Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:apk/alpine/openjdk17@17.0.10_p7-r0?arch=x86_64&distroversion=v3.17&reponame=community

Type apk

Namespace alpine

Name openjdk17

Version 17.0.10_p7-r0

Qualifiers

arch	x86_64
distroversion	v3.17
reponame	community

Subpath

Is_vulnerable false

Next_non_vulnerable_version 17.0.11_p9-r0

Latest_non_vulnerable_version 17.0.11_p9-r0

Affected_by_vulnerabilities

Fixing_vulnerabilities

url VCID-8cup-qnc8-wudx

vulnerability_id VCID-8cup-qnc8-wudx

summary Multiple vulnerabilities have been discovered in OpenJDK, the worst of which could lead to remote code execution.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-20952.json

reference_id

reference_type

scores

value	7.4
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-20952.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-20952

reference_id

reference_type

scores

value	0.00324
scoring_system	epss
scoring_elements	0.55503
published_at	2026-04-16T12:55:00Z

value	0.00324
scoring_system	epss
scoring_elements	0.55441
published_at	2026-04-02T12:55:00Z

value	0.00324
scoring_system	epss
scoring_elements	0.55465
published_at	2026-04-04T12:55:00Z

value	0.00324
scoring_system	epss
scoring_elements	0.55444
published_at	2026-04-07T12:55:00Z

value	0.00324
scoring_system	epss
scoring_elements	0.55495
published_at	2026-04-09T12:55:00Z

value	0.00324
scoring_system	epss
scoring_elements	0.55505
published_at	2026-04-11T12:55:00Z

value	0.00324
scoring_system	epss
scoring_elements	0.55483
published_at	2026-04-12T12:55:00Z

value	0.00324
scoring_system	epss
scoring_elements	0.55466
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-20952

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20918
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20918

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20919
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20919

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20921
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20921

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20926
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20926

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20932
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20932

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20945
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20945

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20952
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20952

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2257837
reference_id	2257837
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2257837

reference_url	https://security.gentoo.org/glsa/202412-07
reference_id	GLSA-202412-07
reference_type
scores
url	https://security.gentoo.org/glsa/202412-07

reference_url

https://lists.debian.org/debian-lts-announce/2024/01/msg00023.html

reference_id

msg00023.html

reference_type

scores

value	7.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-01-25T05:01:04Z/

url

https://lists.debian.org/debian-lts-announce/2024/01/msg00023.html

reference_url

https://security.netapp.com/advisory/ntap-20240201-0002/

reference_id

ntap-20240201-0002

reference_type

scores

value	7.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-01-25T05:01:04Z/

url

https://security.netapp.com/advisory/ntap-20240201-0002/

reference_url	https://access.redhat.com/errata/RHSA-2024:0222
reference_id	RHSA-2024:0222
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0222

reference_url	https://access.redhat.com/errata/RHSA-2024:0223
reference_id	RHSA-2024:0223
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0223

reference_url	https://access.redhat.com/errata/RHSA-2024:0224
reference_id	RHSA-2024:0224
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0224

reference_url	https://access.redhat.com/errata/RHSA-2024:0225
reference_id	RHSA-2024:0225
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0225

reference_url	https://access.redhat.com/errata/RHSA-2024:0226
reference_id	RHSA-2024:0226
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0226

reference_url	https://access.redhat.com/errata/RHSA-2024:0228
reference_id	RHSA-2024:0228
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0228

reference_url	https://access.redhat.com/errata/RHSA-2024:0230
reference_id	RHSA-2024:0230
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0230

reference_url	https://access.redhat.com/errata/RHSA-2024:0231
reference_id	RHSA-2024:0231
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0231

reference_url	https://access.redhat.com/errata/RHSA-2024:0232
reference_id	RHSA-2024:0232
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0232

reference_url	https://access.redhat.com/errata/RHSA-2024:0233
reference_id	RHSA-2024:0233
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0233

reference_url	https://access.redhat.com/errata/RHSA-2024:0234
reference_id	RHSA-2024:0234
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0234

reference_url	https://access.redhat.com/errata/RHSA-2024:0235
reference_id	RHSA-2024:0235
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0235

reference_url	https://access.redhat.com/errata/RHSA-2024:0237
reference_id	RHSA-2024:0237
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0237

reference_url	https://access.redhat.com/errata/RHSA-2024:0239
reference_id	RHSA-2024:0239
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0239

reference_url	https://access.redhat.com/errata/RHSA-2024:0240
reference_id	RHSA-2024:0240
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0240

reference_url	https://access.redhat.com/errata/RHSA-2024:0241
reference_id	RHSA-2024:0241
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0241

reference_url	https://access.redhat.com/errata/RHSA-2024:0242
reference_id	RHSA-2024:0242
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0242

reference_url	https://access.redhat.com/errata/RHSA-2024:0244
reference_id	RHSA-2024:0244
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0244

reference_url	https://access.redhat.com/errata/RHSA-2024:0246
reference_id	RHSA-2024:0246
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0246

reference_url	https://access.redhat.com/errata/RHSA-2024:0247
reference_id	RHSA-2024:0247
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0247

reference_url	https://access.redhat.com/errata/RHSA-2024:0248
reference_id	RHSA-2024:0248
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0248

reference_url	https://access.redhat.com/errata/RHSA-2024:0249
reference_id	RHSA-2024:0249
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0249

reference_url	https://access.redhat.com/errata/RHSA-2024:0250
reference_id	RHSA-2024:0250
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0250

reference_url	https://access.redhat.com/errata/RHSA-2024:0265
reference_id	RHSA-2024:0265
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0265

reference_url	https://access.redhat.com/errata/RHSA-2024:0266
reference_id	RHSA-2024:0266
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0266

reference_url	https://access.redhat.com/errata/RHSA-2024:0267
reference_id	RHSA-2024:0267
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0267

reference_url	https://access.redhat.com/errata/RHSA-2024:1481
reference_id	RHSA-2024:1481
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1481

reference_url	https://access.redhat.com/errata/RHSA-2024:1482
reference_id	RHSA-2024:1482
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1482

reference_url	https://usn.ubuntu.com/6660-1/
reference_id	USN-6660-1
reference_type
scores
url	https://usn.ubuntu.com/6660-1/

reference_url	https://usn.ubuntu.com/6661-1/
reference_id	USN-6661-1
reference_type
scores
url	https://usn.ubuntu.com/6661-1/

reference_url	https://usn.ubuntu.com/6662-1/
reference_id	USN-6662-1
reference_type
scores
url	https://usn.ubuntu.com/6662-1/

reference_url	https://usn.ubuntu.com/6696-1/
reference_id	USN-6696-1
reference_type
scores
url	https://usn.ubuntu.com/6696-1/

reference_url	https://usn.ubuntu.com/7096-1/
reference_id	USN-7096-1
reference_type
scores
url	https://usn.ubuntu.com/7096-1/

fixed_packages

url	pkg:apk/alpine/openjdk17@17.0.10_p7-r0?arch=x86_64&distroversion=v3.17&reponame=community
purl	pkg:apk/alpine/openjdk17@17.0.10_p7-r0?arch=x86_64&distroversion=v3.17&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openjdk17@17.0.10_p7-r0%3Farch=x86_64&distroversion=v3.17&reponame=community

aliases CVE-2024-20952

risk_score 3.4

exploitability 0.5

weighted_severity 6.7

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8cup-qnc8-wudx

url VCID-d6gm-thtx-bqb7

vulnerability_id VCID-d6gm-thtx-bqb7

summary Multiple vulnerabilities have been discovered in OpenJDK, the worst of which could lead to remote code execution.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-20932.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-20932.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-20932

reference_id

reference_type

scores

value	0.00172
scoring_system	epss
scoring_elements	0.38506
published_at	2026-04-16T12:55:00Z

value	0.00172
scoring_system	epss
scoring_elements	0.38498
published_at	2026-04-08T12:55:00Z

value	0.00172
scoring_system	epss
scoring_elements	0.38507
published_at	2026-04-09T12:55:00Z

value	0.00172
scoring_system	epss
scoring_elements	0.38522
published_at	2026-04-11T12:55:00Z

value	0.00172
scoring_system	epss
scoring_elements	0.38484
published_at	2026-04-12T12:55:00Z

value	0.00172
scoring_system	epss
scoring_elements	0.38459
published_at	2026-04-13T12:55:00Z

value	0.00172
scoring_system	epss
scoring_elements	0.3856
published_at	2026-04-02T12:55:00Z

value	0.00172
scoring_system	epss
scoring_elements	0.38584
published_at	2026-04-04T12:55:00Z

value	0.00172
scoring_system	epss
scoring_elements	0.38447
published_at	2026-04-07T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-20932

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20918
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20918

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20919
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20919

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20921
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20921

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20926
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20926

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20932
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20932

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20945
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20945

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20952
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20952

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2257720
reference_id	2257720
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2257720

reference_url	https://security.gentoo.org/glsa/202412-07
reference_id	GLSA-202412-07
reference_type
scores
url	https://security.gentoo.org/glsa/202412-07

reference_url

https://security.netapp.com/advisory/ntap-20240201-0002/

reference_id

ntap-20240201-0002

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-30T15:51:25Z/

url

https://security.netapp.com/advisory/ntap-20240201-0002/

reference_url	https://access.redhat.com/errata/RHSA-2024:0240
reference_id	RHSA-2024:0240
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0240

reference_url	https://access.redhat.com/errata/RHSA-2024:0241
reference_id	RHSA-2024:0241
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0241

reference_url	https://access.redhat.com/errata/RHSA-2024:0242
reference_id	RHSA-2024:0242
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0242

reference_url	https://access.redhat.com/errata/RHSA-2024:0244
reference_id	RHSA-2024:0244
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0244

reference_url	https://access.redhat.com/errata/RHSA-2024:0246
reference_id	RHSA-2024:0246
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0246

reference_url	https://access.redhat.com/errata/RHSA-2024:0267
reference_id	RHSA-2024:0267
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0267

reference_url	https://usn.ubuntu.com/6661-1/
reference_id	USN-6661-1
reference_type
scores
url	https://usn.ubuntu.com/6661-1/

fixed_packages

url	pkg:apk/alpine/openjdk17@17.0.10_p7-r0?arch=x86_64&distroversion=v3.17&reponame=community
purl	pkg:apk/alpine/openjdk17@17.0.10_p7-r0?arch=x86_64&distroversion=v3.17&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openjdk17@17.0.10_p7-r0%3Farch=x86_64&distroversion=v3.17&reponame=community

aliases CVE-2024-20932

risk_score 3.4

exploitability 0.5

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-d6gm-thtx-bqb7

url VCID-fau4-ajny-nfbd

vulnerability_id VCID-fau4-ajny-nfbd

summary Multiple vulnerabilities have been discovered in OpenJDK, the worst of which could lead to remote code execution.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-20921.json

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-20921.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-20921

reference_id

reference_type

scores

value	0.00187
scoring_system	epss
scoring_elements	0.40584
published_at	2026-04-16T12:55:00Z

value	0.00187
scoring_system	epss
scoring_elements	0.40574
published_at	2026-04-09T12:55:00Z

value	0.00187
scoring_system	epss
scoring_elements	0.40556
published_at	2026-04-12T12:55:00Z

value	0.00187
scoring_system	epss
scoring_elements	0.40536
published_at	2026-04-13T12:55:00Z

value	0.00187
scoring_system	epss
scoring_elements	0.40564
published_at	2026-04-02T12:55:00Z

value	0.00187
scoring_system	epss
scoring_elements	0.40592
published_at	2026-04-11T12:55:00Z

value	0.00187
scoring_system	epss
scoring_elements	0.40513
published_at	2026-04-07T12:55:00Z

value	0.00187
scoring_system	epss
scoring_elements	0.40563
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-20921

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20918
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20918

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20919
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20919

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20921
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20921

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20926
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20926

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20932
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20932

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20945
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20945

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20952
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20952

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2257859
reference_id	2257859
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2257859

reference_url	https://security.gentoo.org/glsa/202412-07
reference_id	GLSA-202412-07
reference_type
scores
url	https://security.gentoo.org/glsa/202412-07

reference_url	https://access.redhat.com/errata/RHSA-2024:0222
reference_id	RHSA-2024:0222
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0222

reference_url	https://access.redhat.com/errata/RHSA-2024:0223
reference_id	RHSA-2024:0223
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0223

reference_url	https://access.redhat.com/errata/RHSA-2024:0224
reference_id	RHSA-2024:0224
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0224

reference_url	https://access.redhat.com/errata/RHSA-2024:0225
reference_id	RHSA-2024:0225
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0225

reference_url	https://access.redhat.com/errata/RHSA-2024:0226
reference_id	RHSA-2024:0226
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0226

reference_url	https://access.redhat.com/errata/RHSA-2024:0228
reference_id	RHSA-2024:0228
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0228

reference_url	https://access.redhat.com/errata/RHSA-2024:0230
reference_id	RHSA-2024:0230
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0230

reference_url	https://access.redhat.com/errata/RHSA-2024:0231
reference_id	RHSA-2024:0231
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0231

reference_url	https://access.redhat.com/errata/RHSA-2024:0232
reference_id	RHSA-2024:0232
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0232

reference_url	https://access.redhat.com/errata/RHSA-2024:0233
reference_id	RHSA-2024:0233
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0233

reference_url	https://access.redhat.com/errata/RHSA-2024:0234
reference_id	RHSA-2024:0234
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0234

reference_url	https://access.redhat.com/errata/RHSA-2024:0235
reference_id	RHSA-2024:0235
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0235

reference_url	https://access.redhat.com/errata/RHSA-2024:0237
reference_id	RHSA-2024:0237
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0237

reference_url	https://access.redhat.com/errata/RHSA-2024:0239
reference_id	RHSA-2024:0239
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0239

reference_url	https://access.redhat.com/errata/RHSA-2024:0240
reference_id	RHSA-2024:0240
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0240

reference_url	https://access.redhat.com/errata/RHSA-2024:0241
reference_id	RHSA-2024:0241
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0241

reference_url	https://access.redhat.com/errata/RHSA-2024:0242
reference_id	RHSA-2024:0242
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0242

reference_url	https://access.redhat.com/errata/RHSA-2024:0244
reference_id	RHSA-2024:0244
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0244

reference_url	https://access.redhat.com/errata/RHSA-2024:0246
reference_id	RHSA-2024:0246
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0246

reference_url	https://access.redhat.com/errata/RHSA-2024:0247
reference_id	RHSA-2024:0247
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0247

reference_url	https://access.redhat.com/errata/RHSA-2024:0248
reference_id	RHSA-2024:0248
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0248

reference_url	https://access.redhat.com/errata/RHSA-2024:0249
reference_id	RHSA-2024:0249
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0249

reference_url	https://access.redhat.com/errata/RHSA-2024:0250
reference_id	RHSA-2024:0250
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0250

reference_url	https://access.redhat.com/errata/RHSA-2024:0265
reference_id	RHSA-2024:0265
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0265

reference_url	https://access.redhat.com/errata/RHSA-2024:0266
reference_id	RHSA-2024:0266
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0266

reference_url	https://access.redhat.com/errata/RHSA-2024:0267
reference_id	RHSA-2024:0267
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0267

reference_url	https://access.redhat.com/errata/RHSA-2024:1481
reference_id	RHSA-2024:1481
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1481

reference_url	https://access.redhat.com/errata/RHSA-2024:1482
reference_id	RHSA-2024:1482
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1482

reference_url	https://usn.ubuntu.com/6660-1/
reference_id	USN-6660-1
reference_type
scores
url	https://usn.ubuntu.com/6660-1/

reference_url	https://usn.ubuntu.com/6661-1/
reference_id	USN-6661-1
reference_type
scores
url	https://usn.ubuntu.com/6661-1/

reference_url	https://usn.ubuntu.com/6662-1/
reference_id	USN-6662-1
reference_type
scores
url	https://usn.ubuntu.com/6662-1/

reference_url	https://usn.ubuntu.com/6696-1/
reference_id	USN-6696-1
reference_type
scores
url	https://usn.ubuntu.com/6696-1/

reference_url	https://usn.ubuntu.com/7096-1/
reference_id	USN-7096-1
reference_type
scores
url	https://usn.ubuntu.com/7096-1/

fixed_packages

url	pkg:apk/alpine/openjdk17@17.0.10_p7-r0?arch=x86_64&distroversion=v3.17&reponame=community
purl	pkg:apk/alpine/openjdk17@17.0.10_p7-r0?arch=x86_64&distroversion=v3.17&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openjdk17@17.0.10_p7-r0%3Farch=x86_64&distroversion=v3.17&reponame=community

aliases CVE-2024-20921

risk_score 2.6

exploitability 0.5

weighted_severity 5.3

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-fau4-ajny-nfbd

url VCID-fwk5-wqvn-4qaz

vulnerability_id VCID-fwk5-wqvn-4qaz

summary Multiple vulnerabilities have been discovered in OpenJDK, the worst of which could lead to remote code execution.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-20926.json

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-20926.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-20926

reference_id

reference_type

scores

value	0.00211
scoring_system	epss
scoring_elements	0.43714
published_at	2026-04-16T12:55:00Z

value	0.00211
scoring_system	epss
scoring_elements	0.4369
published_at	2026-04-04T12:55:00Z

value	0.00211
scoring_system	epss
scoring_elements	0.43625
published_at	2026-04-07T12:55:00Z

value	0.00211
scoring_system	epss
scoring_elements	0.43676
published_at	2026-04-08T12:55:00Z

value	0.00211
scoring_system	epss
scoring_elements	0.4368
published_at	2026-04-09T12:55:00Z

value	0.00211
scoring_system	epss
scoring_elements	0.437
published_at	2026-04-11T12:55:00Z

value	0.00211
scoring_system	epss
scoring_elements	0.43668
published_at	2026-04-12T12:55:00Z

value	0.00211
scoring_system	epss
scoring_elements	0.43651
published_at	2026-04-13T12:55:00Z

value	0.00211
scoring_system	epss
scoring_elements	0.43665
published_at	2026-04-02T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-20926

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20918
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20918

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20919
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20919

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20921
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20921

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20926
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20926

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20932
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20932

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20945
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20945

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20952
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20952

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2257850
reference_id	2257850
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2257850

reference_url	https://security.gentoo.org/glsa/202412-07
reference_id	GLSA-202412-07
reference_type
scores
url	https://security.gentoo.org/glsa/202412-07

reference_url

https://lists.debian.org/debian-lts-announce/2024/01/msg00023.html

reference_id

msg00023.html

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-15T16:03:46Z/

url

https://lists.debian.org/debian-lts-announce/2024/01/msg00023.html

reference_url

https://security.netapp.com/advisory/ntap-20240201-0002/

reference_id

ntap-20240201-0002

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-15T16:03:46Z/

url

https://security.netapp.com/advisory/ntap-20240201-0002/

reference_url	https://access.redhat.com/errata/RHSA-2024:0222
reference_id	RHSA-2024:0222
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0222

reference_url	https://access.redhat.com/errata/RHSA-2024:0223
reference_id	RHSA-2024:0223
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0223

reference_url	https://access.redhat.com/errata/RHSA-2024:0224
reference_id	RHSA-2024:0224
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0224

reference_url	https://access.redhat.com/errata/RHSA-2024:0225
reference_id	RHSA-2024:0225
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0225

reference_url	https://access.redhat.com/errata/RHSA-2024:0226
reference_id	RHSA-2024:0226
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0226

reference_url	https://access.redhat.com/errata/RHSA-2024:0228
reference_id	RHSA-2024:0228
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0228

reference_url	https://access.redhat.com/errata/RHSA-2024:0230
reference_id	RHSA-2024:0230
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0230

reference_url	https://access.redhat.com/errata/RHSA-2024:0231
reference_id	RHSA-2024:0231
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0231

reference_url	https://access.redhat.com/errata/RHSA-2024:0232
reference_id	RHSA-2024:0232
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0232

reference_url	https://access.redhat.com/errata/RHSA-2024:0233
reference_id	RHSA-2024:0233
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0233

reference_url	https://access.redhat.com/errata/RHSA-2024:0234
reference_id	RHSA-2024:0234
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0234

reference_url	https://access.redhat.com/errata/RHSA-2024:0235
reference_id	RHSA-2024:0235
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0235

reference_url	https://access.redhat.com/errata/RHSA-2024:0237
reference_id	RHSA-2024:0237
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0237

reference_url	https://access.redhat.com/errata/RHSA-2024:0239
reference_id	RHSA-2024:0239
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0239

reference_url	https://access.redhat.com/errata/RHSA-2024:0265
reference_id	RHSA-2024:0265
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0265

reference_url	https://access.redhat.com/errata/RHSA-2024:0266
reference_id	RHSA-2024:0266
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0266

reference_url	https://access.redhat.com/errata/RHSA-2024:1481
reference_id	RHSA-2024:1481
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1481

reference_url	https://access.redhat.com/errata/RHSA-2024:1482
reference_id	RHSA-2024:1482
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1482

reference_url	https://usn.ubuntu.com/6660-1/
reference_id	USN-6660-1
reference_type
scores
url	https://usn.ubuntu.com/6660-1/

reference_url	https://usn.ubuntu.com/6696-1/
reference_id	USN-6696-1
reference_type
scores
url	https://usn.ubuntu.com/6696-1/

reference_url	https://usn.ubuntu.com/7096-1/
reference_id	USN-7096-1
reference_type
scores
url	https://usn.ubuntu.com/7096-1/

fixed_packages

url	pkg:apk/alpine/openjdk17@17.0.10_p7-r0?arch=x86_64&distroversion=v3.17&reponame=community
purl	pkg:apk/alpine/openjdk17@17.0.10_p7-r0?arch=x86_64&distroversion=v3.17&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openjdk17@17.0.10_p7-r0%3Farch=x86_64&distroversion=v3.17&reponame=community

aliases CVE-2024-20926

risk_score 2.6

exploitability 0.5

weighted_severity 5.3

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-fwk5-wqvn-4qaz

url VCID-gfzy-mhnp-dqdg

vulnerability_id VCID-gfzy-mhnp-dqdg

summary Vulnerability in the Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Compiler). Supported versions that are affected are Oracle GraalVM for JDK: 17.0.9, 21.0.1; Oracle GraalVM Enterprise Edition: 20.3.12, 21.3.8 and 22.3.4. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data. CVSS 3.1 Base Score 3.7 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N).

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-20955

reference_id

reference_type

scores

value	0.00508
scoring_system	epss
scoring_elements	0.66316
published_at	2026-04-16T12:55:00Z

value	0.00508
scoring_system	epss
scoring_elements	0.66326
published_at	2026-04-11T12:55:00Z

value	0.00508
scoring_system	epss
scoring_elements	0.66313
published_at	2026-04-12T12:55:00Z

value	0.00508
scoring_system	epss
scoring_elements	0.66281
published_at	2026-04-13T12:55:00Z

value	0.00508
scoring_system	epss
scoring_elements	0.66248
published_at	2026-04-02T12:55:00Z

value	0.00508
scoring_system	epss
scoring_elements	0.66275
published_at	2026-04-04T12:55:00Z

value	0.00508
scoring_system	epss
scoring_elements	0.66245
published_at	2026-04-07T12:55:00Z

value	0.00508
scoring_system	epss
scoring_elements	0.66292
published_at	2026-04-08T12:55:00Z

value	0.00508
scoring_system	epss
scoring_elements	0.66306
published_at	2026-04-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-20955

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	3.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

fixed_packages

url	pkg:apk/alpine/openjdk17@17.0.10_p7-r0?arch=x86_64&distroversion=v3.17&reponame=community
purl	pkg:apk/alpine/openjdk17@17.0.10_p7-r0?arch=x86_64&distroversion=v3.17&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openjdk17@17.0.10_p7-r0%3Farch=x86_64&distroversion=v3.17&reponame=community

aliases CVE-2024-20955

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-gfzy-mhnp-dqdg

url VCID-jztz-7cuw-t7ep

vulnerability_id VCID-jztz-7cuw-t7ep

summary Multiple vulnerabilities have been discovered in OpenJDK, the worst of which could lead to remote code execution.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-20945.json

reference_id

reference_type

scores

value	4.7
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-20945.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-20945

reference_id

reference_type

scores

value	0.0004
scoring_system	epss
scoring_elements	0.1208
published_at	2026-04-16T12:55:00Z

value	0.0004
scoring_system	epss
scoring_elements	0.12267
published_at	2026-04-11T12:55:00Z

value	0.0004
scoring_system	epss
scoring_elements	0.12229
published_at	2026-04-12T12:55:00Z

value	0.0004
scoring_system	epss
scoring_elements	0.12193
published_at	2026-04-13T12:55:00Z

value	0.0004
scoring_system	epss
scoring_elements	0.12285
published_at	2026-04-02T12:55:00Z

value	0.0004
scoring_system	epss
scoring_elements	0.12331
published_at	2026-04-04T12:55:00Z

value	0.0004
scoring_system	epss
scoring_elements	0.1213
published_at	2026-04-07T12:55:00Z

value	0.0004
scoring_system	epss
scoring_elements	0.12211
published_at	2026-04-08T12:55:00Z

value	0.0004
scoring_system	epss
scoring_elements	0.1226
published_at	2026-04-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-20945

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20918
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20918

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20919
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20919

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20921
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20921

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20926
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20926

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20932
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20932

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20945
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20945

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20952
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20952

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2257874
reference_id	2257874
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2257874

reference_url	https://security.gentoo.org/glsa/202412-07
reference_id	GLSA-202412-07
reference_type
scores
url	https://security.gentoo.org/glsa/202412-07

reference_url	https://access.redhat.com/errata/RHSA-2024:0222
reference_id	RHSA-2024:0222
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0222

reference_url	https://access.redhat.com/errata/RHSA-2024:0223
reference_id	RHSA-2024:0223
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0223

reference_url	https://access.redhat.com/errata/RHSA-2024:0224
reference_id	RHSA-2024:0224
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0224

reference_url	https://access.redhat.com/errata/RHSA-2024:0225
reference_id	RHSA-2024:0225
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0225

reference_url	https://access.redhat.com/errata/RHSA-2024:0226
reference_id	RHSA-2024:0226
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0226

reference_url	https://access.redhat.com/errata/RHSA-2024:0228
reference_id	RHSA-2024:0228
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0228

reference_url	https://access.redhat.com/errata/RHSA-2024:0230
reference_id	RHSA-2024:0230
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0230

reference_url	https://access.redhat.com/errata/RHSA-2024:0231
reference_id	RHSA-2024:0231
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0231

reference_url	https://access.redhat.com/errata/RHSA-2024:0232
reference_id	RHSA-2024:0232
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0232

reference_url	https://access.redhat.com/errata/RHSA-2024:0233
reference_id	RHSA-2024:0233
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0233

reference_url	https://access.redhat.com/errata/RHSA-2024:0234
reference_id	RHSA-2024:0234
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0234

reference_url	https://access.redhat.com/errata/RHSA-2024:0235
reference_id	RHSA-2024:0235
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0235

reference_url	https://access.redhat.com/errata/RHSA-2024:0237
reference_id	RHSA-2024:0237
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0237

reference_url	https://access.redhat.com/errata/RHSA-2024:0239
reference_id	RHSA-2024:0239
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0239

reference_url	https://access.redhat.com/errata/RHSA-2024:0240
reference_id	RHSA-2024:0240
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0240

reference_url	https://access.redhat.com/errata/RHSA-2024:0241
reference_id	RHSA-2024:0241
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0241

reference_url	https://access.redhat.com/errata/RHSA-2024:0242
reference_id	RHSA-2024:0242
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0242

reference_url	https://access.redhat.com/errata/RHSA-2024:0244
reference_id	RHSA-2024:0244
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0244

reference_url	https://access.redhat.com/errata/RHSA-2024:0246
reference_id	RHSA-2024:0246
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0246

reference_url	https://access.redhat.com/errata/RHSA-2024:0247
reference_id	RHSA-2024:0247
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0247

reference_url	https://access.redhat.com/errata/RHSA-2024:0248
reference_id	RHSA-2024:0248
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0248

reference_url	https://access.redhat.com/errata/RHSA-2024:0249
reference_id	RHSA-2024:0249
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0249

reference_url	https://access.redhat.com/errata/RHSA-2024:0250
reference_id	RHSA-2024:0250
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0250

reference_url	https://access.redhat.com/errata/RHSA-2024:0265
reference_id	RHSA-2024:0265
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0265

reference_url	https://access.redhat.com/errata/RHSA-2024:0266
reference_id	RHSA-2024:0266
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0266

reference_url	https://access.redhat.com/errata/RHSA-2024:0267
reference_id	RHSA-2024:0267
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0267

reference_url	https://access.redhat.com/errata/RHSA-2024:1481
reference_id	RHSA-2024:1481
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1481

reference_url	https://access.redhat.com/errata/RHSA-2024:1482
reference_id	RHSA-2024:1482
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1482

reference_url	https://usn.ubuntu.com/6660-1/
reference_id	USN-6660-1
reference_type
scores
url	https://usn.ubuntu.com/6660-1/

reference_url	https://usn.ubuntu.com/6661-1/
reference_id	USN-6661-1
reference_type
scores
url	https://usn.ubuntu.com/6661-1/

reference_url	https://usn.ubuntu.com/6662-1/
reference_id	USN-6662-1
reference_type
scores
url	https://usn.ubuntu.com/6662-1/

reference_url	https://usn.ubuntu.com/6696-1/
reference_id	USN-6696-1
reference_type
scores
url	https://usn.ubuntu.com/6696-1/

reference_url	https://usn.ubuntu.com/7096-1/
reference_id	USN-7096-1
reference_type
scores
url	https://usn.ubuntu.com/7096-1/

fixed_packages

url	pkg:apk/alpine/openjdk17@17.0.10_p7-r0?arch=x86_64&distroversion=v3.17&reponame=community
purl	pkg:apk/alpine/openjdk17@17.0.10_p7-r0?arch=x86_64&distroversion=v3.17&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openjdk17@17.0.10_p7-r0%3Farch=x86_64&distroversion=v3.17&reponame=community

aliases CVE-2024-20945

risk_score 2.1

exploitability 0.5

weighted_severity 4.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jztz-7cuw-t7ep

url VCID-nr6u-aysf-7kgk

vulnerability_id VCID-nr6u-aysf-7kgk

summary Multiple vulnerabilities have been discovered in OpenJDK, the worst of which could lead to remote code execution.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-20919.json

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-20919.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-20919

reference_id

reference_type

scores

value	0.0017
scoring_system	epss
scoring_elements	0.38242
published_at	2026-04-16T12:55:00Z

value	0.0017
scoring_system	epss
scoring_elements	0.38255
published_at	2026-04-11T12:55:00Z

value	0.0017
scoring_system	epss
scoring_elements	0.3822
published_at	2026-04-12T12:55:00Z

value	0.0017
scoring_system	epss
scoring_elements	0.38196
published_at	2026-04-13T12:55:00Z

value	0.0017
scoring_system	epss
scoring_elements	0.38286
published_at	2026-04-02T12:55:00Z

value	0.0017
scoring_system	epss
scoring_elements	0.38309
published_at	2026-04-04T12:55:00Z

value	0.0017
scoring_system	epss
scoring_elements	0.38178
published_at	2026-04-07T12:55:00Z

value	0.0017
scoring_system	epss
scoring_elements	0.38228
published_at	2026-04-08T12:55:00Z

value	0.0017
scoring_system	epss
scoring_elements	0.38237
published_at	2026-04-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-20919

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20918
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20918

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20919
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20919

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20921
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20921

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20926
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20926

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20932
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20932

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20945
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20945

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20952
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20952

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2257853
reference_id	2257853
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2257853

reference_url	https://security.gentoo.org/glsa/202412-07
reference_id	GLSA-202412-07
reference_type
scores
url	https://security.gentoo.org/glsa/202412-07

reference_url	https://access.redhat.com/errata/RHSA-2024:0222
reference_id	RHSA-2024:0222
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0222

reference_url	https://access.redhat.com/errata/RHSA-2024:0223
reference_id	RHSA-2024:0223
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0223

reference_url	https://access.redhat.com/errata/RHSA-2024:0224
reference_id	RHSA-2024:0224
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0224

reference_url	https://access.redhat.com/errata/RHSA-2024:0225
reference_id	RHSA-2024:0225
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0225

reference_url	https://access.redhat.com/errata/RHSA-2024:0226
reference_id	RHSA-2024:0226
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0226

reference_url	https://access.redhat.com/errata/RHSA-2024:0228
reference_id	RHSA-2024:0228
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0228

reference_url	https://access.redhat.com/errata/RHSA-2024:0230
reference_id	RHSA-2024:0230
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0230

reference_url	https://access.redhat.com/errata/RHSA-2024:0231
reference_id	RHSA-2024:0231
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0231

reference_url	https://access.redhat.com/errata/RHSA-2024:0232
reference_id	RHSA-2024:0232
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0232

reference_url	https://access.redhat.com/errata/RHSA-2024:0233
reference_id	RHSA-2024:0233
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0233

reference_url	https://access.redhat.com/errata/RHSA-2024:0234
reference_id	RHSA-2024:0234
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0234

reference_url	https://access.redhat.com/errata/RHSA-2024:0235
reference_id	RHSA-2024:0235
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0235

reference_url	https://access.redhat.com/errata/RHSA-2024:0237
reference_id	RHSA-2024:0237
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0237

reference_url	https://access.redhat.com/errata/RHSA-2024:0239
reference_id	RHSA-2024:0239
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0239

reference_url	https://access.redhat.com/errata/RHSA-2024:0240
reference_id	RHSA-2024:0240
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0240

reference_url	https://access.redhat.com/errata/RHSA-2024:0241
reference_id	RHSA-2024:0241
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0241

reference_url	https://access.redhat.com/errata/RHSA-2024:0242
reference_id	RHSA-2024:0242
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0242

reference_url	https://access.redhat.com/errata/RHSA-2024:0244
reference_id	RHSA-2024:0244
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0244

reference_url	https://access.redhat.com/errata/RHSA-2024:0246
reference_id	RHSA-2024:0246
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0246

reference_url	https://access.redhat.com/errata/RHSA-2024:0247
reference_id	RHSA-2024:0247
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0247

reference_url	https://access.redhat.com/errata/RHSA-2024:0248
reference_id	RHSA-2024:0248
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0248

reference_url	https://access.redhat.com/errata/RHSA-2024:0249
reference_id	RHSA-2024:0249
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0249

reference_url	https://access.redhat.com/errata/RHSA-2024:0250
reference_id	RHSA-2024:0250
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0250

reference_url	https://access.redhat.com/errata/RHSA-2024:0265
reference_id	RHSA-2024:0265
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0265

reference_url	https://access.redhat.com/errata/RHSA-2024:0266
reference_id	RHSA-2024:0266
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0266

reference_url	https://access.redhat.com/errata/RHSA-2024:0267
reference_id	RHSA-2024:0267
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0267

reference_url	https://usn.ubuntu.com/6660-1/
reference_id	USN-6660-1
reference_type
scores
url	https://usn.ubuntu.com/6660-1/

reference_url	https://usn.ubuntu.com/6661-1/
reference_id	USN-6661-1
reference_type
scores
url	https://usn.ubuntu.com/6661-1/

reference_url	https://usn.ubuntu.com/6662-1/
reference_id	USN-6662-1
reference_type
scores
url	https://usn.ubuntu.com/6662-1/

reference_url	https://usn.ubuntu.com/6696-1/
reference_id	USN-6696-1
reference_type
scores
url	https://usn.ubuntu.com/6696-1/

reference_url	https://usn.ubuntu.com/7096-1/
reference_id	USN-7096-1
reference_type
scores
url	https://usn.ubuntu.com/7096-1/

fixed_packages

url	pkg:apk/alpine/openjdk17@17.0.10_p7-r0?arch=x86_64&distroversion=v3.17&reponame=community
purl	pkg:apk/alpine/openjdk17@17.0.10_p7-r0?arch=x86_64&distroversion=v3.17&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openjdk17@17.0.10_p7-r0%3Farch=x86_64&distroversion=v3.17&reponame=community

aliases CVE-2024-20919

risk_score 2.6

exploitability 0.5

weighted_severity 5.3

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-nr6u-aysf-7kgk

url VCID-tp9p-km7u-wbd5

vulnerability_id VCID-tp9p-km7u-wbd5

summary

Java: DoS Vulnerability in JSON-JAVA
A denial of service vulnerability in JSON-Java was discovered by [ClusterFuzz](https://google.github.io/clusterfuzz/).  A bug in the parser means that an input string of modest size can lead to indefinite amounts of memory being used. There are two issues: (1) the parser bug can be used to circumvent a check that is supposed to prevent the key in a JSON object from itself being another JSON object; (2) if a key does end up being a JSON object then it gets converted into a string, using `\` to escape special characters, including `\` itself. So by nesting JSON objects, with a key that is a JSON object that has a key that is a JSON object, and so on, we can get an exponential number of `\` characters in the escaped string.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-5072.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-5072.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-5072

reference_id

reference_type

scores

value	0.00741
scoring_system	epss
scoring_elements	0.7298
published_at	2026-04-16T12:55:00Z

value	0.00741
scoring_system	epss
scoring_elements	0.7294
published_at	2026-04-13T12:55:00Z

value	0.00741
scoring_system	epss
scoring_elements	0.72946
published_at	2026-04-12T12:55:00Z

value	0.00741
scoring_system	epss
scoring_elements	0.72963
published_at	2026-04-11T12:55:00Z

value	0.00741
scoring_system	epss
scoring_elements	0.72939
published_at	2026-04-09T12:55:00Z

value	0.00741
scoring_system	epss
scoring_elements	0.72925
published_at	2026-04-08T12:55:00Z

value	0.00741
scoring_system	epss
scoring_elements	0.72887
published_at	2026-04-07T12:55:00Z

value	0.00741
scoring_system	epss
scoring_elements	0.72912
published_at	2026-04-04T12:55:00Z

value	0.00741
scoring_system	epss
scoring_elements	0.72892
published_at	2026-04-02T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-5072

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5072
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5072

reference_url

https://github.com/stleary/JSON-java

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/stleary/JSON-java

reference_url

https://github.com/stleary/JSON-java/commit/60662e2f8384d3449822a3a1179bfe8de67b55bb

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/stleary/JSON-java/commit/60662e2f8384d3449822a3a1179bfe8de67b55bb

reference_url

https://github.com/stleary/JSON-java/issues/758

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-21T16:23:55Z/

url

https://github.com/stleary/JSON-java/issues/758

reference_url

https://github.com/stleary/JSON-java/issues/771

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-21T16:23:55Z/

url

https://github.com/stleary/JSON-java/issues/771

reference_url

https://github.com/stleary/JSON-java/pull/759

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/stleary/JSON-java/pull/759

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1053882
reference_id	1053882
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1053882

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1053883
reference_id	1053883
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1053883

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1053884
reference_id	1053884
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1053884

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2246417
reference_id	2246417
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2246417

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2023-5072

reference_id

CVE-2023-5072

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2023-5072

reference_url

https://github.com/advisories/GHSA-4jq9-2xhw-jpx7

reference_id

GHSA-4jq9-2xhw-jpx7

reference_type

scores

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-4jq9-2xhw-jpx7

reference_url

https://github.com/google/security-research/security/advisories/GHSA-4jq9-2xhw-jpx7

reference_id

GHSA-4jq9-2xhw-jpx7

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/google/security-research/security/advisories/GHSA-4jq9-2xhw-jpx7

reference_url

https://security.netapp.com/advisory/ntap-20240621-0007/

reference_id

ntap-20240621-0007

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-21T16:23:55Z/

url

https://security.netapp.com/advisory/ntap-20240621-0007/

reference_url	https://access.redhat.com/errata/RHSA-2023:7617
reference_id	RHSA-2023:7617
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:7617

reference_url	https://access.redhat.com/errata/RHSA-2023:7678
reference_id	RHSA-2023:7678
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:7678

reference_url	https://access.redhat.com/errata/RHSA-2023:7842
reference_id	RHSA-2023:7842
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:7842

reference_url	https://access.redhat.com/errata/RHSA-2023:7845
reference_id	RHSA-2023:7845
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:7845

reference_url	https://access.redhat.com/errata/RHSA-2024:0148
reference_id	RHSA-2024:0148
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0148

reference_url	https://access.redhat.com/errata/RHSA-2024:4271
reference_id	RHSA-2024:4271
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:4271

fixed_packages

url	pkg:apk/alpine/openjdk17@17.0.10_p7-r0?arch=x86_64&distroversion=v3.17&reponame=community
purl	pkg:apk/alpine/openjdk17@17.0.10_p7-r0?arch=x86_64&distroversion=v3.17&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openjdk17@17.0.10_p7-r0%3Farch=x86_64&distroversion=v3.17&reponame=community

aliases CVE-2023-5072, GHSA-4jq9-2xhw-jpx7

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-tp9p-km7u-wbd5

url VCID-wn4r-ugaa-5ydb

vulnerability_id VCID-wn4r-ugaa-5ydb

summary Multiple vulnerabilities have been discovered in OpenJDK, the worst of which could lead to remote code execution.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-20918.json

reference_id

reference_type

scores

value	7.4
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-20918.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-20918

reference_id

reference_type

scores

value	0.00238
scoring_system	epss
scoring_elements	0.46999
published_at	2026-04-16T12:55:00Z

value	0.00238
scoring_system	epss
scoring_elements	0.4694
published_at	2026-04-04T12:55:00Z

value	0.00238
scoring_system	epss
scoring_elements	0.46888
published_at	2026-04-07T12:55:00Z

value	0.00238
scoring_system	epss
scoring_elements	0.46942
published_at	2026-04-08T12:55:00Z

value	0.00238
scoring_system	epss
scoring_elements	0.46939
published_at	2026-04-09T12:55:00Z

value	0.00238
scoring_system	epss
scoring_elements	0.46963
published_at	2026-04-11T12:55:00Z

value	0.00238
scoring_system	epss
scoring_elements	0.46936
published_at	2026-04-12T12:55:00Z

value	0.00238
scoring_system	epss
scoring_elements	0.46944
published_at	2026-04-13T12:55:00Z

value	0.00238
scoring_system	epss
scoring_elements	0.46923
published_at	2026-04-02T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-20918

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20918
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20918

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20919
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20919

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20921
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20921

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20926
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20926

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20932
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20932

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20945
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20945

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20952
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20952

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2257728
reference_id	2257728
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2257728

reference_url	https://security.gentoo.org/glsa/202412-07
reference_id	GLSA-202412-07
reference_type
scores
url	https://security.gentoo.org/glsa/202412-07

reference_url

https://lists.debian.org/debian-lts-announce/2024/01/msg00023.html

reference_id

msg00023.html

reference_type

scores

value	7.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-01-25T05:01:02Z/

url

https://lists.debian.org/debian-lts-announce/2024/01/msg00023.html

reference_url

https://security.netapp.com/advisory/ntap-20240201-0002/

reference_id

ntap-20240201-0002

reference_type

scores

value	7.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-01-25T05:01:02Z/

url

https://security.netapp.com/advisory/ntap-20240201-0002/

reference_url	https://access.redhat.com/errata/RHSA-2024:0222
reference_id	RHSA-2024:0222
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0222

reference_url	https://access.redhat.com/errata/RHSA-2024:0223
reference_id	RHSA-2024:0223
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0223

reference_url	https://access.redhat.com/errata/RHSA-2024:0224
reference_id	RHSA-2024:0224
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0224

reference_url	https://access.redhat.com/errata/RHSA-2024:0225
reference_id	RHSA-2024:0225
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0225

reference_url	https://access.redhat.com/errata/RHSA-2024:0226
reference_id	RHSA-2024:0226
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0226

reference_url	https://access.redhat.com/errata/RHSA-2024:0228
reference_id	RHSA-2024:0228
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0228

reference_url	https://access.redhat.com/errata/RHSA-2024:0230
reference_id	RHSA-2024:0230
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0230

reference_url	https://access.redhat.com/errata/RHSA-2024:0231
reference_id	RHSA-2024:0231
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0231

reference_url	https://access.redhat.com/errata/RHSA-2024:0232
reference_id	RHSA-2024:0232
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0232

reference_url	https://access.redhat.com/errata/RHSA-2024:0233
reference_id	RHSA-2024:0233
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0233

reference_url	https://access.redhat.com/errata/RHSA-2024:0234
reference_id	RHSA-2024:0234
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0234

reference_url	https://access.redhat.com/errata/RHSA-2024:0235
reference_id	RHSA-2024:0235
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0235

reference_url	https://access.redhat.com/errata/RHSA-2024:0237
reference_id	RHSA-2024:0237
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0237

reference_url	https://access.redhat.com/errata/RHSA-2024:0239
reference_id	RHSA-2024:0239
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0239

reference_url	https://access.redhat.com/errata/RHSA-2024:0240
reference_id	RHSA-2024:0240
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0240

reference_url	https://access.redhat.com/errata/RHSA-2024:0241
reference_id	RHSA-2024:0241
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0241

reference_url	https://access.redhat.com/errata/RHSA-2024:0242
reference_id	RHSA-2024:0242
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0242

reference_url	https://access.redhat.com/errata/RHSA-2024:0244
reference_id	RHSA-2024:0244
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0244

reference_url	https://access.redhat.com/errata/RHSA-2024:0246
reference_id	RHSA-2024:0246
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0246

reference_url	https://access.redhat.com/errata/RHSA-2024:0247
reference_id	RHSA-2024:0247
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0247

reference_url	https://access.redhat.com/errata/RHSA-2024:0248
reference_id	RHSA-2024:0248
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0248

reference_url	https://access.redhat.com/errata/RHSA-2024:0249
reference_id	RHSA-2024:0249
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0249

reference_url	https://access.redhat.com/errata/RHSA-2024:0250
reference_id	RHSA-2024:0250
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0250

reference_url	https://access.redhat.com/errata/RHSA-2024:0265
reference_id	RHSA-2024:0265
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0265

reference_url	https://access.redhat.com/errata/RHSA-2024:0266
reference_id	RHSA-2024:0266
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0266

reference_url	https://access.redhat.com/errata/RHSA-2024:0267
reference_id	RHSA-2024:0267
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0267

reference_url	https://access.redhat.com/errata/RHSA-2024:1481
reference_id	RHSA-2024:1481
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1481

reference_url	https://access.redhat.com/errata/RHSA-2024:1482
reference_id	RHSA-2024:1482
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1482

reference_url	https://usn.ubuntu.com/6660-1/
reference_id	USN-6660-1
reference_type
scores
url	https://usn.ubuntu.com/6660-1/

reference_url	https://usn.ubuntu.com/6661-1/
reference_id	USN-6661-1
reference_type
scores
url	https://usn.ubuntu.com/6661-1/

reference_url	https://usn.ubuntu.com/6662-1/
reference_id	USN-6662-1
reference_type
scores
url	https://usn.ubuntu.com/6662-1/

reference_url	https://usn.ubuntu.com/6696-1/
reference_id	USN-6696-1
reference_type
scores
url	https://usn.ubuntu.com/6696-1/

reference_url	https://usn.ubuntu.com/7096-1/
reference_id	USN-7096-1
reference_type
scores
url	https://usn.ubuntu.com/7096-1/

fixed_packages

url	pkg:apk/alpine/openjdk17@17.0.10_p7-r0?arch=x86_64&distroversion=v3.17&reponame=community
purl	pkg:apk/alpine/openjdk17@17.0.10_p7-r0?arch=x86_64&distroversion=v3.17&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openjdk17@17.0.10_p7-r0%3Farch=x86_64&distroversion=v3.17&reponame=community

aliases CVE-2024-20918

risk_score 3.4

exploitability 0.5

weighted_severity 6.7

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-wn4r-ugaa-5ydb

Risk_score null

Resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openjdk17@17.0.10_p7-r0%3Farch=x86_64&distroversion=v3.17&reponame=community

Package Instance