Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/425041?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/425041?format=api", "purl": "pkg:apk/alpine/openjdk11@11.0.15_p10-r0?arch=x86_64&distroversion=v3.21&reponame=community", "type": "apk", "namespace": "alpine", "name": "openjdk11", "version": "11.0.15_p10-r0", "qualifiers": { "arch": "x86_64", "distroversion": "v3.21", "reponame": "community" }, "subpath": "", "is_vulnerable": false, "next_non_vulnerable_version": "11.0.16_p8-r0", "latest_non_vulnerable_version": "11.0.30_p7-r0", "affected_by_vulnerabilities": [], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/79485?format=api", "vulnerability_id": "VCID-1d6t-ndfc-m7hg", "summary": "OpenJDK: Missing check for negative ObjectIdentifier (Libraries, 8275151)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21443.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21443.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-21443", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00058", "scoring_system": "epss", "scoring_elements": "0.18078", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00058", "scoring_system": "epss", "scoring_elements": "0.18274", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00058", "scoring_system": "epss", "scoring_elements": "0.18326", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00058", "scoring_system": "epss", "scoring_elements": "0.18029", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00058", "scoring_system": "epss", "scoring_elements": "0.18111", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00058", "scoring_system": "epss", "scoring_elements": "0.18168", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00058", "scoring_system": "epss", "scoring_elements": "0.18174", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00058", "scoring_system": "epss", "scoring_elements": "0.18126", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-21443" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21426", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21426" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21434", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21434" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21443", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21443" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21449", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21449" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21476", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21476" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21496", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21496" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2075793", "reference_id": "2075793", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2075793" }, { "reference_url": "https://security.archlinux.org/AVG-2686", "reference_id": "AVG-2686", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2686" }, { "reference_url": "https://security.archlinux.org/AVG-2687", "reference_id": "AVG-2687", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2687" }, { "reference_url": "https://security.archlinux.org/AVG-2688", "reference_id": "AVG-2688", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2688" }, { "reference_url": "https://security.archlinux.org/AVG-2689", "reference_id": "AVG-2689", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2689" }, { "reference_url": "https://www.debian.org/security/2022/dsa-5128", "reference_id": "dsa-5128", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-24T15:31:25Z/" } ], "url": "https://www.debian.org/security/2022/dsa-5128" }, { "reference_url": "https://www.debian.org/security/2022/dsa-5131", "reference_id": "dsa-5131", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-24T15:31:25Z/" } ], "url": "https://www.debian.org/security/2022/dsa-5131" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2022/05/msg00017.html", "reference_id": "msg00017.html", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-24T15:31:25Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2022/05/msg00017.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20220429-0006/", "reference_id": "ntap-20220429-0006", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-24T15:31:25Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20220429-0006/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1435", "reference_id": "RHSA-2022:1435", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1435" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1436", "reference_id": "RHSA-2022:1436", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1436" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1437", "reference_id": "RHSA-2022:1437", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1437" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1438", "reference_id": "RHSA-2022:1438", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1438" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1439", "reference_id": "RHSA-2022:1439", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1439" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1440", "reference_id": "RHSA-2022:1440", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1440" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1441", "reference_id": "RHSA-2022:1441", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1441" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1442", "reference_id": "RHSA-2022:1442", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1442" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1443", "reference_id": "RHSA-2022:1443", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1443" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1444", "reference_id": "RHSA-2022:1444", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1444" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1445", "reference_id": "RHSA-2022:1445", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1445" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1487", "reference_id": "RHSA-2022:1487", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1487" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1488", "reference_id": "RHSA-2022:1488", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1488" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1489", "reference_id": "RHSA-2022:1489", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1489" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1490", "reference_id": "RHSA-2022:1490", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1490" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1491", "reference_id": "RHSA-2022:1491", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1491" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1492", "reference_id": "RHSA-2022:1492", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1492" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1728", "reference_id": "RHSA-2022:1728", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1728" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1729", "reference_id": "RHSA-2022:1729", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1729" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:2137", "reference_id": "RHSA-2022:2137", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:2137" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4957", "reference_id": "RHSA-2022:4957", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4957" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4959", "reference_id": "RHSA-2022:4959", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4959" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5837", "reference_id": "RHSA-2022:5837", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5837" }, { "reference_url": "https://usn.ubuntu.com/5388-1/", "reference_id": "USN-5388-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5388-1/" }, { "reference_url": "https://usn.ubuntu.com/5388-2/", "reference_id": "USN-5388-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5388-2/" }, { "reference_url": "https://usn.ubuntu.com/5546-1/", "reference_id": "USN-5546-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5546-1/" }, { "reference_url": "https://usn.ubuntu.com/5546-2/", "reference_id": "USN-5546-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5546-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/425041?format=api", "purl": "pkg:apk/alpine/openjdk11@11.0.15_p10-r0?arch=x86_64&distroversion=v3.21&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openjdk11@11.0.15_p10-r0%3Farch=x86_64&distroversion=v3.21&reponame=community" } ], "aliases": [ "CVE-2022-21443" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1d6t-ndfc-m7hg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/13058?format=api", "vulnerability_id": "VCID-5cf7-va9h-h3gy", "summary": "Improper Certificate Validation\nAccepting arbitrary Subject Alternative Name (SAN) types, unless a PKI is specifically defined to use a particular SAN type, can result in bypassing name-constrained intermediates. Node.js < 12.22.9, < 14.18.3, < 16.13.2, and < 17.3.1 was accepting URI SAN types, which PKIs are often not defined to use. Additionally, when a protocol allows URI SANs, Node.js does not match the URI correctly.Versions of Node.js with the fix for this disable the URI SAN type when checking a certificate against a hostname. This behavior can be reverted through the --security-revert command-line option.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-44531.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-44531.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-44531", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00076", "scoring_system": "epss", "scoring_elements": "0.22783", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00076", "scoring_system": "epss", "scoring_elements": "0.22952", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00076", "scoring_system": "epss", "scoring_elements": "0.22996", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00076", "scoring_system": "epss", "scoring_elements": "0.22789", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00076", "scoring_system": "epss", "scoring_elements": "0.22863", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00076", "scoring_system": "epss", "scoring_elements": "0.22916", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00076", "scoring_system": "epss", "scoring_elements": "0.22936", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00076", "scoring_system": "epss", "scoring_elements": "0.22899", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00076", "scoring_system": "epss", "scoring_elements": "0.22843", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-44531" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22959", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22959" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22960", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22960" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44531", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44531" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44532", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44532" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44533", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44533" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21824", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21824" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://hackerone.com/reports/1429694", "reference_id": "", "reference_type": "", "scores": [], "url": "https://hackerone.com/reports/1429694" }, { "reference_url": "https://nodejs.org/en/blog/vulnerability/jan-2022-security-releases/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://nodejs.org/en/blog/vulnerability/jan-2022-security-releases/" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20220325-0007/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://security.netapp.com/advisory/ntap-20220325-0007/" }, { "reference_url": "https://www.debian.org/security/2022/dsa-5170", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2022/dsa-5170" }, { "reference_url": "https://www.oracle.com/security-alerts/cpuapr2022.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.oracle.com/security-alerts/cpuapr2022.html" }, { "reference_url": "https://www.oracle.com/security-alerts/cpujul2022.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.oracle.com/security-alerts/cpujul2022.html" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1004177", "reference_id": "1004177", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1004177" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2040839", "reference_id": "2040839", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2040839" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2021-44531", "reference_id": "CVE-2021-44531", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-44531" }, { "reference_url": "https://security.gentoo.org/glsa/202405-29", "reference_id": "GLSA-202405-29", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202405-29" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4914", "reference_id": "RHSA-2022:4914", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4914" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7044", "reference_id": "RHSA-2022:7044", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7044" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7830", "reference_id": "RHSA-2022:7830", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7830" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:9073", "reference_id": "RHSA-2022:9073", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:9073" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1742", "reference_id": "RHSA-2023:1742", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1742" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3742", "reference_id": "RHSA-2023:3742", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3742" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/425041?format=api", "purl": "pkg:apk/alpine/openjdk11@11.0.15_p10-r0?arch=x86_64&distroversion=v3.21&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openjdk11@11.0.15_p10-r0%3Farch=x86_64&distroversion=v3.21&reponame=community" } ], "aliases": [ "CVE-2021-44531" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.7", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5cf7-va9h-h3gy" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/79488?format=api", "vulnerability_id": "VCID-a95g-84vs-xbav", "summary": "OpenJDK: Defective secure validation in Apache Santuario (Libraries, 8278008)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21476.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21476.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-21476", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00184", "scoring_system": "epss", "scoring_elements": "0.40168", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00184", "scoring_system": "epss", "scoring_elements": "0.40224", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00184", "scoring_system": "epss", "scoring_elements": "0.40186", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0019", "scoring_system": "epss", "scoring_elements": "0.40824", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0019", "scoring_system": "epss", "scoring_elements": "0.40815", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0019", "scoring_system": "epss", "scoring_elements": "0.40842", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0019", "scoring_system": "epss", "scoring_elements": "0.40767", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0019", "scoring_system": "epss", "scoring_elements": "0.40817", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-21476" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21426", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21426" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21434", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21434" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21443", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21443" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21449", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21449" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21476", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21476" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21496", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21496" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1010597", "reference_id": "1010597", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1010597" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2075842", "reference_id": "2075842", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2075842" }, { "reference_url": "https://security.archlinux.org/AVG-2687", "reference_id": "AVG-2687", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2687" }, { "reference_url": "https://security.archlinux.org/AVG-2688", "reference_id": "AVG-2688", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2688" }, { "reference_url": "https://security.archlinux.org/AVG-2689", "reference_id": "AVG-2689", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2689" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1435", "reference_id": "RHSA-2022:1435", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1435" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1436", "reference_id": "RHSA-2022:1436", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1436" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1437", "reference_id": "RHSA-2022:1437", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1437" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1438", "reference_id": "RHSA-2022:1438", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1438" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1439", "reference_id": "RHSA-2022:1439", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1439" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1440", "reference_id": "RHSA-2022:1440", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1440" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1441", "reference_id": "RHSA-2022:1441", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1441" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1442", "reference_id": "RHSA-2022:1442", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1442" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1443", "reference_id": "RHSA-2022:1443", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1443" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1444", "reference_id": "RHSA-2022:1444", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1444" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1445", "reference_id": "RHSA-2022:1445", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1445" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1487", "reference_id": "RHSA-2022:1487", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1487" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1488", "reference_id": "RHSA-2022:1488", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1488" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1489", "reference_id": "RHSA-2022:1489", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1489" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1490", "reference_id": "RHSA-2022:1490", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1490" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1491", "reference_id": "RHSA-2022:1491", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1491" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1492", "reference_id": "RHSA-2022:1492", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1492" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1728", "reference_id": "RHSA-2022:1728", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1728" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1729", "reference_id": "RHSA-2022:1729", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1729" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:2137", "reference_id": "RHSA-2022:2137", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:2137" }, { "reference_url": "https://usn.ubuntu.com/5388-1/", "reference_id": "USN-5388-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5388-1/" }, { "reference_url": "https://usn.ubuntu.com/5388-2/", "reference_id": "USN-5388-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5388-2/" }, { "reference_url": "https://usn.ubuntu.com/5546-1/", "reference_id": "USN-5546-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5546-1/" }, { "reference_url": "https://usn.ubuntu.com/5546-2/", "reference_id": "USN-5546-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5546-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/425041?format=api", "purl": "pkg:apk/alpine/openjdk11@11.0.15_p10-r0?arch=x86_64&distroversion=v3.21&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openjdk11@11.0.15_p10-r0%3Farch=x86_64&distroversion=v3.21&reponame=community" } ], "aliases": [ "CVE-2022-21476" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-a95g-84vs-xbav" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/62473?format=api", "vulnerability_id": "VCID-e18p-c3m9-2qgy", "summary": "Multiple vulnerabilities have been discovered in Node.js.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-44532.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-44532.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-44532", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00132", "scoring_system": "epss", "scoring_elements": "0.32731", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00132", "scoring_system": "epss", "scoring_elements": "0.32862", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00132", "scoring_system": "epss", "scoring_elements": "0.32897", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00132", "scoring_system": "epss", "scoring_elements": "0.32718", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00132", "scoring_system": "epss", "scoring_elements": "0.32765", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00132", "scoring_system": "epss", "scoring_elements": "0.32792", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00132", "scoring_system": "epss", "scoring_elements": "0.32794", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00132", "scoring_system": "epss", "scoring_elements": "0.32756", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00132", "scoring_system": "epss", "scoring_elements": "0.3273", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-44532" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22959", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22959" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22960", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22960" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44531", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44531" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44532", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44532" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44533", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44533" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21824", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21824" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1004177", "reference_id": "1004177", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1004177" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2040846", "reference_id": "2040846", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2040846" }, { "reference_url": "https://security.gentoo.org/glsa/202405-29", "reference_id": "GLSA-202405-29", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202405-29" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4914", "reference_id": "RHSA-2022:4914", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4914" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7044", "reference_id": "RHSA-2022:7044", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7044" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7830", "reference_id": "RHSA-2022:7830", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7830" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:9073", "reference_id": "RHSA-2022:9073", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:9073" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1742", "reference_id": "RHSA-2023:1742", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1742" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3742", "reference_id": "RHSA-2023:3742", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3742" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/425041?format=api", "purl": "pkg:apk/alpine/openjdk11@11.0.15_p10-r0?arch=x86_64&distroversion=v3.21&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openjdk11@11.0.15_p10-r0%3Farch=x86_64&distroversion=v3.21&reponame=community" } ], "aliases": [ "CVE-2021-44532" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.7", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-e18p-c3m9-2qgy" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/13325?format=api", "vulnerability_id": "VCID-gsbn-6t86-7kf9", "summary": "Loop with Unreachable Exit Condition ('Infinite Loop')\nThe BN_mod_sqrt() function, which computes a modular square root, contains a bug that can cause it to loop forever for non-prime moduli. Internally this function is used when parsing certificates that contain elliptic curve public keys in compressed form or explicit elliptic curve parameters with a base point encoded in compressed form. It is possible to trigger the infinite loop by crafting a certificate that has invalid explicit curve parameters", "references": [ { "reference_url": "http://packetstormsecurity.com/files/167344/OpenSSL-1.0.2-1.1.1-3.0-BN_mod_sqrt-Infinite-Loop.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://packetstormsecurity.com/files/167344/OpenSSL-1.0.2-1.1.1-3.0-BN_mod_sqrt-Infinite-Loop.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-0778.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-0778.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-0778", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.06432", "scoring_system": "epss", "scoring_elements": "0.91023", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.07109", "scoring_system": "epss", "scoring_elements": "0.91513", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.07109", "scoring_system": "epss", "scoring_elements": "0.91526", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.07109", "scoring_system": "epss", "scoring_elements": "0.91532", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.07394", "scoring_system": "epss", "scoring_elements": "0.91693", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.07394", "scoring_system": "epss", "scoring_elements": "0.91701", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.07807", "scoring_system": "epss", "scoring_elements": "0.91978", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.08117", "scoring_system": "epss", "scoring_elements": "0.92165", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.08117", "scoring_system": "epss", "scoring_elements": "0.92166", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-0778" }, { "reference_url": "https://cert-portal.siemens.com/productcert/pdf/ssa-712929.pdf", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-712929.pdf" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4160", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4160" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0778", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0778" }, { "reference_url": "http://seclists.org/fulldisclosure/2022/May/33", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://seclists.org/fulldisclosure/2022/May/33" }, { "reference_url": "http://seclists.org/fulldisclosure/2022/May/35", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://seclists.org/fulldisclosure/2022/May/35" }, { "reference_url": "http://seclists.org/fulldisclosure/2022/May/38", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://seclists.org/fulldisclosure/2022/May/38" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=3118eb64934499d93db3230748a452351d1d9a65", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=3118eb64934499d93db3230748a452351d1d9a65" }, { "reference_url": "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=380085481c64de749a6dd25cdf0bcf4360b30f83", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=380085481c64de749a6dd25cdf0bcf4360b30f83" }, { "reference_url": "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=a466912611aa6cbdf550cd10601390e587451246", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=a466912611aa6cbdf550cd10601390e587451246" }, { "reference_url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=3118eb64934499d93db3230748a452351d1d9a65", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=3118eb64934499d93db3230748a452351d1d9a65" }, { "reference_url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=380085481c64de749a6dd25cdf0bcf4360b30f83", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=380085481c64de749a6dd25cdf0bcf4360b30f83" }, { "reference_url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=a466912611aa6cbdf550cd10601390e587451246", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=a466912611aa6cbdf550cd10601390e587451246" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00023.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00023.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00024.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00024.html" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/323SNN6ZX7PRJJWP2BUAFLPUAE42XWLZ", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/323SNN6ZX7PRJJWP2BUAFLPUAE42XWLZ" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GDB3GQVJPXJE7X5C5JN6JAA4XUDWD6E6", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GDB3GQVJPXJE7X5C5JN6JAA4XUDWD6E6" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W6K3PR542DXWLEFFMFIDMME4CWMHJRMG", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W6K3PR542DXWLEFFMFIDMME4CWMHJRMG" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/323SNN6ZX7PRJJWP2BUAFLPUAE42XWLZ", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/323SNN6ZX7PRJJWP2BUAFLPUAE42XWLZ" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GDB3GQVJPXJE7X5C5JN6JAA4XUDWD6E6", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GDB3GQVJPXJE7X5C5JN6JAA4XUDWD6E6" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W6K3PR542DXWLEFFMFIDMME4CWMHJRMG", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W6K3PR542DXWLEFFMFIDMME4CWMHJRMG" }, { "reference_url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0002", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0002" }, { "reference_url": "https://rustsec.org/advisories/RUSTSEC-2022-0014.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://rustsec.org/advisories/RUSTSEC-2022-0014.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20220321-0002", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.netapp.com/advisory/ntap-20220321-0002" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20220321-0002/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://security.netapp.com/advisory/ntap-20220321-0002/" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20220429-0005", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.netapp.com/advisory/ntap-20220429-0005" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20240621-0006", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.netapp.com/advisory/ntap-20240621-0006" }, { "reference_url": "https://support.apple.com/kb/HT213255", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://support.apple.com/kb/HT213255" }, { "reference_url": "https://support.apple.com/kb/HT213256", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://support.apple.com/kb/HT213256" }, { "reference_url": "https://support.apple.com/kb/HT213257", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://support.apple.com/kb/HT213257" }, { "reference_url": "https://www.debian.org/security/2022/dsa-5103", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.debian.org/security/2022/dsa-5103" }, { "reference_url": "https://www.openssl.org/news/secadv/20220315.txt", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.openssl.org/news/secadv/20220315.txt" }, { "reference_url": "https://www.oracle.com/security-alerts/cpuapr2022.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.oracle.com/security-alerts/cpuapr2022.html" }, { "reference_url": "https://www.oracle.com/security-alerts/cpujul2022.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.oracle.com/security-alerts/cpujul2022.html" }, { "reference_url": "https://www.tenable.com/security/tns-2022-06", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.tenable.com/security/tns-2022-06" }, { "reference_url": "https://www.tenable.com/security/tns-2022-07", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.tenable.com/security/tns-2022-07" }, { "reference_url": "https://www.tenable.com/security/tns-2022-08", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.tenable.com/security/tns-2022-08" }, { "reference_url": "https://www.tenable.com/security/tns-2022-09", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.tenable.com/security/tns-2022-09" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2062202", "reference_id": "2062202", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2062202" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-0778", "reference_id": "CVE-2022-0778", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-0778" }, { "reference_url": "https://github.com/advisories/GHSA-x3mh-jvjw-3xwx", "reference_id": "GHSA-x3mh-jvjw-3xwx", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-x3mh-jvjw-3xwx" }, { "reference_url": "https://security.gentoo.org/glsa/202210-02", "reference_id": "GLSA-202210-02", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.gentoo.org/glsa/202210-02" }, { "reference_url": "https://security.gentoo.org/glsa/202405-29", "reference_id": "GLSA-202405-29", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202405-29" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1065", "reference_id": "RHSA-2022:1065", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1065" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1066", "reference_id": "RHSA-2022:1066", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1066" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1071", "reference_id": "RHSA-2022:1071", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1071" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1073", "reference_id": "RHSA-2022:1073", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1073" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1076", "reference_id": "RHSA-2022:1076", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1076" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1077", "reference_id": "RHSA-2022:1077", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1077" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1078", "reference_id": "RHSA-2022:1078", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1078" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1082", "reference_id": "RHSA-2022:1082", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1082" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1091", "reference_id": "RHSA-2022:1091", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1091" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1112", "reference_id": "RHSA-2022:1112", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1112" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1263", "reference_id": "RHSA-2022:1263", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1263" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1389", "reference_id": "RHSA-2022:1389", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1389" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1390", "reference_id": "RHSA-2022:1390", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1390" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1519", "reference_id": "RHSA-2022:1519", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1519" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1520", "reference_id": "RHSA-2022:1520", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1520" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4896", "reference_id": "RHSA-2022:4896", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4896" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4899", "reference_id": "RHSA-2022:4899", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4899" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5326", "reference_id": "RHSA-2022:5326", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5326" }, { "reference_url": "https://usn.ubuntu.com/5328-1/", "reference_id": "USN-5328-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5328-1/" }, { "reference_url": "https://usn.ubuntu.com/5328-2/", "reference_id": "USN-5328-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5328-2/" }, { "reference_url": "https://usn.ubuntu.com/6457-1/", "reference_id": "USN-6457-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6457-1/" }, { "reference_url": "https://usn.ubuntu.com/7894-1/", "reference_id": "USN-7894-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7894-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/425041?format=api", "purl": "pkg:apk/alpine/openjdk11@11.0.15_p10-r0?arch=x86_64&distroversion=v3.21&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openjdk11@11.0.15_p10-r0%3Farch=x86_64&distroversion=v3.21&reponame=community" } ], "aliases": [ "CVE-2022-0778", "GHSA-x3mh-jvjw-3xwx" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-gsbn-6t86-7kf9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/79484?format=api", "vulnerability_id": "VCID-hx4c-96gx-2fbq", "summary": "OpenJDK: Unbounded memory allocation when compiling crafted XPath expressions (JAXP, 8270504)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21426.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21426.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-21426", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00062", "scoring_system": "epss", "scoring_elements": "0.19319", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00062", "scoring_system": "epss", "scoring_elements": "0.19476", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00062", "scoring_system": "epss", "scoring_elements": "0.19268", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00062", "scoring_system": "epss", "scoring_elements": "0.19326", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00062", "scoring_system": "epss", "scoring_elements": "0.19374", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00062", "scoring_system": "epss", "scoring_elements": "0.19371", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00062", "scoring_system": "epss", "scoring_elements": "0.19524", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00062", "scoring_system": "epss", "scoring_elements": "0.1924", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-21426" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21426", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21426" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21434", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21434" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21443", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21443" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21449", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21449" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21476", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21476" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21496", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21496" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2075788", "reference_id": "2075788", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2075788" }, { "reference_url": "https://security.archlinux.org/AVG-2686", "reference_id": "AVG-2686", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2686" }, { "reference_url": "https://security.archlinux.org/AVG-2687", "reference_id": "AVG-2687", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2687" }, { "reference_url": "https://security.archlinux.org/AVG-2688", "reference_id": "AVG-2688", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2688" }, { "reference_url": "https://security.archlinux.org/AVG-2689", "reference_id": "AVG-2689", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2689" }, { "reference_url": "https://www.debian.org/security/2022/dsa-5128", "reference_id": "dsa-5128", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-24T17:35:39Z/" } ], "url": "https://www.debian.org/security/2022/dsa-5128" }, { "reference_url": "https://www.debian.org/security/2022/dsa-5131", "reference_id": "dsa-5131", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-24T17:35:39Z/" } ], "url": "https://www.debian.org/security/2022/dsa-5131" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2022/05/msg00017.html", "reference_id": "msg00017.html", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-24T17:35:39Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2022/05/msg00017.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20220429-0006/", "reference_id": "ntap-20220429-0006", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-24T17:35:39Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20220429-0006/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1435", "reference_id": "RHSA-2022:1435", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1435" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1436", "reference_id": "RHSA-2022:1436", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1436" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1437", "reference_id": "RHSA-2022:1437", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1437" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1438", "reference_id": "RHSA-2022:1438", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1438" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1439", "reference_id": "RHSA-2022:1439", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1439" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1440", "reference_id": "RHSA-2022:1440", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1440" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1441", "reference_id": "RHSA-2022:1441", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1441" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1442", "reference_id": "RHSA-2022:1442", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1442" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1443", "reference_id": "RHSA-2022:1443", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1443" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1444", "reference_id": "RHSA-2022:1444", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1444" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1445", "reference_id": "RHSA-2022:1445", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1445" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1487", "reference_id": "RHSA-2022:1487", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1487" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1488", "reference_id": "RHSA-2022:1488", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1488" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1489", "reference_id": "RHSA-2022:1489", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1489" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1490", "reference_id": "RHSA-2022:1490", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1490" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1491", "reference_id": "RHSA-2022:1491", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1491" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1492", "reference_id": "RHSA-2022:1492", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1492" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1728", "reference_id": "RHSA-2022:1728", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1728" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1729", "reference_id": "RHSA-2022:1729", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1729" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:2137", "reference_id": "RHSA-2022:2137", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:2137" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3136", "reference_id": "RHSA-2023:3136", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3136" }, { "reference_url": "https://usn.ubuntu.com/5388-1/", "reference_id": "USN-5388-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5388-1/" }, { "reference_url": "https://usn.ubuntu.com/5388-2/", "reference_id": "USN-5388-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5388-2/" }, { "reference_url": "https://usn.ubuntu.com/5546-1/", "reference_id": "USN-5546-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5546-1/" }, { "reference_url": "https://usn.ubuntu.com/5546-2/", "reference_id": "USN-5546-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5546-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/425041?format=api", "purl": "pkg:apk/alpine/openjdk11@11.0.15_p10-r0?arch=x86_64&distroversion=v3.21&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openjdk11@11.0.15_p10-r0%3Farch=x86_64&distroversion=v3.21&reponame=community" } ], "aliases": [ "CVE-2022-21426" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-hx4c-96gx-2fbq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/13041?format=api", "vulnerability_id": "VCID-m5ae-uc68-d3g2", "summary": "Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')\nThis advisory has been marked as a false positive.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21824.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.2", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21824.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-21824", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00505", "scoring_system": "epss", "scoring_elements": "0.66171", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0066", "scoring_system": "epss", "scoring_elements": "0.71033", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0066", "scoring_system": "epss", "scoring_elements": "0.71076", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0066", "scoring_system": "epss", "scoring_elements": "0.71088", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0066", "scoring_system": "epss", "scoring_elements": "0.71111", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0066", "scoring_system": "epss", "scoring_elements": "0.71096", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0066", "scoring_system": "epss", "scoring_elements": "0.7108", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0066", "scoring_system": "epss", "scoring_elements": "0.71058", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-21824" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22959", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22959" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22960", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22960" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44531", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44531" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44532", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44532" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44533", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44533" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21824", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21824" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://hackerone.com/reports/1431042", "reference_id": "", "reference_type": "", "scores": [], "url": "https://hackerone.com/reports/1431042" }, { "reference_url": "https://nodejs.org/en/blog/vulnerability/jan-2022-security-releases/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://nodejs.org/en/blog/vulnerability/jan-2022-security-releases/" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20220325-0007/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://security.netapp.com/advisory/ntap-20220325-0007/" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20220729-0004/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://security.netapp.com/advisory/ntap-20220729-0004/" }, { "reference_url": "https://www.debian.org/security/2022/dsa-5170", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2022/dsa-5170" }, { "reference_url": "https://www.oracle.com/security-alerts/cpuapr2022.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.oracle.com/security-alerts/cpuapr2022.html" }, { "reference_url": "https://www.oracle.com/security-alerts/cpujul2022.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.oracle.com/security-alerts/cpujul2022.html" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1004177", "reference_id": "1004177", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1004177" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2040862", "reference_id": "2040862", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2040862" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-21824", "reference_id": "CVE-2022-21824", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-21824" }, { "reference_url": "https://security.gentoo.org/glsa/202405-29", "reference_id": "GLSA-202405-29", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202405-29" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4914", "reference_id": "RHSA-2022:4914", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4914" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7044", "reference_id": "RHSA-2022:7044", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7044" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7830", "reference_id": "RHSA-2022:7830", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7830" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:9073", "reference_id": "RHSA-2022:9073", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:9073" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1742", "reference_id": "RHSA-2023:1742", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1742" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3742", "reference_id": "RHSA-2023:3742", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3742" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/425041?format=api", "purl": "pkg:apk/alpine/openjdk11@11.0.15_p10-r0?arch=x86_64&distroversion=v3.21&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openjdk11@11.0.15_p10-r0%3Farch=x86_64&distroversion=v3.21&reponame=community" } ], "aliases": [ "CVE-2022-21824" ], "risk_score": 3.7, "exploitability": "0.5", "weighted_severity": "7.4", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-m5ae-uc68-d3g2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/62474?format=api", "vulnerability_id": "VCID-ms5y-gp7v-2qay", "summary": "Multiple vulnerabilities have been discovered in Node.js.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-44533.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-44533.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-44533", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00421", "scoring_system": "epss", "scoring_elements": "0.61846", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00421", "scoring_system": "epss", "scoring_elements": "0.6192", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00421", "scoring_system": "epss", "scoring_elements": "0.6195", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00421", "scoring_system": "epss", "scoring_elements": "0.61969", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00421", "scoring_system": "epss", "scoring_elements": "0.61987", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00421", "scoring_system": "epss", "scoring_elements": "0.62008", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00421", "scoring_system": "epss", "scoring_elements": "0.61997", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00421", "scoring_system": "epss", "scoring_elements": "0.61977", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-44533" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22959", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22959" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22960", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22960" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44531", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44531" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44532", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44532" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44533", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44533" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21824", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21824" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1004177", "reference_id": "1004177", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1004177" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2040856", "reference_id": "2040856", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2040856" }, { "reference_url": "https://security.gentoo.org/glsa/202405-29", "reference_id": "GLSA-202405-29", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202405-29" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4914", "reference_id": "RHSA-2022:4914", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4914" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7044", "reference_id": "RHSA-2022:7044", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7044" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7830", "reference_id": "RHSA-2022:7830", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7830" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:9073", "reference_id": "RHSA-2022:9073", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:9073" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1742", "reference_id": "RHSA-2023:1742", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1742" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3742", "reference_id": "RHSA-2023:3742", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3742" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/425041?format=api", "purl": "pkg:apk/alpine/openjdk11@11.0.15_p10-r0?arch=x86_64&distroversion=v3.21&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openjdk11@11.0.15_p10-r0%3Farch=x86_64&distroversion=v3.21&reponame=community" } ], "aliases": [ "CVE-2021-44533" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.7", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ms5y-gp7v-2qay" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/79489?format=api", "vulnerability_id": "VCID-y5qu-j3wt-wuej", "summary": "OpenJDK: URI parsing inconsistencies (JNDI, 8278972)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21496.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21496.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-21496", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00109", "scoring_system": "epss", "scoring_elements": "0.29229", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00109", "scoring_system": "epss", "scoring_elements": "0.29303", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00109", "scoring_system": "epss", "scoring_elements": "0.29176", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00109", "scoring_system": "epss", "scoring_elements": "0.29352", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00109", "scoring_system": "epss", "scoring_elements": "0.29164", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00109", "scoring_system": "epss", "scoring_elements": "0.29228", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00109", "scoring_system": "epss", "scoring_elements": "0.29269", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00109", "scoring_system": "epss", "scoring_elements": "0.29275", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-21496" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21426", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21426" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21434", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21434" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21443", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21443" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21449", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21449" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21476", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21476" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21496", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21496" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2075849", "reference_id": "2075849", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2075849" }, { "reference_url": "https://security.archlinux.org/AVG-2686", "reference_id": "AVG-2686", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2686" }, { "reference_url": "https://security.archlinux.org/AVG-2687", "reference_id": "AVG-2687", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2687" }, { "reference_url": "https://security.archlinux.org/AVG-2688", "reference_id": "AVG-2688", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2688" }, { "reference_url": "https://security.archlinux.org/AVG-2689", "reference_id": "AVG-2689", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2689" }, { "reference_url": "https://www.debian.org/security/2022/dsa-5128", "reference_id": "dsa-5128", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-24T13:53:50Z/" } ], "url": "https://www.debian.org/security/2022/dsa-5128" }, { "reference_url": "https://www.debian.org/security/2022/dsa-5131", "reference_id": "dsa-5131", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-24T13:53:50Z/" } ], "url": "https://www.debian.org/security/2022/dsa-5131" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2022/05/msg00017.html", "reference_id": "msg00017.html", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-24T13:53:50Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2022/05/msg00017.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20220429-0006/", "reference_id": "ntap-20220429-0006", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-24T13:53:50Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20220429-0006/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1435", "reference_id": "RHSA-2022:1435", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1435" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1436", "reference_id": "RHSA-2022:1436", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1436" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1437", "reference_id": "RHSA-2022:1437", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1437" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1438", "reference_id": "RHSA-2022:1438", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1438" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1439", "reference_id": "RHSA-2022:1439", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1439" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1440", "reference_id": "RHSA-2022:1440", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1440" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1441", "reference_id": "RHSA-2022:1441", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1441" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1442", "reference_id": "RHSA-2022:1442", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1442" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1443", "reference_id": "RHSA-2022:1443", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1443" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1444", "reference_id": "RHSA-2022:1444", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1444" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1445", "reference_id": "RHSA-2022:1445", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1445" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1487", "reference_id": "RHSA-2022:1487", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1487" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1488", "reference_id": "RHSA-2022:1488", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1488" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1489", "reference_id": "RHSA-2022:1489", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1489" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1490", "reference_id": "RHSA-2022:1490", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1490" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1491", "reference_id": "RHSA-2022:1491", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1491" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1492", "reference_id": "RHSA-2022:1492", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1492" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1728", "reference_id": "RHSA-2022:1728", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1728" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1729", "reference_id": "RHSA-2022:1729", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1729" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:2137", "reference_id": "RHSA-2022:2137", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:2137" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4957", "reference_id": "RHSA-2022:4957", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4957" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4959", "reference_id": "RHSA-2022:4959", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4959" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5837", "reference_id": "RHSA-2022:5837", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5837" }, { "reference_url": "https://usn.ubuntu.com/5388-1/", "reference_id": "USN-5388-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5388-1/" }, { "reference_url": "https://usn.ubuntu.com/5388-2/", "reference_id": "USN-5388-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5388-2/" }, { "reference_url": "https://usn.ubuntu.com/5546-1/", "reference_id": "USN-5546-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5546-1/" }, { "reference_url": "https://usn.ubuntu.com/5546-2/", "reference_id": "USN-5546-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5546-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/425041?format=api", "purl": "pkg:apk/alpine/openjdk11@11.0.15_p10-r0?arch=x86_64&distroversion=v3.21&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openjdk11@11.0.15_p10-r0%3Farch=x86_64&distroversion=v3.21&reponame=community" } ], "aliases": [ "CVE-2022-21496" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-y5qu-j3wt-wuej" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/79487?format=api", "vulnerability_id": "VCID-zh9v-47ue-p7ep", "summary": "OpenJDK: Improper object-to-string conversion in AnnotationInvocationHandler (Libraries, 8277672)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21434.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21434.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-21434", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00108", "scoring_system": "epss", "scoring_elements": "0.29036", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00108", "scoring_system": "epss", "scoring_elements": "0.2911", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00108", "scoring_system": "epss", "scoring_elements": "0.2899", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00108", "scoring_system": "epss", "scoring_elements": "0.2904", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00108", "scoring_system": "epss", "scoring_elements": "0.29084", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00108", "scoring_system": "epss", "scoring_elements": "0.29078", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00108", "scoring_system": "epss", "scoring_elements": "0.29161", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00108", "scoring_system": "epss", "scoring_elements": "0.28972", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-21434" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21426", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21426" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21434", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21434" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21443", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21443" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21449", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21449" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21476", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21476" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21496", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21496" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2075836", "reference_id": "2075836", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2075836" }, { "reference_url": "https://security.archlinux.org/AVG-2686", "reference_id": "AVG-2686", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2686" }, { "reference_url": "https://security.archlinux.org/AVG-2687", "reference_id": "AVG-2687", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2687" }, { "reference_url": "https://security.archlinux.org/AVG-2688", "reference_id": "AVG-2688", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2688" }, { "reference_url": "https://security.archlinux.org/AVG-2689", "reference_id": "AVG-2689", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2689" }, { "reference_url": "https://www.debian.org/security/2022/dsa-5128", "reference_id": "dsa-5128", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-02T19:51:37Z/" } ], "url": "https://www.debian.org/security/2022/dsa-5128" }, { "reference_url": "https://www.debian.org/security/2022/dsa-5131", "reference_id": "dsa-5131", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-02T19:51:37Z/" } ], "url": "https://www.debian.org/security/2022/dsa-5131" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2022/05/msg00017.html", "reference_id": "msg00017.html", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-02T19:51:37Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2022/05/msg00017.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20220429-0006/", "reference_id": "ntap-20220429-0006", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-02T19:51:37Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20220429-0006/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1435", "reference_id": "RHSA-2022:1435", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1435" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1436", "reference_id": "RHSA-2022:1436", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1436" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1437", "reference_id": "RHSA-2022:1437", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1437" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1438", "reference_id": "RHSA-2022:1438", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1438" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1439", "reference_id": "RHSA-2022:1439", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1439" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1440", "reference_id": "RHSA-2022:1440", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1440" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1441", "reference_id": "RHSA-2022:1441", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1441" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1442", "reference_id": "RHSA-2022:1442", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1442" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1443", "reference_id": "RHSA-2022:1443", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1443" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1444", "reference_id": "RHSA-2022:1444", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1444" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1445", "reference_id": "RHSA-2022:1445", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1445" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1487", "reference_id": "RHSA-2022:1487", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1487" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1488", "reference_id": "RHSA-2022:1488", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1488" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1489", "reference_id": "RHSA-2022:1489", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1489" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1490", "reference_id": "RHSA-2022:1490", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1490" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1491", "reference_id": "RHSA-2022:1491", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1491" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1492", "reference_id": "RHSA-2022:1492", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1492" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1728", "reference_id": "RHSA-2022:1728", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1728" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1729", "reference_id": "RHSA-2022:1729", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1729" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:2137", "reference_id": "RHSA-2022:2137", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:2137" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4957", "reference_id": "RHSA-2022:4957", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4957" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4959", "reference_id": "RHSA-2022:4959", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4959" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5837", "reference_id": "RHSA-2022:5837", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5837" }, { "reference_url": "https://usn.ubuntu.com/5388-1/", "reference_id": "USN-5388-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5388-1/" }, { "reference_url": "https://usn.ubuntu.com/5388-2/", "reference_id": "USN-5388-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5388-2/" }, { "reference_url": "https://usn.ubuntu.com/5546-1/", "reference_id": "USN-5546-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5546-1/" }, { "reference_url": "https://usn.ubuntu.com/5546-2/", "reference_id": "USN-5546-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5546-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/425041?format=api", "purl": "pkg:apk/alpine/openjdk11@11.0.15_p10-r0?arch=x86_64&distroversion=v3.21&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openjdk11@11.0.15_p10-r0%3Farch=x86_64&distroversion=v3.21&reponame=community" } ], "aliases": [ "CVE-2022-21434" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zh9v-47ue-p7ep" } ], "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openjdk11@11.0.15_p10-r0%3Farch=x86_64&distroversion=v3.21&reponame=community" }