Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:apk/alpine/openjdk17@17.0.10_p7-r0?arch=riscv64&distroversion=v3.22&reponame=community

Type apk

Namespace alpine

Name openjdk17

Version 17.0.10_p7-r0

Qualifiers

arch	riscv64
distroversion	v3.22
reponame	community

Subpath

Is_vulnerable false

Next_non_vulnerable_version 17.0.11_p9-r0

Latest_non_vulnerable_version 17.0.19_p10-r0

Affected_by_vulnerabilities

Fixing_vulnerabilities

url VCID-3mtb-zvse-pqdb

vulnerability_id VCID-3mtb-zvse-pqdb

summary OpenJDK: arbitrary Java code execution in Nashorn (8314284)

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-20926.json

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-20926.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-20926

reference_id

reference_type

scores

value	0.00249
scoring_system	epss
scoring_elements	0.48368
published_at	2026-06-05T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-20926

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20918
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20918

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20919
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20919

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20921
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20921

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20926
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20926

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20932
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20932

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20945
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20945

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20952
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20952

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2257850
reference_id	2257850
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2257850

reference_url	https://security.gentoo.org/glsa/202412-07
reference_id	GLSA-202412-07
reference_type
scores
url	https://security.gentoo.org/glsa/202412-07

reference_url

https://lists.debian.org/debian-lts-announce/2024/01/msg00023.html

reference_id

msg00023.html

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-15T16:03:46Z/

url

https://lists.debian.org/debian-lts-announce/2024/01/msg00023.html

reference_url

https://security.netapp.com/advisory/ntap-20240201-0002/

reference_id

ntap-20240201-0002

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-15T16:03:46Z/

url

https://security.netapp.com/advisory/ntap-20240201-0002/

reference_url	https://access.redhat.com/errata/RHSA-2024:0222
reference_id	RHSA-2024:0222
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0222

reference_url	https://access.redhat.com/errata/RHSA-2024:0223
reference_id	RHSA-2024:0223
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0223

reference_url	https://access.redhat.com/errata/RHSA-2024:0224
reference_id	RHSA-2024:0224
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0224

reference_url	https://access.redhat.com/errata/RHSA-2024:0225
reference_id	RHSA-2024:0225
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0225

reference_url	https://access.redhat.com/errata/RHSA-2024:0226
reference_id	RHSA-2024:0226
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0226

reference_url	https://access.redhat.com/errata/RHSA-2024:0228
reference_id	RHSA-2024:0228
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0228

reference_url	https://access.redhat.com/errata/RHSA-2024:0230
reference_id	RHSA-2024:0230
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0230

reference_url	https://access.redhat.com/errata/RHSA-2024:0231
reference_id	RHSA-2024:0231
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0231

reference_url	https://access.redhat.com/errata/RHSA-2024:0232
reference_id	RHSA-2024:0232
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0232

reference_url	https://access.redhat.com/errata/RHSA-2024:0233
reference_id	RHSA-2024:0233
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0233

reference_url	https://access.redhat.com/errata/RHSA-2024:0234
reference_id	RHSA-2024:0234
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0234

reference_url	https://access.redhat.com/errata/RHSA-2024:0235
reference_id	RHSA-2024:0235
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0235

reference_url	https://access.redhat.com/errata/RHSA-2024:0237
reference_id	RHSA-2024:0237
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0237

reference_url	https://access.redhat.com/errata/RHSA-2024:0239
reference_id	RHSA-2024:0239
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0239

reference_url	https://access.redhat.com/errata/RHSA-2024:0265
reference_id	RHSA-2024:0265
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0265

reference_url	https://access.redhat.com/errata/RHSA-2024:0266
reference_id	RHSA-2024:0266
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0266

reference_url	https://access.redhat.com/errata/RHSA-2024:1481
reference_id	RHSA-2024:1481
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1481

reference_url	https://access.redhat.com/errata/RHSA-2024:1482
reference_id	RHSA-2024:1482
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1482

reference_url	https://usn.ubuntu.com/6660-1/
reference_id	USN-6660-1
reference_type
scores
url	https://usn.ubuntu.com/6660-1/

reference_url	https://usn.ubuntu.com/6696-1/
reference_id	USN-6696-1
reference_type
scores
url	https://usn.ubuntu.com/6696-1/

reference_url	https://usn.ubuntu.com/7096-1/
reference_id	USN-7096-1
reference_type
scores
url	https://usn.ubuntu.com/7096-1/

fixed_packages

url	pkg:apk/alpine/openjdk17@17.0.10_p7-r0?arch=riscv64&distroversion=v3.22&reponame=community
purl	pkg:apk/alpine/openjdk17@17.0.10_p7-r0?arch=riscv64&distroversion=v3.22&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openjdk17@17.0.10_p7-r0%3Farch=riscv64&distroversion=v3.22&reponame=community

aliases CVE-2024-20926

risk_score 2.6

exploitability 0.5

weighted_severity 5.3

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3mtb-zvse-pqdb

url VCID-e3cz-9mdx-cfhp

vulnerability_id VCID-e3cz-9mdx-cfhp

summary

Java: DoS Vulnerability in JSON-JAVA
A denial of service vulnerability in JSON-Java was discovered by [ClusterFuzz](https://google.github.io/clusterfuzz/).  A bug in the parser means that an input string of modest size can lead to indefinite amounts of memory being used. There are two issues: (1) the parser bug can be used to circumvent a check that is supposed to prevent the key in a JSON object from itself being another JSON object; (2) if a key does end up being a JSON object then it gets converted into a string, using `\` to escape special characters, including `\` itself. So by nesting JSON objects, with a key that is a JSON object that has a key that is a JSON object, and so on, we can get an exponential number of `\` characters in the escaped string.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-5072.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-5072.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-5072

reference_id

reference_type

scores

value	0.00677
scoring_system	epss
scoring_elements	0.71955
published_at	2026-06-05T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-5072

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5072
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5072

reference_url

https://github.com/stleary/JSON-java

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/stleary/JSON-java

reference_url

https://github.com/stleary/JSON-java/commit/60662e2f8384d3449822a3a1179bfe8de67b55bb

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/stleary/JSON-java/commit/60662e2f8384d3449822a3a1179bfe8de67b55bb

reference_url

https://github.com/stleary/JSON-java/issues/758

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-21T16:23:55Z/

url

https://github.com/stleary/JSON-java/issues/758

reference_url

https://github.com/stleary/JSON-java/issues/771

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-21T16:23:55Z/

url

https://github.com/stleary/JSON-java/issues/771

reference_url

https://github.com/stleary/JSON-java/pull/759

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/stleary/JSON-java/pull/759

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1053882
reference_id	1053882
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1053882

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1053883
reference_id	1053883
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1053883

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1053884
reference_id	1053884
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1053884

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2246417
reference_id	2246417
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2246417

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2023-5072

reference_id

CVE-2023-5072

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2023-5072

reference_url	https://github.com/advisories/GHSA-4jq9-2xhw-jpx7
reference_id	GHSA-4jq9-2xhw-jpx7
reference_type
scores
url	https://github.com/advisories/GHSA-4jq9-2xhw-jpx7

reference_url

https://github.com/google/security-research/security/advisories/GHSA-4jq9-2xhw-jpx7

reference_id

GHSA-4jq9-2xhw-jpx7

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/google/security-research/security/advisories/GHSA-4jq9-2xhw-jpx7

reference_url

https://security.netapp.com/advisory/ntap-20240621-0007/

reference_id

ntap-20240621-0007

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-21T16:23:55Z/

url

https://security.netapp.com/advisory/ntap-20240621-0007/

reference_url	https://access.redhat.com/errata/RHSA-2023:7617
reference_id	RHSA-2023:7617
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:7617

reference_url	https://access.redhat.com/errata/RHSA-2023:7678
reference_id	RHSA-2023:7678
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:7678

reference_url	https://access.redhat.com/errata/RHSA-2023:7842
reference_id	RHSA-2023:7842
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:7842

reference_url	https://access.redhat.com/errata/RHSA-2023:7845
reference_id	RHSA-2023:7845
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:7845

reference_url	https://access.redhat.com/errata/RHSA-2024:0148
reference_id	RHSA-2024:0148
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0148

reference_url	https://access.redhat.com/errata/RHSA-2024:4271
reference_id	RHSA-2024:4271
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:4271

fixed_packages

url	pkg:apk/alpine/openjdk17@17.0.10_p7-r0?arch=riscv64&distroversion=v3.22&reponame=community
purl	pkg:apk/alpine/openjdk17@17.0.10_p7-r0?arch=riscv64&distroversion=v3.22&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openjdk17@17.0.10_p7-r0%3Farch=riscv64&distroversion=v3.22&reponame=community

aliases CVE-2023-5072, GHSA-4jq9-2xhw-jpx7

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-e3cz-9mdx-cfhp

url VCID-jua2-s4g6-v3h2

vulnerability_id VCID-jua2-s4g6-v3h2

summary OpenJDK: incorrect handling of ZIP files with duplicate entries (8276123)

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-20932.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-20932.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-20932

reference_id

reference_type

scores

value	0.00131
scoring_system	epss
scoring_elements	0.32282
published_at	2026-06-05T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-20932

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20918
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20918

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20919
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20919

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20921
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20921

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20926
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20926

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20932
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20932

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20945
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20945

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20952
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20952

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2257720
reference_id	2257720
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2257720

reference_url	https://security.gentoo.org/glsa/202412-07
reference_id	GLSA-202412-07
reference_type
scores
url	https://security.gentoo.org/glsa/202412-07

reference_url

https://security.netapp.com/advisory/ntap-20240201-0002/

reference_id

ntap-20240201-0002

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-30T15:51:25Z/

url

https://security.netapp.com/advisory/ntap-20240201-0002/

reference_url	https://access.redhat.com/errata/RHSA-2024:0240
reference_id	RHSA-2024:0240
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0240

reference_url	https://access.redhat.com/errata/RHSA-2024:0241
reference_id	RHSA-2024:0241
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0241

reference_url	https://access.redhat.com/errata/RHSA-2024:0242
reference_id	RHSA-2024:0242
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0242

reference_url	https://access.redhat.com/errata/RHSA-2024:0244
reference_id	RHSA-2024:0244
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0244

reference_url	https://access.redhat.com/errata/RHSA-2024:0246
reference_id	RHSA-2024:0246
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0246

reference_url	https://access.redhat.com/errata/RHSA-2024:0267
reference_id	RHSA-2024:0267
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0267

reference_url	https://usn.ubuntu.com/6661-1/
reference_id	USN-6661-1
reference_type
scores
url	https://usn.ubuntu.com/6661-1/

fixed_packages

url	pkg:apk/alpine/openjdk17@17.0.10_p7-r0?arch=riscv64&distroversion=v3.22&reponame=community
purl	pkg:apk/alpine/openjdk17@17.0.10_p7-r0?arch=riscv64&distroversion=v3.22&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openjdk17@17.0.10_p7-r0%3Farch=riscv64&distroversion=v3.22&reponame=community

aliases CVE-2024-20932

risk_score 3.4

exploitability 0.5

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jua2-s4g6-v3h2

url VCID-kkk4-xqv1-gug4

vulnerability_id VCID-kkk4-xqv1-gug4

summary OpenJDK: array out-of-bounds access due to missing range check in C1 compiler (8314468)

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-20918.json

reference_id

reference_type

scores

value	7.4
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-20918.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-20918

reference_id

reference_type

scores

value	0.00235
scoring_system	epss
scoring_elements	0.46648
published_at	2026-06-05T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-20918

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20918
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20918

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20919
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20919

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20921
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20921

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20926
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20926

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20932
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20932

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20945
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20945

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20952
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20952

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2257728
reference_id	2257728
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2257728

reference_url	https://security.gentoo.org/glsa/202412-07
reference_id	GLSA-202412-07
reference_type
scores
url	https://security.gentoo.org/glsa/202412-07

reference_url

https://lists.debian.org/debian-lts-announce/2024/01/msg00023.html

reference_id

msg00023.html

reference_type

scores

value	7.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-01-25T05:01:02Z/

url

https://lists.debian.org/debian-lts-announce/2024/01/msg00023.html

reference_url

https://security.netapp.com/advisory/ntap-20240201-0002/

reference_id

ntap-20240201-0002

reference_type

scores

value	7.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-01-25T05:01:02Z/

url

https://security.netapp.com/advisory/ntap-20240201-0002/

reference_url	https://access.redhat.com/errata/RHSA-2024:0222
reference_id	RHSA-2024:0222
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0222

reference_url	https://access.redhat.com/errata/RHSA-2024:0223
reference_id	RHSA-2024:0223
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0223

reference_url	https://access.redhat.com/errata/RHSA-2024:0224
reference_id	RHSA-2024:0224
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0224

reference_url	https://access.redhat.com/errata/RHSA-2024:0225
reference_id	RHSA-2024:0225
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0225

reference_url	https://access.redhat.com/errata/RHSA-2024:0226
reference_id	RHSA-2024:0226
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0226

reference_url	https://access.redhat.com/errata/RHSA-2024:0228
reference_id	RHSA-2024:0228
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0228

reference_url	https://access.redhat.com/errata/RHSA-2024:0230
reference_id	RHSA-2024:0230
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0230

reference_url	https://access.redhat.com/errata/RHSA-2024:0231
reference_id	RHSA-2024:0231
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0231

reference_url	https://access.redhat.com/errata/RHSA-2024:0232
reference_id	RHSA-2024:0232
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0232

reference_url	https://access.redhat.com/errata/RHSA-2024:0233
reference_id	RHSA-2024:0233
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0233

reference_url	https://access.redhat.com/errata/RHSA-2024:0234
reference_id	RHSA-2024:0234
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0234

reference_url	https://access.redhat.com/errata/RHSA-2024:0235
reference_id	RHSA-2024:0235
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0235

reference_url	https://access.redhat.com/errata/RHSA-2024:0237
reference_id	RHSA-2024:0237
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0237

reference_url	https://access.redhat.com/errata/RHSA-2024:0239
reference_id	RHSA-2024:0239
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0239

reference_url	https://access.redhat.com/errata/RHSA-2024:0240
reference_id	RHSA-2024:0240
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0240

reference_url	https://access.redhat.com/errata/RHSA-2024:0241
reference_id	RHSA-2024:0241
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0241

reference_url	https://access.redhat.com/errata/RHSA-2024:0242
reference_id	RHSA-2024:0242
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0242

reference_url	https://access.redhat.com/errata/RHSA-2024:0244
reference_id	RHSA-2024:0244
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0244

reference_url	https://access.redhat.com/errata/RHSA-2024:0246
reference_id	RHSA-2024:0246
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0246

reference_url	https://access.redhat.com/errata/RHSA-2024:0247
reference_id	RHSA-2024:0247
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0247

reference_url	https://access.redhat.com/errata/RHSA-2024:0248
reference_id	RHSA-2024:0248
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0248

reference_url	https://access.redhat.com/errata/RHSA-2024:0249
reference_id	RHSA-2024:0249
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0249

reference_url	https://access.redhat.com/errata/RHSA-2024:0250
reference_id	RHSA-2024:0250
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0250

reference_url	https://access.redhat.com/errata/RHSA-2024:0265
reference_id	RHSA-2024:0265
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0265

reference_url	https://access.redhat.com/errata/RHSA-2024:0266
reference_id	RHSA-2024:0266
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0266

reference_url	https://access.redhat.com/errata/RHSA-2024:0267
reference_id	RHSA-2024:0267
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0267

reference_url	https://access.redhat.com/errata/RHSA-2024:1481
reference_id	RHSA-2024:1481
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1481

reference_url	https://access.redhat.com/errata/RHSA-2024:1482
reference_id	RHSA-2024:1482
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1482

reference_url	https://usn.ubuntu.com/6660-1/
reference_id	USN-6660-1
reference_type
scores
url	https://usn.ubuntu.com/6660-1/

reference_url	https://usn.ubuntu.com/6661-1/
reference_id	USN-6661-1
reference_type
scores
url	https://usn.ubuntu.com/6661-1/

reference_url	https://usn.ubuntu.com/6662-1/
reference_id	USN-6662-1
reference_type
scores
url	https://usn.ubuntu.com/6662-1/

reference_url	https://usn.ubuntu.com/6696-1/
reference_id	USN-6696-1
reference_type
scores
url	https://usn.ubuntu.com/6696-1/

reference_url	https://usn.ubuntu.com/7096-1/
reference_id	USN-7096-1
reference_type
scores
url	https://usn.ubuntu.com/7096-1/

fixed_packages

url	pkg:apk/alpine/openjdk17@17.0.10_p7-r0?arch=riscv64&distroversion=v3.22&reponame=community
purl	pkg:apk/alpine/openjdk17@17.0.10_p7-r0?arch=riscv64&distroversion=v3.22&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openjdk17@17.0.10_p7-r0%3Farch=riscv64&distroversion=v3.22&reponame=community

aliases CVE-2024-20918

risk_score 3.4

exploitability 0.5

weighted_severity 6.7

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-kkk4-xqv1-gug4

url VCID-t82y-9a1j-6few

vulnerability_id VCID-t82y-9a1j-6few

summary OpenJDK: JVM class file verifier flaw allows unverified bytecode execution (8314295)

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-20919.json

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-20919.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-20919

reference_id

reference_type

scores

value	0.00156
scoring_system	epss
scoring_elements	0.3619
published_at	2026-06-05T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-20919

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20918
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20918

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20919
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20919

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20921
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20921

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20926
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20926

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20932
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20932

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20945
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20945

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20952
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20952

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2257853
reference_id	2257853
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2257853

reference_url	https://security.gentoo.org/glsa/202412-07
reference_id	GLSA-202412-07
reference_type
scores
url	https://security.gentoo.org/glsa/202412-07

reference_url	https://access.redhat.com/errata/RHSA-2024:0222
reference_id	RHSA-2024:0222
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0222

reference_url	https://access.redhat.com/errata/RHSA-2024:0223
reference_id	RHSA-2024:0223
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0223

reference_url	https://access.redhat.com/errata/RHSA-2024:0224
reference_id	RHSA-2024:0224
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0224

reference_url	https://access.redhat.com/errata/RHSA-2024:0225
reference_id	RHSA-2024:0225
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0225

reference_url	https://access.redhat.com/errata/RHSA-2024:0226
reference_id	RHSA-2024:0226
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0226

reference_url	https://access.redhat.com/errata/RHSA-2024:0228
reference_id	RHSA-2024:0228
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0228

reference_url	https://access.redhat.com/errata/RHSA-2024:0230
reference_id	RHSA-2024:0230
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0230

reference_url	https://access.redhat.com/errata/RHSA-2024:0231
reference_id	RHSA-2024:0231
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0231

reference_url	https://access.redhat.com/errata/RHSA-2024:0232
reference_id	RHSA-2024:0232
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0232

reference_url	https://access.redhat.com/errata/RHSA-2024:0233
reference_id	RHSA-2024:0233
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0233

reference_url	https://access.redhat.com/errata/RHSA-2024:0234
reference_id	RHSA-2024:0234
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0234

reference_url	https://access.redhat.com/errata/RHSA-2024:0235
reference_id	RHSA-2024:0235
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0235

reference_url	https://access.redhat.com/errata/RHSA-2024:0237
reference_id	RHSA-2024:0237
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0237

reference_url	https://access.redhat.com/errata/RHSA-2024:0239
reference_id	RHSA-2024:0239
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0239

reference_url	https://access.redhat.com/errata/RHSA-2024:0240
reference_id	RHSA-2024:0240
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0240

reference_url	https://access.redhat.com/errata/RHSA-2024:0241
reference_id	RHSA-2024:0241
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0241

reference_url	https://access.redhat.com/errata/RHSA-2024:0242
reference_id	RHSA-2024:0242
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0242

reference_url	https://access.redhat.com/errata/RHSA-2024:0244
reference_id	RHSA-2024:0244
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0244

reference_url	https://access.redhat.com/errata/RHSA-2024:0246
reference_id	RHSA-2024:0246
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0246

reference_url	https://access.redhat.com/errata/RHSA-2024:0247
reference_id	RHSA-2024:0247
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0247

reference_url	https://access.redhat.com/errata/RHSA-2024:0248
reference_id	RHSA-2024:0248
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0248

reference_url	https://access.redhat.com/errata/RHSA-2024:0249
reference_id	RHSA-2024:0249
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0249

reference_url	https://access.redhat.com/errata/RHSA-2024:0250
reference_id	RHSA-2024:0250
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0250

reference_url	https://access.redhat.com/errata/RHSA-2024:0265
reference_id	RHSA-2024:0265
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0265

reference_url	https://access.redhat.com/errata/RHSA-2024:0266
reference_id	RHSA-2024:0266
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0266

reference_url	https://access.redhat.com/errata/RHSA-2024:0267
reference_id	RHSA-2024:0267
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0267

reference_url	https://usn.ubuntu.com/6660-1/
reference_id	USN-6660-1
reference_type
scores
url	https://usn.ubuntu.com/6660-1/

reference_url	https://usn.ubuntu.com/6661-1/
reference_id	USN-6661-1
reference_type
scores
url	https://usn.ubuntu.com/6661-1/

reference_url	https://usn.ubuntu.com/6662-1/
reference_id	USN-6662-1
reference_type
scores
url	https://usn.ubuntu.com/6662-1/

reference_url	https://usn.ubuntu.com/6696-1/
reference_id	USN-6696-1
reference_type
scores
url	https://usn.ubuntu.com/6696-1/

reference_url	https://usn.ubuntu.com/7096-1/
reference_id	USN-7096-1
reference_type
scores
url	https://usn.ubuntu.com/7096-1/

fixed_packages

url	pkg:apk/alpine/openjdk17@17.0.10_p7-r0?arch=riscv64&distroversion=v3.22&reponame=community
purl	pkg:apk/alpine/openjdk17@17.0.10_p7-r0?arch=riscv64&distroversion=v3.22&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openjdk17@17.0.10_p7-r0%3Farch=riscv64&distroversion=v3.22&reponame=community

aliases CVE-2024-20919

risk_score 2.6

exploitability 0.5

weighted_severity 5.3

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-t82y-9a1j-6few

url VCID-xk5g-kcya-fycf

vulnerability_id VCID-xk5g-kcya-fycf

summary OpenJDK: RSA padding issue and timing side-channel attack against TLS (8317547)

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-20952.json

reference_id

reference_type

scores

value	7.4
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-20952.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-20952

reference_id

reference_type

scores

value	0.00319
scoring_system	epss
scoring_elements	0.55353
published_at	2026-06-05T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-20952

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20918
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20918

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20919
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20919

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20921
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20921

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20926
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20926

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20932
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20932

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20945
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20945

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20952
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20952

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2257837
reference_id	2257837
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2257837

reference_url	https://security.gentoo.org/glsa/202412-07
reference_id	GLSA-202412-07
reference_type
scores
url	https://security.gentoo.org/glsa/202412-07

reference_url

https://lists.debian.org/debian-lts-announce/2024/01/msg00023.html

reference_id

msg00023.html

reference_type

scores

value	7.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-01-25T05:01:04Z/

url

https://lists.debian.org/debian-lts-announce/2024/01/msg00023.html

reference_url

https://security.netapp.com/advisory/ntap-20240201-0002/

reference_id

ntap-20240201-0002

reference_type

scores

value	7.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-01-25T05:01:04Z/

url

https://security.netapp.com/advisory/ntap-20240201-0002/

reference_url	https://access.redhat.com/errata/RHSA-2024:0222
reference_id	RHSA-2024:0222
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0222

reference_url	https://access.redhat.com/errata/RHSA-2024:0223
reference_id	RHSA-2024:0223
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0223

reference_url	https://access.redhat.com/errata/RHSA-2024:0224
reference_id	RHSA-2024:0224
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0224

reference_url	https://access.redhat.com/errata/RHSA-2024:0225
reference_id	RHSA-2024:0225
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0225

reference_url	https://access.redhat.com/errata/RHSA-2024:0226
reference_id	RHSA-2024:0226
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0226

reference_url	https://access.redhat.com/errata/RHSA-2024:0228
reference_id	RHSA-2024:0228
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0228

reference_url	https://access.redhat.com/errata/RHSA-2024:0230
reference_id	RHSA-2024:0230
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0230

reference_url	https://access.redhat.com/errata/RHSA-2024:0231
reference_id	RHSA-2024:0231
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0231

reference_url	https://access.redhat.com/errata/RHSA-2024:0232
reference_id	RHSA-2024:0232
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0232

reference_url	https://access.redhat.com/errata/RHSA-2024:0233
reference_id	RHSA-2024:0233
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0233

reference_url	https://access.redhat.com/errata/RHSA-2024:0234
reference_id	RHSA-2024:0234
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0234

reference_url	https://access.redhat.com/errata/RHSA-2024:0235
reference_id	RHSA-2024:0235
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0235

reference_url	https://access.redhat.com/errata/RHSA-2024:0237
reference_id	RHSA-2024:0237
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0237

reference_url	https://access.redhat.com/errata/RHSA-2024:0239
reference_id	RHSA-2024:0239
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0239

reference_url	https://access.redhat.com/errata/RHSA-2024:0240
reference_id	RHSA-2024:0240
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0240

reference_url	https://access.redhat.com/errata/RHSA-2024:0241
reference_id	RHSA-2024:0241
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0241

reference_url	https://access.redhat.com/errata/RHSA-2024:0242
reference_id	RHSA-2024:0242
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0242

reference_url	https://access.redhat.com/errata/RHSA-2024:0244
reference_id	RHSA-2024:0244
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0244

reference_url	https://access.redhat.com/errata/RHSA-2024:0246
reference_id	RHSA-2024:0246
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0246

reference_url	https://access.redhat.com/errata/RHSA-2024:0247
reference_id	RHSA-2024:0247
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0247

reference_url	https://access.redhat.com/errata/RHSA-2024:0248
reference_id	RHSA-2024:0248
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0248

reference_url	https://access.redhat.com/errata/RHSA-2024:0249
reference_id	RHSA-2024:0249
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0249

reference_url	https://access.redhat.com/errata/RHSA-2024:0250
reference_id	RHSA-2024:0250
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0250

reference_url	https://access.redhat.com/errata/RHSA-2024:0265
reference_id	RHSA-2024:0265
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0265

reference_url	https://access.redhat.com/errata/RHSA-2024:0266
reference_id	RHSA-2024:0266
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0266

reference_url	https://access.redhat.com/errata/RHSA-2024:0267
reference_id	RHSA-2024:0267
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0267

reference_url	https://access.redhat.com/errata/RHSA-2024:1481
reference_id	RHSA-2024:1481
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1481

reference_url	https://access.redhat.com/errata/RHSA-2024:1482
reference_id	RHSA-2024:1482
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1482

reference_url	https://usn.ubuntu.com/6660-1/
reference_id	USN-6660-1
reference_type
scores
url	https://usn.ubuntu.com/6660-1/

reference_url	https://usn.ubuntu.com/6661-1/
reference_id	USN-6661-1
reference_type
scores
url	https://usn.ubuntu.com/6661-1/

reference_url	https://usn.ubuntu.com/6662-1/
reference_id	USN-6662-1
reference_type
scores
url	https://usn.ubuntu.com/6662-1/

reference_url	https://usn.ubuntu.com/6696-1/
reference_id	USN-6696-1
reference_type
scores
url	https://usn.ubuntu.com/6696-1/

reference_url	https://usn.ubuntu.com/7096-1/
reference_id	USN-7096-1
reference_type
scores
url	https://usn.ubuntu.com/7096-1/

fixed_packages

url	pkg:apk/alpine/openjdk17@17.0.10_p7-r0?arch=riscv64&distroversion=v3.22&reponame=community
purl	pkg:apk/alpine/openjdk17@17.0.10_p7-r0?arch=riscv64&distroversion=v3.22&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openjdk17@17.0.10_p7-r0%3Farch=riscv64&distroversion=v3.22&reponame=community

aliases CVE-2024-20952

risk_score 3.4

exploitability 0.5

weighted_severity 6.7

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-xk5g-kcya-fycf

url VCID-y2qt-658x-27c7

vulnerability_id VCID-y2qt-658x-27c7

summary OpenJDK: logging of digital signature private keys (8316976)

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-20945.json

reference_id

reference_type

scores

value	4.7
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-20945.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-20945

reference_id

reference_type

scores

value	0.00047
scoring_system	epss
scoring_elements	0.15036
published_at	2026-06-05T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-20945

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20918
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20918

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20919
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20919

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20921
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20921

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20926
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20926

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20932
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20932

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20945
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20945

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20952
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20952

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2257874
reference_id	2257874
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2257874

reference_url	https://security.gentoo.org/glsa/202412-07
reference_id	GLSA-202412-07
reference_type
scores
url	https://security.gentoo.org/glsa/202412-07

reference_url	https://access.redhat.com/errata/RHSA-2024:0222
reference_id	RHSA-2024:0222
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0222

reference_url	https://access.redhat.com/errata/RHSA-2024:0223
reference_id	RHSA-2024:0223
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0223

reference_url	https://access.redhat.com/errata/RHSA-2024:0224
reference_id	RHSA-2024:0224
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0224

reference_url	https://access.redhat.com/errata/RHSA-2024:0225
reference_id	RHSA-2024:0225
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0225

reference_url	https://access.redhat.com/errata/RHSA-2024:0226
reference_id	RHSA-2024:0226
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0226

reference_url	https://access.redhat.com/errata/RHSA-2024:0228
reference_id	RHSA-2024:0228
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0228

reference_url	https://access.redhat.com/errata/RHSA-2024:0230
reference_id	RHSA-2024:0230
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0230

reference_url	https://access.redhat.com/errata/RHSA-2024:0231
reference_id	RHSA-2024:0231
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0231

reference_url	https://access.redhat.com/errata/RHSA-2024:0232
reference_id	RHSA-2024:0232
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0232

reference_url	https://access.redhat.com/errata/RHSA-2024:0233
reference_id	RHSA-2024:0233
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0233

reference_url	https://access.redhat.com/errata/RHSA-2024:0234
reference_id	RHSA-2024:0234
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0234

reference_url	https://access.redhat.com/errata/RHSA-2024:0235
reference_id	RHSA-2024:0235
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0235

reference_url	https://access.redhat.com/errata/RHSA-2024:0237
reference_id	RHSA-2024:0237
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0237

reference_url	https://access.redhat.com/errata/RHSA-2024:0239
reference_id	RHSA-2024:0239
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0239

reference_url	https://access.redhat.com/errata/RHSA-2024:0240
reference_id	RHSA-2024:0240
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0240

reference_url	https://access.redhat.com/errata/RHSA-2024:0241
reference_id	RHSA-2024:0241
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0241

reference_url	https://access.redhat.com/errata/RHSA-2024:0242
reference_id	RHSA-2024:0242
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0242

reference_url	https://access.redhat.com/errata/RHSA-2024:0244
reference_id	RHSA-2024:0244
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0244

reference_url	https://access.redhat.com/errata/RHSA-2024:0246
reference_id	RHSA-2024:0246
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0246

reference_url	https://access.redhat.com/errata/RHSA-2024:0247
reference_id	RHSA-2024:0247
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0247

reference_url	https://access.redhat.com/errata/RHSA-2024:0248
reference_id	RHSA-2024:0248
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0248

reference_url	https://access.redhat.com/errata/RHSA-2024:0249
reference_id	RHSA-2024:0249
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0249

reference_url	https://access.redhat.com/errata/RHSA-2024:0250
reference_id	RHSA-2024:0250
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0250

reference_url	https://access.redhat.com/errata/RHSA-2024:0265
reference_id	RHSA-2024:0265
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0265

reference_url	https://access.redhat.com/errata/RHSA-2024:0266
reference_id	RHSA-2024:0266
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0266

reference_url	https://access.redhat.com/errata/RHSA-2024:0267
reference_id	RHSA-2024:0267
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0267

reference_url	https://access.redhat.com/errata/RHSA-2024:1481
reference_id	RHSA-2024:1481
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1481

reference_url	https://access.redhat.com/errata/RHSA-2024:1482
reference_id	RHSA-2024:1482
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1482

reference_url	https://usn.ubuntu.com/6660-1/
reference_id	USN-6660-1
reference_type
scores
url	https://usn.ubuntu.com/6660-1/

reference_url	https://usn.ubuntu.com/6661-1/
reference_id	USN-6661-1
reference_type
scores
url	https://usn.ubuntu.com/6661-1/

reference_url	https://usn.ubuntu.com/6662-1/
reference_id	USN-6662-1
reference_type
scores
url	https://usn.ubuntu.com/6662-1/

reference_url	https://usn.ubuntu.com/6696-1/
reference_id	USN-6696-1
reference_type
scores
url	https://usn.ubuntu.com/6696-1/

reference_url	https://usn.ubuntu.com/7096-1/
reference_id	USN-7096-1
reference_type
scores
url	https://usn.ubuntu.com/7096-1/

fixed_packages

url	pkg:apk/alpine/openjdk17@17.0.10_p7-r0?arch=riscv64&distroversion=v3.22&reponame=community
purl	pkg:apk/alpine/openjdk17@17.0.10_p7-r0?arch=riscv64&distroversion=v3.22&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openjdk17@17.0.10_p7-r0%3Farch=riscv64&distroversion=v3.22&reponame=community

aliases CVE-2024-20945

risk_score 2.1

exploitability 0.5

weighted_severity 4.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-y2qt-658x-27c7

Risk_score null

Resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openjdk17@17.0.10_p7-r0%3Farch=riscv64&distroversion=v3.22&reponame=community

Package Instance