z/" } ], "url": "https://www.debian.org/security/2022/dsa-5057" }, { "reference_url": "https://www.debian.org/security/2022/dsa-5058", "reference_id": "dsa-5058", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-27T15:12:30Z/" } ], "url": "https://www.debian.org/security/2022/dsa-5058" }, { "reference_url": "https://security.gentoo.org/glsa/202209-05", "reference_id": "GLSA-202209-05", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-27T15:12:30Z/" } ], "url": "https://security.gentoo.org/glsa/202209-05" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2022/02/msg00011.html", "reference_id": "msg00011.html", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-27T15:12:30Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2022/02/msg00011.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20220121-0007/", "reference_id": "ntap-20220121-0007", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-27T15:12:30Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20220121-0007/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0161", "reference_id": "RHSA-2022:0161", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0161" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0165", "reference_id": "RHSA-2022:0165", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0165" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0166", "reference_id": "RHSA-2022:0166", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0166" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0185", "reference_id": "RHSA-2022:0185", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0185" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0204", "reference_id": "RHSA-2022:0204", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0204" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0209", "reference_id": "RHSA-2022:0209", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0209" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0211", "reference_id": "RHSA-2022:0211", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0211" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0228", "reference_id": "RHSA-2022:0228", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0228" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0229", "reference_id": "RHSA-2022:0229", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0229" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0233", "reference_id": "RHSA-2022:0233", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0233" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0304", "reference_id": "RHSA-2022:0304", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0304" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0305", "reference_id": "RHSA-2022:0305", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0305" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0306", "reference_id": "RHSA-2022:0306", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0306" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0307", "reference_id": "RHSA-2022:0307", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0307" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0312", "reference_id": "RHSA-2022:0312", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0312" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0317", "reference_id": "RHSA-2022:0317", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0317" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0321", "reference_id": "RHSA-2022:0321", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0321" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0968", "reference_id": "RHSA-2022:0968", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0968" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0969", "reference_id": "RHSA-2022:0969", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0969" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0970", "reference_id": "RHSA-2022:0970", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0970" }, { "reference_url": "https://usn.ubuntu.com/5313-1/", "reference_id": "USN-5313-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5313-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/190337?format=api", "purl": "pkg:ebuild/dev-java/openjdk-bin@8.322_p06", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk-bin@8.322_p06" }, { "url": "http://public2.vulnerablecode.io/api/packages/190338?format=api", "purl": "pkg:ebuild/dev-java/openjdk-bin@11.0.14_p9", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk-bin@11.0.14_p9" }, { "url": "http://public2.vulnerablecode.io/api/packages/190339?format=api", "purl": "pkg:ebuild/dev-java/openjdk-bin@17.0.2_p8", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk-bin@17.0.2_p8" } ], "aliases": [ "CVE-2022-21294" ], "risk_score": 2.4, "exploitability": "0.5", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-kfvv-nw6p-qfbe" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/7272?format=api", "vulnerability_id": "VCID-kntq-nhpw-1bbm", "summary": "insufficient validation", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-2163.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-2163.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-2163", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00081", "scoring_system": "epss", "scoring_elements": "0.23821", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00081", "scoring_system": "epss", "scoring_elements": "0.23915", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-2163" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-2163", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-2163" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1951217", "reference_id": "1951217", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1951217" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5ACX4JEVYH6H4PSMGMYWTGABPOFPH3TS/", "reference_id": "5ACX4JEVYH6H4PSMGMYWTGABPOFPH3TS", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T14:44:06Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5ACX4JEVYH6H4PSMGMYWTGABPOFPH3TS/" }, { "reference_url": "https://security.archlinux.org/AVG-1847", "reference_id": "AVG-1847", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1847" }, { "reference_url": "https://security.archlinux.org/AVG-1848", "reference_id": "AVG-1848", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1848" }, { "reference_url": "https://security.archlinux.org/AVG-1849", "reference_id": "AVG-1849", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1849" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CFXOKM2233JVGYDOWW77BN54X3GZTIBK/", "reference_id": "CFXOKM2233JVGYDOWW77BN54X3GZTIBK", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T14:44:06Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CFXOKM2233JVGYDOWW77BN54X3GZTIBK/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CG7EWXSO6JUCVHP7R3SOZQ7WPNBOISJH/", "reference_id": "CG7EWXSO6JUCVHP7R3SOZQ7WPNBOISJH", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T14:44:06Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CG7EWXSO6JUCVHP7R3SOZQ7WPNBOISJH/" }, { "reference_url": "https://www.oracle.com/security-alerts/cpuapr2021.html", "reference_id": "cpuapr2021.html", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T14:44:06Z/" } ], "url": "https://www.oracle.com/security-alerts/cpuapr2021.html" }, { "reference_url": "https://www.debian.org/security/2021/dsa-4899", "reference_id": "dsa-4899", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T14:44:06Z/" } ], "url": "https://www.debian.org/security/2021/dsa-4899" }, { "reference_url": "https://security.gentoo.org/glsa/202209-05", "reference_id": "GLSA-202209-05", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T14:44:06Z/" } ], "url": "https://security.gentoo.org/glsa/202209-05" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MAULPCQFLAMBJIS27YLNNX6IHRFJMVP4/", "reference_id": "MAULPCQFLAMBJIS27YLNNX6IHRFJMVP4", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T14:44:06Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MAULPCQFLAMBJIS27YLNNX6IHRFJMVP4/" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2021/04/msg00021.html", "reference_id": "msg00021.html", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T14:44:06Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2021/04/msg00021.html" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MVDY4T5XMSYDQT6RRKPMRCV4MVGS7KXF/", "reference_id": "MVDY4T5XMSYDQT6RRKPMRCV4MVGS7KXF", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T14:44:06Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MVDY4T5XMSYDQT6RRKPMRCV4MVGS7KXF/" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20210513-0001/", "reference_id": "ntap-20210513-0001", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T14:44:06Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20210513-0001/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1297", "reference_id": "RHSA-2021:1297", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1297" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1298", "reference_id": "RHSA-2021:1298", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1298" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1299", "reference_id": "RHSA-2021:1299", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1299" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1301", "reference_id": "RHSA-2021:1301", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1301" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1305", "reference_id": "RHSA-2021:1305", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1305" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1306", "reference_id": "RHSA-2021:1306", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1306" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1307", "reference_id": "RHSA-2021:1307", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1307" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1315", "reference_id": "RHSA-2021:1315", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1315" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1444", "reference_id": "RHSA-2021:1444", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1444" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1445", "reference_id": "RHSA-2021:1445", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1445" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1446", "reference_id": "RHSA-2021:1446", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1446" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1447", "reference_id": "RHSA-2021:1447", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1447" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:6735", "reference_id": "RHSA-2022:6735", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:6735" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:6755", "reference_id": "RHSA-2022:6755", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:6755" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:6756", "reference_id": "RHSA-2022:6756", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:6756" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UD3JEP4HPLK7MNZHVUMKIJPBP74M3A2V/", "reference_id": "UD3JEP4HPLK7MNZHVUMKIJPBP74M3A2V", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T14:44:06Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UD3JEP4HPLK7MNZHVUMKIJPBP74M3A2V/" }, { "reference_url": "https://usn.ubuntu.com/4892-1/", "reference_id": "USN-4892-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4892-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/190337?format=api", "purl": "pkg:ebuild/dev-java/openjdk-bin@8.322_p06", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk-bin@8.322_p06" }, { "url": "http://public2.vulnerablecode.io/api/packages/190338?format=api", "purl": "pkg:ebuild/dev-java/openjdk-bin@11.0.14_p9", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk-bin@11.0.14_p9" }, { "url": "http://public2.vulnerablecode.io/api/packages/190339?format=api", "purl": "pkg:ebuild/dev-java/openjdk-bin@17.0.2_p8", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk-bin@17.0.2_p8" } ], "aliases": [ "CVE-2021-2163" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-kntq-nhpw-1bbm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96418?format=api", "vulnerability_id": "VCID-n1vg-1mwa-yqhz", "summary": "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JAXP). Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N).", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21296.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21296.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-21296", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00133", "scoring_system": "epss", "scoring_elements": "0.32427", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00133", "scoring_system": "epss", "scoring_elements": "0.32499", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-21296" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21248", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21248" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21277", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21277" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21282", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21282" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21283", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21283" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21291", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21291" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21293", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21293" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21294", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21294" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21296", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21296" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21299", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21299" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21305", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21305" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21340", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21340" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21341", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21341" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21360", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21360" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21365", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21365" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21366", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21366" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2041439", "reference_id": "2041439", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2041439" }, { "reference_url": "https://www.debian.org/security/2022/dsa-5057", "reference_id": "dsa-5057", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-20T16:54:36Z/" } ], "url": "https://www.debian.org/security/2022/dsa-5057" }, { "reference_url": "https://www.debian.org/security/2022/dsa-5058", "reference_id": "dsa-5058", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-20T16:54:36Z/" } ], "url": "https://www.debian.org/security/2022/dsa-5058" }, { "reference_url": "https://security.gentoo.org/glsa/202209-05", "reference_id": "GLSA-202209-05", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-20T16:54:36Z/" } ], "url": "https://security.gentoo.org/glsa/202209-05" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2022/02/msg00011.html", "reference_id": "msg00011.html", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-20T16:54:36Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2022/02/msg00011.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20220121-0007/", "reference_id": "ntap-20220121-0007", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-20T16:54:36Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20220121-0007/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0161", "reference_id": "RHSA-2022:0161", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0161" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0165", "reference_id": "RHSA-2022:0165", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0165" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0166", "reference_id": "RHSA-2022:0166", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0166" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0185", "reference_id": "RHSA-2022:0185", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0185" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0204", "reference_id": "RHSA-2022:0204", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0204" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0209", "reference_id": "RHSA-2022:0209", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0209" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0211", "reference_id": "RHSA-2022:0211", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0211" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0228", "reference_id": "RHSA-2022:0228", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0228" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0229", "reference_id": "RHSA-2022:0229", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0229" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0233", "reference_id": "RHSA-2022:0233", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0233" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0304", "reference_id": "RHSA-2022:0304", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0304" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0305", "reference_id": "RHSA-2022:0305", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0305" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0306", "reference_id": "RHSA-2022:0306", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0306" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0307", "reference_id": "RHSA-2022:0307", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0307" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0312", "reference_id": "RHSA-2022:0312", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0312" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0317", "reference_id": "RHSA-2022:0317", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0317" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0321", "reference_id": "RHSA-2022:0321", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0321" }, { "reference_url": "https://usn.ubuntu.com/5313-1/", "reference_id": "USN-5313-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5313-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/190337?format=api", "purl": "pkg:ebuild/dev-java/openjdk-bin@8.322_p06", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk-bin@8.322_p06" }, { "url": "http://public2.vulnerablecode.io/api/packages/190338?format=api", "purl": "pkg:ebuild/dev-java/openjdk-bin@11.0.14_p9", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk-bin@11.0.14_p9" }, { "url": "http://public2.vulnerablecode.io/api/packages/190339?format=api", "purl": "pkg:ebuild/dev-java/openjdk-bin@17.0.2_p8", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk-bin@17.0.2_p8" } ], "aliases": [ "CVE-2022-21296" ], "risk_score": 2.4, "exploitability": "0.5", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-n1vg-1mwa-yqhz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96411?format=api", "vulnerability_id": "VCID-pryq-xq8m-wbbq", "summary": "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-21271", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01653", "scoring_system": "epss", "scoring_elements": "0.82393", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.01653", "scoring_system": "epss", "scoring_elements": "0.82363", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-21271" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://security.gentoo.org/glsa/202209-05", "reference_id": "GLSA-202209-05", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-24T17:35:28Z/" } ], "url": "https://security.gentoo.org/glsa/202209-05" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20220121-0007/", "reference_id": "ntap-20220121-0007", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-24T17:35:28Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20220121-0007/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/190337?format=api", "purl": "pkg:ebuild/dev-java/openjdk-bin@8.322_p06", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk-bin@8.322_p06" }, { "url": "http://public2.vulnerablecode.io/api/packages/190338?format=api", "purl": "pkg:ebuild/dev-java/openjdk-bin@11.0.14_p9", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk-bin@11.0.14_p9" }, { "url": "http://public2.vulnerablecode.io/api/packages/190339?format=api", "purl": "pkg:ebuild/dev-java/openjdk-bin@17.0.2_p8", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk-bin@17.0.2_p8" } ], "aliases": [ "CVE-2022-21271" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-pryq-xq8m-wbbq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96412?format=api", "vulnerability_id": "VCID-q7s3-rw8k-qkgd", "summary": "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: ImageIO). Supported versions that are affected are Oracle Java SE: 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21277.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21277.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-21277", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01201", "scoring_system": "epss", "scoring_elements": "0.79252", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.01201", "scoring_system": "epss", "scoring_elements": "0.79278", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-21277" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21248", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21248" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21277", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21277" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21282", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21282" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21283", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21283" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21291", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21291" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21293", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21293" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21294", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21294" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21296", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21296" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21299", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21299" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21305", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21305" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21340", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21340" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21341", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21341" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21360", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21360" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21365", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21365" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21366", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21366" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2041479", "reference_id": "2041479", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2041479" }, { "reference_url": "https://www.debian.org/security/2022/dsa-5057", "reference_id": "dsa-5057", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-08-15T14:45:31Z/" } ], "url": "https://www.debian.org/security/2022/dsa-5057" }, { "reference_url": "https://www.debian.org/security/2022/dsa-5058", "reference_id": "dsa-5058", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-08-15T14:45:31Z/" } ], "url": "https://www.debian.org/security/2022/dsa-5058" }, { "reference_url": "https://security.gentoo.org/glsa/202209-05", "reference_id": "GLSA-202209-05", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-08-15T14:45:31Z/" } ], "url": "https://security.gentoo.org/glsa/202209-05" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20220121-0007/", "reference_id": "ntap-20220121-0007", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-08-15T14:45:31Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20220121-0007/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0161", "reference_id": "RHSA-2022:0161", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0161" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0165", "reference_id": "RHSA-2022:0165", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0165" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0166", "reference_id": "RHSA-2022:0166", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0166" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0185", "reference_id": "RHSA-2022:0185", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0185" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0204", "reference_id": "RHSA-2022:0204", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0204" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0209", "reference_id": "RHSA-2022:0209", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0209" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0211", "reference_id": "RHSA-2022:0211", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0211" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0228", "reference_id": "RHSA-2022:0228", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0228" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0229", "reference_id": "RHSA-2022:0229", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0229" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0233", "reference_id": "RHSA-2022:0233", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0233" }, { "reference_url": "https://usn.ubuntu.com/5313-1/", "reference_id": "USN-5313-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5313-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/190337?format=api", "purl": "pkg:ebuild/dev-java/openjdk-bin@8.322_p06", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk-bin@8.322_p06" }, { "url": "http://public2.vulnerablecode.io/api/packages/190338?format=api", "purl": "pkg:ebuild/dev-java/openjdk-bin@11.0.14_p9", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk-bin@11.0.14_p9" }, { "url": "http://public2.vulnerablecode.io/api/packages/190339?format=api", "purl": "pkg:ebuild/dev-java/openjdk-bin@17.0.2_p8", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk-bin@17.0.2_p8" } ], "aliases": [ "CVE-2022-21277" ], "risk_score": 2.4, "exploitability": "0.5", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-q7s3-rw8k-qkgd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/6954?format=api", "vulnerability_id": "VCID-qbaf-vf9e-b3gz", "summary": "multiple issues", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-35550.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-35550.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-35550", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00091", "scoring_system": "epss", "scoring_elements": "0.25773", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00091", "scoring_system": "epss", "scoring_elements": "0.2567", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-35550" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35550", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35550" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35556", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35556" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35559", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35559" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35561", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35561" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35564", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35564" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35565", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35565" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35567", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35567" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35578", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35578" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35586", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35586" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35603", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35603" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2015648", "reference_id": "2015648", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2015648" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6EUURAQOIJYFZHQ7DFZCO6IKDPIAWTNK/", "reference_id": "6EUURAQOIJYFZHQ7DFZCO6IKDPIAWTNK", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-24T14:29:28Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6EUURAQOIJYFZHQ7DFZCO6IKDPIAWTNK/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7WTVCIVHTX3XONYOEGUMLKCM4QEC6INT/", "reference_id": "7WTVCIVHTX3XONYOEGUMLKCM4QEC6INT", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-24T14:29:28Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7WTVCIVHTX3XONYOEGUMLKCM4QEC6INT/" }, { "reference_url": "https://security.archlinux.org/AVG-2478", "reference_id": "AVG-2478", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2478" }, { "reference_url": "https://security.archlinux.org/AVG-2479", "reference_id": "AVG-2479", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2479" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DJILEHYV2U37HKMGFEQ7CAVOV4DUWW2O/", "reference_id": "DJILEHYV2U37HKMGFEQ7CAVOV4DUWW2O", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-24T14:29:28Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DJILEHYV2U37HKMGFEQ7CAVOV4DUWW2O/" }, { "reference_url": "https://www.debian.org/security/2021/dsa-5000", "reference_id": "dsa-5000", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-24T14:29:28Z/" } ], "url": "https://www.debian.org/security/2021/dsa-5000" }, { "reference_url": "https://security.gentoo.org/glsa/202209-05", "reference_id": "GLSA-202209-05", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-24T14:29:28Z/" } ], "url": "https://security.gentoo.org/glsa/202209-05" }, { "reference_url": "https://security.gentoo.org/glsa/202409-26", "reference_id": "GLSA-202409-26", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202409-26" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GTYZWIXDFUV2H57YQZJWPOD3BC3I3EIQ/", "reference_id": "GTYZWIXDFUV2H57YQZJWPOD3BC3I3EIQ", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-24T14:29:28Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GTYZWIXDFUV2H57YQZJWPOD3BC3I3EIQ/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GXTUWAWXVU37GRNIG4TPMA47THO6VAE6/", "reference_id": "GXTUWAWXVU37GRNIG4TPMA47THO6VAE6", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-24T14:29:28Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GXTUWAWXVU37GRNIG4TPMA47THO6VAE6/" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2021/11/msg00008.html", "reference_id": "msg00008.html", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-24T14:29:28Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2021/11/msg00008.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20240621-0006/", "reference_id": "ntap-20240621-0006", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-24T14:29:28Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20240621-0006/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3884", "reference_id": "RHSA-2021:3884", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3884" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3885", "reference_id": "RHSA-2021:3885", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3885" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3886", "reference_id": "RHSA-2021:3886", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3886" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3887", "reference_id": "RHSA-2021:3887", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3887" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3889", "reference_id": "RHSA-2021:3889", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3889" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3891", "reference_id": "RHSA-2021:3891", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3891" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3892", "reference_id": "RHSA-2021:3892", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3892" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3893", "reference_id": "RHSA-2021:3893", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3893" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3960", "reference_id": "RHSA-2021:3960", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3960" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3961", "reference_id": "RHSA-2021:3961", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3961" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3967", "reference_id": "RHSA-2021:3967", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3967" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3968", "reference_id": "RHSA-2021:3968", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3968" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0968", "reference_id": "RHSA-2022:0968", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0968" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0969", "reference_id": "RHSA-2022:0969", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0969" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0970", "reference_id": "RHSA-2022:0970", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0970" }, { "reference_url": "https://usn.ubuntu.com/5202-1/", "reference_id": "USN-5202-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5202-1/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/V362B2BWTH5IJDL45QPQGMBKIQOG7JX5/", "reference_id": "V362B2BWTH5IJDL45QPQGMBKIQOG7JX5", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-24T14:29:28Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/V362B2BWTH5IJDL45QPQGMBKIQOG7JX5/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/190337?format=api", "purl": "pkg:ebuild/dev-java/openjdk-bin@8.322_p06", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk-bin@8.322_p06" }, { "url": "http://public2.vulnerablecode.io/api/packages/190338?format=api", "purl": "pkg:ebuild/dev-java/openjdk-bin@11.0.14_p9", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk-bin@11.0.14_p9" }, { "url": "http://public2.vulnerablecode.io/api/packages/190339?format=api", "purl": "pkg:ebuild/dev-java/openjdk-bin@17.0.2_p8", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk-bin@17.0.2_p8" } ], "aliases": [ "CVE-2021-35550" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qbaf-vf9e-b3gz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/6951?format=api", "vulnerability_id": "VCID-qrbh-r1s1-uqhm", "summary": "multiple issues", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-35561.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-35561.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-35561", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00176", "scoring_system": "epss", "scoring_elements": "0.38921", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00176", "scoring_system": "epss", "scoring_elements": "0.38833", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-35561" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35550", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35550" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35556", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35556" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35559", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35559" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35561", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35561" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35564", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35564" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35565", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35565" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35567", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35567" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35578", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35578" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35586", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35586" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35603", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35603" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2014524", "reference_id": "2014524", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2014524" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6EUURAQOIJYFZHQ7DFZCO6IKDPIAWTNK/", "reference_id": "6EUURAQOIJYFZHQ7DFZCO6IKDPIAWTNK", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-25T19:32:13Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6EUURAQOIJYFZHQ7DFZCO6IKDPIAWTNK/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7WTVCIVHTX3XONYOEGUMLKCM4QEC6INT/", "reference_id": "7WTVCIVHTX3XONYOEGUMLKCM4QEC6INT", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-25T19:32:13Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7WTVCIVHTX3XONYOEGUMLKCM4QEC6INT/" }, { "reference_url": "https://security.archlinux.org/AVG-2477", "reference_id": "AVG-2477", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2477" }, { "reference_url": "https://security.archlinux.org/AVG-2478", "reference_id": "AVG-2478", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2478" }, { "reference_url": "https://security.archlinux.org/AVG-2479", "reference_id": "AVG-2479", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2479" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DJILEHYV2U37HKMGFEQ7CAVOV4DUWW2O/", "reference_id": "DJILEHYV2U37HKMGFEQ7CAVOV4DUWW2O", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-25T19:32:13Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DJILEHYV2U37HKMGFEQ7CAVOV4DUWW2O/" }, { "reference_url": "https://www.debian.org/security/2021/dsa-5000", "reference_id": "dsa-5000", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-25T19:32:13Z/" } ], "url": "https://www.debian.org/security/2021/dsa-5000" }, { "reference_url": "https://www.debian.org/security/2021/dsa-5012", "reference_id": "dsa-5012", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-25T19:32:13Z/" } ], "url": "https://www.debian.org/security/2021/dsa-5012" }, { "reference_url": "https://security.gentoo.org/glsa/202209-05", "reference_id": "GLSA-202209-05", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-25T19:32:13Z/" } ], "url": "https://security.gentoo.org/glsa/202209-05" }, { "reference_url": "https://security.gentoo.org/glsa/202409-26", "reference_id": "GLSA-202409-26", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202409-26" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GTYZWIXDFUV2H57YQZJWPOD3BC3I3EIQ/", "reference_id": "GTYZWIXDFUV2H57YQZJWPOD3BC3I3EIQ", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-25T19:32:13Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GTYZWIXDFUV2H57YQZJWPOD3BC3I3EIQ/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GXTUWAWXVU37GRNIG4TPMA47THO6VAE6/", "reference_id": "GXTUWAWXVU37GRNIG4TPMA47THO6VAE6", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-25T19:32:13Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GXTUWAWXVU37GRNIG4TPMA47THO6VAE6/" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2021/11/msg00008.html", "reference_id": "msg00008.html", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-25T19:32:13Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2021/11/msg00008.html" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3884", "reference_id": "RHSA-2021:3884", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3884" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3885", "reference_id": "RHSA-2021:3885", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3885" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3886", "reference_id": "RHSA-2021:3886", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3886" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3887", "reference_id": "RHSA-2021:3887", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3887" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3889", "reference_id": "RHSA-2021:3889", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3889" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3891", "reference_id": "RHSA-2021:3891", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3891" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3892", "reference_id": "RHSA-2021:3892", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3892" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3893", "reference_id": "RHSA-2021:3893", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3893" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3960", "reference_id": "RHSA-2021:3960", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3960" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3961", "reference_id": "RHSA-2021:3961", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3961" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3967", "reference_id": "RHSA-2021:3967", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3967" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3968", "reference_id": "RHSA-2021:3968", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3968" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4135", "reference_id": "RHSA-2021:4135", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4135" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4531", "reference_id": "RHSA-2021:4531", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4531" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4532", "reference_id": "RHSA-2021:4532", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4532" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4957", "reference_id": "RHSA-2022:4957", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4957" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4959", "reference_id": "RHSA-2022:4959", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4959" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5837", "reference_id": "RHSA-2022:5837", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5837" }, { "reference_url": "https://usn.ubuntu.com/5202-1/", "reference_id": "USN-5202-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5202-1/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/V362B2BWTH5IJDL45QPQGMBKIQOG7JX5/", "reference_id": "V362B2BWTH5IJDL45QPQGMBKIQOG7JX5", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-25T19:32:13Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/V362B2BWTH5IJDL45QPQGMBKIQOG7JX5/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/190337?format=api", "purl": "pkg:ebuild/dev-java/openjdk-bin@8.322_p06", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk-bin@8.322_p06" }, { "url": "http://public2.vulnerablecode.io/api/packages/190338?format=api", "purl": "pkg:ebuild/dev-java/openjdk-bin@11.0.14_p9", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk-bin@11.0.14_p9" }, { "url": "http://public2.vulnerablecode.io/api/packages/190339?format=api", "purl": "pkg:ebuild/dev-java/openjdk-bin@17.0.2_p8", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk-bin@17.0.2_p8" } ], "aliases": [ "CVE-2021-35561" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qrbh-r1s1-uqhm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96419?format=api", "vulnerability_id": "VCID-ref9-5wc1-5fcy", "summary": "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JAXP). Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21299.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21299.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-21299", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00097", "scoring_system": "epss", "scoring_elements": "0.26688", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00097", "scoring_system": "epss", "scoring_elements": "0.26792", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-21299" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21248", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21248" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21277", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21277" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21282", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21282" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21283", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21283" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21291", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21291" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21293", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21293" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21294", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21294" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21296", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21296" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21299", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21299" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21305", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21305" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21340", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21340" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21341", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21341" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21360", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21360" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21365", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21365" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21366", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21366" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2041472", "reference_id": "2041472", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2041472" }, { "reference_url": "https://www.debian.org/security/2022/dsa-5057", "reference_id": "dsa-5057", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-27T15:13:18Z/" } ], "url": "https://www.debian.org/security/2022/dsa-5057" }, { "reference_url": "https://www.debian.org/security/2022/dsa-5058", "reference_id": "dsa-5058", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-27T15:13:18Z/" } ], "url": "https://www.debian.org/security/2022/dsa-5058" }, { "reference_url": "https://security.gentoo.org/glsa/202209-05", "reference_id": "GLSA-202209-05", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-27T15:13:18Z/" } ], "url": "https://security.gentoo.org/glsa/202209-05" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2022/02/msg00011.html", "reference_id": "msg00011.html", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-27T15:13:18Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2022/02/msg00011.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20220121-0007/", "reference_id": "ntap-20220121-0007", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-27T15:13:18Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20220121-0007/" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20240621-0006/", "reference_id": "ntap-20240621-0006", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-27T15:13:18Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20240621-0006/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0161", "reference_id": "RHSA-2022:0161", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0161" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0165", "reference_id": "RHSA-2022:0165", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0165" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0166", "reference_id": "RHSA-2022:0166", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0166" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0185", "reference_id": "RHSA-2022:0185", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0185" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0204", "reference_id": "RHSA-2022:0204", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0204" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0209", "reference_id": "RHSA-2022:0209", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0209" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0211", "reference_id": "RHSA-2022:0211", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0211" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0228", "reference_id": "RHSA-2022:0228", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0228" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0229", "reference_id": "RHSA-2022:0229", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0229" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0233", "reference_id": "RHSA-2022:0233", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0233" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0304", "reference_id": "RHSA-2022:0304", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0304" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0305", "reference_id": "RHSA-2022:0305", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0305" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0306", "reference_id": "RHSA-2022:0306", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0306" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0307", "reference_id": "RHSA-2022:0307", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0307" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0312", "reference_id": "RHSA-2022:0312", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0312" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0317", "reference_id": "RHSA-2022:0317", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0317" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0321", "reference_id": "RHSA-2022:0321", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0321" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4918", "reference_id": "RHSA-2022:4918", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4918" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4919", "reference_id": "RHSA-2022:4919", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4919" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4922", "reference_id": "RHSA-2022:4922", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4922" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4957", "reference_id": "RHSA-2022:4957", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4957" }, { "reference_url": "https://usn.ubuntu.com/5313-1/", "reference_id": "USN-5313-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5313-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/190337?format=api", "purl": "pkg:ebuild/dev-java/openjdk-bin@8.322_p06", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk-bin@8.322_p06" }, { "url": "http://public2.vulnerablecode.io/api/packages/190338?format=api", "purl": "pkg:ebuild/dev-java/openjdk-bin@11.0.14_p9", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk-bin@11.0.14_p9" }, { "url": "http://public2.vulnerablecode.io/api/packages/190339?format=api", "purl": "pkg:ebuild/dev-java/openjdk-bin@17.0.2_p8", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk-bin@17.0.2_p8" } ], "aliases": [ "CVE-2022-21299" ], "risk_score": 2.4, "exploitability": "0.5", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ref9-5wc1-5fcy" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96719?format=api", "vulnerability_id": "VCID-sgdd-nuc8-gybc", "summary": "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: 2D). Supported versions that are affected are Oracle Java SE: 7u321, 8u311; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21349.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21349.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-21349", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00061", "scoring_system": "epss", "scoring_elements": "0.19139", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00061", "scoring_system": "epss", "scoring_elements": "0.19211", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-21349" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2046273", "reference_id": "2046273", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2046273" }, { "reference_url": "https://security.gentoo.org/glsa/202209-05", "reference_id": "GLSA-202209-05", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-24T17:35:33Z/" } ], "url": "https://security.gentoo.org/glsa/202209-05" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2022/02/msg00011.html", "reference_id": "msg00011.html", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-24T17:35:33Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2022/02/msg00011.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20220121-0007/", "reference_id": "ntap-20220121-0007", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-24T17:35:33Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20220121-0007/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/190337?format=api", "purl": "pkg:ebuild/dev-java/openjdk-bin@8.322_p06", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk-bin@8.322_p06" }, { "url": "http://public2.vulnerablecode.io/api/packages/190338?format=api", "purl": "pkg:ebuild/dev-java/openjdk-bin@11.0.14_p9", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk-bin@11.0.14_p9" }, { "url": "http://public2.vulnerablecode.io/api/packages/190339?format=api", "purl": "pkg:ebuild/dev-java/openjdk-bin@17.0.2_p8", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk-bin@17.0.2_p8" } ], "aliases": [ "CVE-2022-21349" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-sgdd-nuc8-gybc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/6945?format=api", "vulnerability_id": "VCID-v59b-dnzb-a7g9", "summary": "multiple issues", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-35588.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-35588.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-35588", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00162", "scoring_system": "epss", "scoring_elements": "0.36808", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00162", "scoring_system": "epss", "scoring_elements": "0.369", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-35588" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2015659", "reference_id": "2015659", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2015659" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6EUURAQOIJYFZHQ7DFZCO6IKDPIAWTNK/", "reference_id": "6EUURAQOIJYFZHQ7DFZCO6IKDPIAWTNK", "reference_type": "", "scores": [ { "value": "3.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-26T19:11:40Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6EUURAQOIJYFZHQ7DFZCO6IKDPIAWTNK/" }, { "reference_url": "https://security.archlinux.org/AVG-2479", "reference_id": "AVG-2479", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2479" }, { "reference_url": "https://security.gentoo.org/glsa/202209-05", "reference_id": "GLSA-202209-05", "reference_type": "", "scores": [ { "value": "3.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-26T19:11:40Z/" } ], "url": "https://security.gentoo.org/glsa/202209-05" }, { "reference_url": "https://security.gentoo.org/glsa/202409-26", "reference_id": "GLSA-202409-26", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202409-26" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GTYZWIXDFUV2H57YQZJWPOD3BC3I3EIQ/", "reference_id": "GTYZWIXDFUV2H57YQZJWPOD3BC3I3EIQ", "reference_type": "", "scores": [ { "value": "3.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-26T19:11:40Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GTYZWIXDFUV2H57YQZJWPOD3BC3I3EIQ/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GXTUWAWXVU37GRNIG4TPMA47THO6VAE6/", "reference_id": "GXTUWAWXVU37GRNIG4TPMA47THO6VAE6", "reference_type": "", "scores": [ { "value": "3.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-26T19:11:40Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GXTUWAWXVU37GRNIG4TPMA47THO6VAE6/" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2021/11/msg00008.html", "reference_id": "msg00008.html", "reference_type": "", "scores": [ { "value": "3.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-26T19:11:40Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2021/11/msg00008.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20240621-0006/", "reference_id": "ntap-20240621-0006", "reference_type": "", "scores": [ { "value": "3.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-26T19:11:40Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20240621-0006/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3884", "reference_id": "RHSA-2021:3884", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3884" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3885", "reference_id": "RHSA-2021:3885", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3885" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3889", "reference_id": "RHSA-2021:3889", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3889" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3893", "reference_id": "RHSA-2021:3893", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3893" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3960", "reference_id": "RHSA-2021:3960", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3960" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3961", "reference_id": "RHSA-2021:3961", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3961" }, { "reference_url": "https://usn.ubuntu.com/5202-1/", "reference_id": "USN-5202-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5202-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/190337?format=api", "purl": "pkg:ebuild/dev-java/openjdk-bin@8.322_p06", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk-bin@8.322_p06" }, { "url": "http://public2.vulnerablecode.io/api/packages/190338?format=api", "purl": "pkg:ebuild/dev-java/openjdk-bin@11.0.14_p9", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk-bin@11.0.14_p9" }, { "url": "http://public2.vulnerablecode.io/api/packages/190339?format=api", "purl": "pkg:ebuild/dev-java/openjdk-bin@17.0.2_p8", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk-bin@17.0.2_p8" } ], "aliases": [ "CVE-2021-35588" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-v59b-dnzb-a7g9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96422?format=api", "vulnerability_id": "VCID-wjrk-ff88-gufv", "summary": "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Serialization). Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21341.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21341.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-21341", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00143", "scoring_system": "epss", "scoring_elements": "0.3431", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00143", "scoring_system": "epss", "scoring_elements": "0.34407", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-21341" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21248", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21248" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21277", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21277" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21282", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21282" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21283", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21283" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21291", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21291" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21293", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21293" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21294", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21294" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21296", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21296" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21299", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21299" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21305", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21305" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21340", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21340" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21341", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21341" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21360", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21360" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21365", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21365" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21366", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21366" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2041897", "reference_id": "2041897", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2041897" }, { "reference_url": "https://www.debian.org/security/2022/dsa-5057", "reference_id": "dsa-5057", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T15:02:07Z/" } ], "url": "https://www.debian.org/security/2022/dsa-5057" }, { "reference_url": "https://www.debian.org/security/2022/dsa-5058", "reference_id": "dsa-5058", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T15:02:07Z/" } ], "url": "https://www.debian.org/security/2022/dsa-5058" }, { "reference_url": "https://security.gentoo.org/glsa/202209-05", "reference_id": "GLSA-202209-05", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T15:02:07Z/" } ], "url": "https://security.gentoo.org/glsa/202209-05" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2022/02/msg00011.html", "reference_id": "msg00011.html", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T15:02:07Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2022/02/msg00011.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20220121-0007/", "reference_id": "ntap-20220121-0007", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T15:02:07Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20220121-0007/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0161", "reference_id": "RHSA-2022:0161", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0161" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0165", "reference_id": "RHSA-2022:0165", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0165" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0166", "reference_id": "RHSA-2022:0166", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0166" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0185", "reference_id": "RHSA-2022:0185", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0185" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0204", "reference_id": "RHSA-2022:0204", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0204" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0209", "reference_id": "RHSA-2022:0209", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0209" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0211", "reference_id": "RHSA-2022:0211", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0211" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0228", "reference_id": "RHSA-2022:0228", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0228" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0229", "reference_id": "RHSA-2022:0229", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0229" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0233", "reference_id": "RHSA-2022:0233", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0233" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0304", "reference_id": "RHSA-2022:0304", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0304" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0305", "reference_id": "RHSA-2022:0305", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0305" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0306", "reference_id": "RHSA-2022:0306", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0306" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0307", "reference_id": "RHSA-2022:0307", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0307" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0312", "reference_id": "RHSA-2022:0312", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0312" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0317", "reference_id": "RHSA-2022:0317", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0317" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0321", "reference_id": "RHSA-2022:0321", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0321" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0968", "reference_id": "RHSA-2022:0968", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0968" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0969", "reference_id": "RHSA-2022:0969", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0969" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0970", "reference_id": "RHSA-2022:0970", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0970" }, { "reference_url": "https://usn.ubuntu.com/5313-1/", "reference_id": "USN-5313-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5313-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/190337?format=api", "purl": "pkg:ebuild/dev-java/openjdk-bin@8.322_p06", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk-bin@8.322_p06" }, { "url": "http://public2.vulnerablecode.io/api/packages/190338?format=api", "purl": "pkg:ebuild/dev-java/openjdk-bin@11.0.14_p9", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk-bin@11.0.14_p9" }, { "url": "http://public2.vulnerablecode.io/api/packages/190339?format=api", "purl": "pkg:ebuild/dev-java/openjdk-bin@17.0.2_p8", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk-bin@17.0.2_p8" } ], "aliases": [ "CVE-2022-21341" ], "risk_score": 2.4, "exploitability": "0.5", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-wjrk-ff88-gufv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96416?format=api", "vulnerability_id": "VCID-x6q8-wzbk-ekh5", "summary": "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21293.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21293.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-21293", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00096", "scoring_system": "epss", "scoring_elements": "0.26465", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00096", "scoring_system": "epss", "scoring_elements": "0.26567", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-21293" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21248", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21248" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21277", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21277" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21282", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21282" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21283", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21283" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21291", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21291" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21293", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21293" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21294", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21294" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21296", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21296" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21299", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21299" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21305", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21305" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21340", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21340" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21341", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21341" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21360", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21360" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21365", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21365" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21366", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21366" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2041417", "reference_id": "2041417", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2041417" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2DIN3L6L3SVZK75CKW2GPSU4HIGZR7XG/", "reference_id": "2DIN3L6L3SVZK75CKW2GPSU4HIGZR7XG", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-26T20:44:41Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2DIN3L6L3SVZK75CKW2GPSU4HIGZR7XG/" }, { "reference_url": "https://www.debian.org/security/2022/dsa-5057", "reference_id": "dsa-5057", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-26T20:44:41Z/" } ], "url": "https://www.debian.org/security/2022/dsa-5057" }, { "reference_url": "https://www.debian.org/security/2022/dsa-5058", "reference_id": "dsa-5058", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-26T20:44:41Z/" } ], "url": "https://www.debian.org/security/2022/dsa-5058" }, { "reference_url": "https://security.gentoo.org/glsa/202209-05", "reference_id": "GLSA-202209-05", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-26T20:44:41Z/" } ], "url": "https://security.gentoo.org/glsa/202209-05" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2022/02/msg00011.html", "reference_id": "msg00011.html", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-26T20:44:41Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2022/02/msg00011.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20220121-0007/", "reference_id": "ntap-20220121-0007", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-26T20:44:41Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20220121-0007/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0161", "reference_id": "RHSA-2022:0161", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0161" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0165", "reference_id": "RHSA-2022:0165", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0165" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0166", "reference_id": "RHSA-2022:0166", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0166" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0185", "reference_id": "RHSA-2022:0185", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0185" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0204", "reference_id": "RHSA-2022:0204", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0204" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0209", "reference_id": "RHSA-2022:0209", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0209" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0211", "reference_id": "RHSA-2022:0211", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0211" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0228", "reference_id": "RHSA-2022:0228", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0228" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0229", "reference_id": "RHSA-2022:0229", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0229" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0233", "reference_id": "RHSA-2022:0233", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0233" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0304", "reference_id": "RHSA-2022:0304", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0304" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0305", "reference_id": "RHSA-2022:0305", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0305" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0306", "reference_id": "RHSA-2022:0306", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0306" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0307", "reference_id": "RHSA-2022:0307", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0307" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0312", "reference_id": "RHSA-2022:0312", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0312" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0317", "reference_id": "RHSA-2022:0317", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0317" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0321", "reference_id": "RHSA-2022:0321", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0321" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0968", "reference_id": "RHSA-2022:0968", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0968" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0969", "reference_id": "RHSA-2022:0969", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0969" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0970", "reference_id": "RHSA-2022:0970", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0970" }, { "reference_url": "https://usn.ubuntu.com/5313-1/", "reference_id": "USN-5313-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5313-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/190337?format=api", "purl": "pkg:ebuild/dev-java/openjdk-bin@8.322_p06", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk-bin@8.322_p06" }, { "url": "http://public2.vulnerablecode.io/api/packages/190338?format=api", "purl": "pkg:ebuild/dev-java/openjdk-bin@11.0.14_p9", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk-bin@11.0.14_p9" }, { "url": "http://public2.vulnerablecode.io/api/packages/190339?format=api", "purl": "pkg:ebuild/dev-java/openjdk-bin@17.0.2_p8", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk-bin@17.0.2_p8" } ], "aliases": [ "CVE-2022-21293" ], "risk_score": 2.4, "exploitability": "0.5", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-x6q8-wzbk-ekh5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96420?format=api", "vulnerability_id": "VCID-xu8s-gw2e-xyaf", "summary": "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N).", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21305.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21305.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-21305", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00182", "scoring_system": "epss", "scoring_elements": "0.39692", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00182", "scoring_system": "epss", "scoring_elements": "0.39777", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-21305" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21248", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21248" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21277", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21277" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21282", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21282" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21283", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21283" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21291", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21291" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21293", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21293" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21294", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21294" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21296", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21296" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21299", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21299" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21305", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21305" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21340", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21340" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21341", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21341" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21360", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21360" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21365", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21365" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21366", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21366" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2041878", "reference_id": "2041878", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2041878" }, { "reference_url": "https://www.debian.org/security/2022/dsa-5057", "reference_id": "dsa-5057", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-08-15T14:45:21Z/" } ], "url": "https://www.debian.org/security/2022/dsa-5057" }, { "reference_url": "https://www.debian.org/security/2022/dsa-5058", "reference_id": "dsa-5058", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-08-15T14:45:21Z/" } ], "url": "https://www.debian.org/security/2022/dsa-5058" }, { "reference_url": "https://security.gentoo.org/glsa/202209-05", "reference_id": "GLSA-202209-05", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-08-15T14:45:21Z/" } ], "url": "https://security.gentoo.org/glsa/202209-05" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2022/02/msg00011.html", "reference_id": "msg00011.html", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-08-15T14:45:21Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2022/02/msg00011.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20220121-0007/", "reference_id": "ntap-20220121-0007", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-08-15T14:45:21Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20220121-0007/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0161", "reference_id": "RHSA-2022:0161", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0161" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0165", "reference_id": "RHSA-2022:0165", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0165" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0166", "reference_id": "RHSA-2022:0166", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0166" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0185", "reference_id": "RHSA-2022:0185", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0185" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0204", "reference_id": "RHSA-2022:0204", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0204" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0209", "reference_id": "RHSA-2022:0209", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0209" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0211", "reference_id": "RHSA-2022:0211", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0211" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0228", "reference_id": "RHSA-2022:0228", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0228" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0229", "reference_id": "RHSA-2022:0229", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0229" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0233", "reference_id": "RHSA-2022:0233", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0233" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0304", "reference_id": "RHSA-2022:0304", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0304" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0305", "reference_id": "RHSA-2022:0305", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0305" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0306", "reference_id": "RHSA-2022:0306", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0306" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0307", "reference_id": "RHSA-2022:0307", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0307" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0312", "reference_id": "RHSA-2022:0312", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0312" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0317", "reference_id": "RHSA-2022:0317", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0317" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0321", "reference_id": "RHSA-2022:0321", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0321" }, { "reference_url": "https://usn.ubuntu.com/5313-1/", "reference_id": "USN-5313-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5313-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/190337?format=api", "purl": "pkg:ebuild/dev-java/openjdk-bin@8.322_p06", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk-bin@8.322_p06" }, { "url": "http://public2.vulnerablecode.io/api/packages/190338?format=api", "purl": "pkg:ebuild/dev-java/openjdk-bin@11.0.14_p9", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk-bin@11.0.14_p9" }, { "url": "http://public2.vulnerablecode.io/api/packages/190339?format=api", "purl": "pkg:ebuild/dev-java/openjdk-bin@17.0.2_p8", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk-bin@17.0.2_p8" } ], "aliases": [ "CVE-2022-21305" ], "risk_score": 2.4, "exploitability": "0.5", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-xu8s-gw2e-xyaf" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3313?format=api", "vulnerability_id": "VCID-zsyv-sfjk-2bbw", "summary": "multiple issues", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-2388.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-2388.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-2388", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00805", "scoring_system": "epss", "scoring_elements": "0.74524", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00805", "scoring_system": "epss", "scoring_elements": "0.74491", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-2388" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-2341", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-2341" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-2369", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-2369" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-2388", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-2388" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1983075", "reference_id": "1983075", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1983075" }, { "reference_url": "https://security.archlinux.org/ASA-202107-53", "reference_id": "ASA-202107-53", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202107-53" }, { "reference_url": "https://security.archlinux.org/ASA-202107-54", "reference_id": "ASA-202107-54", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202107-54" }, { "reference_url": "https://security.archlinux.org/ASA-202107-65", "reference_id": "ASA-202107-65", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202107-65" }, { "reference_url": "https://security.archlinux.org/ASA-202107-66", "reference_id": "ASA-202107-66", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202107-66" }, { "reference_url": "https://security.archlinux.org/AVG-2188", "reference_id": "AVG-2188", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2188" }, { "reference_url": "https://security.archlinux.org/AVG-2189", "reference_id": "AVG-2189", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2189" }, { "reference_url": "https://security.archlinux.org/AVG-2190", "reference_id": "AVG-2190", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2190" }, { "reference_url": "https://www.debian.org/security/2021/dsa-4946", "reference_id": "dsa-4946", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-26T13:58:23Z/" } ], "url": "https://www.debian.org/security/2021/dsa-4946" }, { "reference_url": "https://security.gentoo.org/glsa/202209-05", "reference_id": "GLSA-202209-05", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-26T13:58:23Z/" } ], "url": "https://security.gentoo.org/glsa/202209-05" }, { "reference_url": "https://security.gentoo.org/glsa/202409-26", "reference_id": "GLSA-202409-26", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202409-26" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2021/08/msg00011.html", "reference_id": "msg00011.html", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-26T13:58:23Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2021/08/msg00011.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20210723-0002/", "reference_id": "ntap-20210723-0002", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-26T13:58:23Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20210723-0002/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2774", "reference_id": "RHSA-2021:2774", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2774" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2775", "reference_id": "RHSA-2021:2775", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2775" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2776", "reference_id": "RHSA-2021:2776", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2776" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2777", "reference_id": "RHSA-2021:2777", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2777" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2778", "reference_id": "RHSA-2021:2778", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2778" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2779", "reference_id": "RHSA-2021:2779", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2779" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2780", "reference_id": "RHSA-2021:2780", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2780" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2781", "reference_id": "RHSA-2021:2781", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2781" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2782", "reference_id": "RHSA-2021:2782", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2782" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2783", "reference_id": "RHSA-2021:2783", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2783" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2784", "reference_id": "RHSA-2021:2784", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2784" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:2845", "reference_id": "RHSA-2021:2845", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:2845" }, { "reference_url": "https://usn.ubuntu.com/5202-1/", "reference_id": "USN-5202-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5202-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/190337?format=api", "purl": "pkg:ebuild/dev-java/openjdk-bin@8.322_p06", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk-bin@8.322_p06" }, { "url": "http://public2.vulnerablecode.io/api/packages/190338?format=api", "purl": "pkg:ebuild/dev-java/openjdk-bin@11.0.14_p9", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk-bin@11.0.14_p9" }, { "url": "http://public2.vulnerablecode.io/api/packages/190339?format=api", "purl": "pkg:ebuild/dev-java/openjdk-bin@17.0.2_p8", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk-bin@17.0.2_p8" } ], "aliases": [ "CVE-2021-2388" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zsyv-sfjk-2bbw" } ], "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk-bin@17.0.2_p8" }