Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/448136?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/448136?format=api", "purl": "pkg:apk/alpine/openjdk8@8.345.01-r0?arch=armv7&distroversion=v3.20&reponame=community", "type": "apk", "namespace": "alpine", "name": "openjdk8", "version": "8.345.01-r0", "qualifiers": { "arch": "armv7", "distroversion": "v3.20", "reponame": "community" }, "subpath": "", "is_vulnerable": false, "next_non_vulnerable_version": "8.362.09-r0", "latest_non_vulnerable_version": "8.432.06-r0", "affected_by_vulnerabilities": [], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/79485?format=api", "vulnerability_id": "VCID-1d6t-ndfc-m7hg", "summary": "OpenJDK: Missing check for negative ObjectIdentifier (Libraries, 8275151)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21443.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21443.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-21443", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00058", "scoring_system": "epss", "scoring_elements": "0.1802", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00058", "scoring_system": "epss", "scoring_elements": "0.18274", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00058", "scoring_system": "epss", "scoring_elements": "0.18326", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00058", "scoring_system": "epss", "scoring_elements": "0.18029", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00058", "scoring_system": "epss", "scoring_elements": "0.18111", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00058", "scoring_system": "epss", "scoring_elements": "0.18168", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00058", "scoring_system": "epss", "scoring_elements": "0.18174", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00058", "scoring_system": "epss", "scoring_elements": "0.18126", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00058", "scoring_system": "epss", "scoring_elements": "0.18078", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-21443" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21426", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21426" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21434", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21434" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21443", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21443" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21449", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21449" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21476", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21476" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21496", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21496" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2075793", "reference_id": "2075793", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2075793" }, { "reference_url": "https://security.archlinux.org/AVG-2686", "reference_id": "AVG-2686", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2686" }, { "reference_url": "https://security.archlinux.org/AVG-2687", "reference_id": "AVG-2687", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2687" }, { "reference_url": "https://security.archlinux.org/AVG-2688", "reference_id": "AVG-2688", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2688" }, { "reference_url": "https://security.archlinux.org/AVG-2689", "reference_id": "AVG-2689", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2689" }, { "reference_url": "https://www.debian.org/security/2022/dsa-5128", "reference_id": "dsa-5128", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-24T15:31:25Z/" } ], "url": "https://www.debian.org/security/2022/dsa-5128" }, { "reference_url": "https://www.debian.org/security/2022/dsa-5131", "reference_id": "dsa-5131", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-24T15:31:25Z/" } ], "url": "https://www.debian.org/security/2022/dsa-5131" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2022/05/msg00017.html", "reference_id": "msg00017.html", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-24T15:31:25Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2022/05/msg00017.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20220429-0006/", "reference_id": "ntap-20220429-0006", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-24T15:31:25Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20220429-0006/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1435", "reference_id": "RHSA-2022:1435", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1435" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1436", "reference_id": "RHSA-2022:1436", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1436" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1437", "reference_id": "RHSA-2022:1437", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1437" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1438", "reference_id": "RHSA-2022:1438", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1438" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1439", "reference_id": "RHSA-2022:1439", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1439" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1440", "reference_id": "RHSA-2022:1440", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1440" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1441", "reference_id": "RHSA-2022:1441", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1441" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1442", "reference_id": "RHSA-2022:1442", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1442" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1443", "reference_id": "RHSA-2022:1443", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1443" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1444", "reference_id": "RHSA-2022:1444", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1444" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1445", "reference_id": "RHSA-2022:1445", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1445" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1487", "reference_id": "RHSA-2022:1487", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1487" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1488", "reference_id": "RHSA-2022:1488", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1488" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1489", "reference_id": "RHSA-2022:1489", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1489" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1490", "reference_id": "RHSA-2022:1490", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1490" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1491", "reference_id": "RHSA-2022:1491", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1491" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1492", "reference_id": "RHSA-2022:1492", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1492" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1728", "reference_id": "RHSA-2022:1728", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1728" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1729", "reference_id": "RHSA-2022:1729", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1729" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:2137", "reference_id": "RHSA-2022:2137", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:2137" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4957", "reference_id": "RHSA-2022:4957", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4957" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4959", "reference_id": "RHSA-2022:4959", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4959" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5837", "reference_id": "RHSA-2022:5837", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5837" }, { "reference_url": "https://usn.ubuntu.com/5388-1/", "reference_id": "USN-5388-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5388-1/" }, { "reference_url": "https://usn.ubuntu.com/5388-2/", "reference_id": "USN-5388-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5388-2/" }, { "reference_url": "https://usn.ubuntu.com/5546-1/", "reference_id": "USN-5546-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5546-1/" }, { "reference_url": "https://usn.ubuntu.com/5546-2/", "reference_id": "USN-5546-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5546-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/448136?format=api", "purl": "pkg:apk/alpine/openjdk8@8.345.01-r0?arch=armv7&distroversion=v3.20&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openjdk8@8.345.01-r0%3Farch=armv7&distroversion=v3.20&reponame=community" } ], "aliases": [ "CVE-2022-21443" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1d6t-ndfc-m7hg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/60300?format=api", "vulnerability_id": "VCID-47ae-xdqr-6qgb", "summary": "Multiple vulnerabilities have been discovered in OpenJDK, the worst of which can lead to remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21540.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21540.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-21540", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00433", "scoring_system": "epss", "scoring_elements": "0.6268", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00433", "scoring_system": "epss", "scoring_elements": "0.62713", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00433", "scoring_system": "epss", "scoring_elements": "0.62677", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00433", "scoring_system": "epss", "scoring_elements": "0.62728", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00433", "scoring_system": "epss", "scoring_elements": "0.62745", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00433", "scoring_system": "epss", "scoring_elements": "0.62763", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00433", "scoring_system": "epss", "scoring_elements": "0.62752", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00433", "scoring_system": "epss", "scoring_elements": "0.62769", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-21540" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21540", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21540" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21541", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21541" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21549", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21549" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34169", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34169" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2108540", "reference_id": "2108540", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2108540" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5681", "reference_id": "RHSA-2022:5681", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5681" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5683", "reference_id": "RHSA-2022:5683", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5683" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5684", "reference_id": "RHSA-2022:5684", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5684" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5685", "reference_id": "RHSA-2022:5685", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5685" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5687", "reference_id": "RHSA-2022:5687", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5687" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5695", "reference_id": "RHSA-2022:5695", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5695" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5696", "reference_id": "RHSA-2022:5696", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5696" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5697", "reference_id": "RHSA-2022:5697", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5697" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5698", "reference_id": "RHSA-2022:5698", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5698" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5700", "reference_id": "RHSA-2022:5700", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5700" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5701", "reference_id": "RHSA-2022:5701", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5701" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5709", "reference_id": "RHSA-2022:5709", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5709" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5726", "reference_id": "RHSA-2022:5726", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5726" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5736", "reference_id": "RHSA-2022:5736", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5736" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5753", "reference_id": "RHSA-2022:5753", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5753" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5754", "reference_id": "RHSA-2022:5754", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5754" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5755", "reference_id": "RHSA-2022:5755", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5755" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5756", "reference_id": "RHSA-2022:5756", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5756" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5757", "reference_id": "RHSA-2022:5757", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5757" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5758", "reference_id": "RHSA-2022:5758", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5758" }, { "reference_url": "https://usn.ubuntu.com/5546-1/", "reference_id": "USN-5546-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5546-1/" }, { "reference_url": "https://usn.ubuntu.com/5546-2/", "reference_id": "USN-5546-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5546-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/448136?format=api", "purl": "pkg:apk/alpine/openjdk8@8.345.01-r0?arch=armv7&distroversion=v3.20&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openjdk8@8.345.01-r0%3Farch=armv7&distroversion=v3.20&reponame=community" } ], "aliases": [ "CVE-2022-21540" ], "risk_score": 2.4, "exploitability": "0.5", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-47ae-xdqr-6qgb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/79488?format=api", "vulnerability_id": "VCID-a95g-84vs-xbav", "summary": "OpenJDK: Defective secure validation in Apache Santuario (Libraries, 8278008)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21476.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21476.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-21476", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00184", "scoring_system": "epss", "scoring_elements": "0.40218", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00184", "scoring_system": "epss", "scoring_elements": "0.40224", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00184", "scoring_system": "epss", "scoring_elements": "0.40186", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00184", "scoring_system": "epss", "scoring_elements": "0.40168", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0019", "scoring_system": "epss", "scoring_elements": "0.40815", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0019", "scoring_system": "epss", "scoring_elements": "0.40842", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0019", "scoring_system": "epss", "scoring_elements": "0.40767", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0019", "scoring_system": "epss", "scoring_elements": "0.40817", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0019", "scoring_system": "epss", "scoring_elements": "0.40824", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-21476" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21426", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21426" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21434", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21434" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21443", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21443" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21449", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21449" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21476", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21476" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21496", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21496" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1010597", "reference_id": "1010597", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1010597" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2075842", "reference_id": "2075842", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2075842" }, { "reference_url": "https://security.archlinux.org/AVG-2687", "reference_id": "AVG-2687", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2687" }, { "reference_url": "https://security.archlinux.org/AVG-2688", "reference_id": "AVG-2688", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2688" }, { "reference_url": "https://security.archlinux.org/AVG-2689", "reference_id": "AVG-2689", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2689" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1435", "reference_id": "RHSA-2022:1435", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1435" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1436", "reference_id": "RHSA-2022:1436", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1436" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1437", "reference_id": "RHSA-2022:1437", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1437" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1438", "reference_id": "RHSA-2022:1438", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1438" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1439", "reference_id": "RHSA-2022:1439", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1439" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1440", "reference_id": "RHSA-2022:1440", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1440" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1441", "reference_id": "RHSA-2022:1441", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1441" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1442", "reference_id": "RHSA-2022:1442", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1442" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1443", "reference_id": "RHSA-2022:1443", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1443" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1444", "reference_id": "RHSA-2022:1444", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1444" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1445", "reference_id": "RHSA-2022:1445", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1445" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1487", "reference_id": "RHSA-2022:1487", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1487" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1488", "reference_id": "RHSA-2022:1488", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1488" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1489", "reference_id": "RHSA-2022:1489", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1489" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1490", "reference_id": "RHSA-2022:1490", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1490" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1491", "reference_id": "RHSA-2022:1491", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1491" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1492", "reference_id": "RHSA-2022:1492", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1492" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1728", "reference_id": "RHSA-2022:1728", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1728" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1729", "reference_id": "RHSA-2022:1729", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1729" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:2137", "reference_id": "RHSA-2022:2137", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:2137" }, { "reference_url": "https://usn.ubuntu.com/5388-1/", "reference_id": "USN-5388-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5388-1/" }, { "reference_url": "https://usn.ubuntu.com/5388-2/", "reference_id": "USN-5388-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5388-2/" }, { "reference_url": "https://usn.ubuntu.com/5546-1/", "reference_id": "USN-5546-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5546-1/" }, { "reference_url": "https://usn.ubuntu.com/5546-2/", "reference_id": "USN-5546-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5546-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/448136?format=api", "purl": "pkg:apk/alpine/openjdk8@8.345.01-r0?arch=armv7&distroversion=v3.20&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openjdk8@8.345.01-r0%3Farch=armv7&distroversion=v3.20&reponame=community" } ], "aliases": [ "CVE-2022-21476" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-a95g-84vs-xbav" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/79484?format=api", "vulnerability_id": "VCID-hx4c-96gx-2fbq", "summary": "OpenJDK: Unbounded memory allocation when compiling crafted XPath expressions (JAXP, 8270504)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21426.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21426.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-21426", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00062", "scoring_system": "epss", "scoring_elements": "0.19371", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00062", "scoring_system": "epss", "scoring_elements": "0.19476", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00062", "scoring_system": "epss", "scoring_elements": "0.19231", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00062", "scoring_system": "epss", "scoring_elements": "0.19268", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00062", "scoring_system": "epss", "scoring_elements": "0.19326", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00062", "scoring_system": "epss", "scoring_elements": "0.19374", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00062", "scoring_system": "epss", "scoring_elements": "0.19524", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00062", "scoring_system": "epss", "scoring_elements": "0.1924", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00062", "scoring_system": "epss", "scoring_elements": "0.19319", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-21426" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21426", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21426" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21434", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21434" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21443", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21443" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21449", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21449" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21476", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21476" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21496", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21496" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2075788", "reference_id": "2075788", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2075788" }, { "reference_url": "https://security.archlinux.org/AVG-2686", "reference_id": "AVG-2686", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2686" }, { "reference_url": "https://security.archlinux.org/AVG-2687", "reference_id": "AVG-2687", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2687" }, { "reference_url": "https://security.archlinux.org/AVG-2688", "reference_id": "AVG-2688", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2688" }, { "reference_url": "https://security.archlinux.org/AVG-2689", "reference_id": "AVG-2689", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2689" }, { "reference_url": "https://www.debian.org/security/2022/dsa-5128", "reference_id": "dsa-5128", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-24T17:35:39Z/" } ], "url": "https://www.debian.org/security/2022/dsa-5128" }, { "reference_url": "https://www.debian.org/security/2022/dsa-5131", "reference_id": "dsa-5131", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-24T17:35:39Z/" } ], "url": "https://www.debian.org/security/2022/dsa-5131" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2022/05/msg00017.html", "reference_id": "msg00017.html", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-24T17:35:39Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2022/05/msg00017.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20220429-0006/", "reference_id": "ntap-20220429-0006", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-24T17:35:39Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20220429-0006/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1435", "reference_id": "RHSA-2022:1435", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1435" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1436", "reference_id": "RHSA-2022:1436", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1436" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1437", "reference_id": "RHSA-2022:1437", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1437" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1438", "reference_id": "RHSA-2022:1438", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1438" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1439", "reference_id": "RHSA-2022:1439", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1439" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1440", "reference_id": "RHSA-2022:1440", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1440" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1441", "reference_id": "RHSA-2022:1441", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1441" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1442", "reference_id": "RHSA-2022:1442", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1442" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1443", "reference_id": "RHSA-2022:1443", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1443" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1444", "reference_id": "RHSA-2022:1444", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1444" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1445", "reference_id": "RHSA-2022:1445", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1445" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1487", "reference_id": "RHSA-2022:1487", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1487" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1488", "reference_id": "RHSA-2022:1488", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1488" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1489", "reference_id": "RHSA-2022:1489", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1489" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1490", "reference_id": "RHSA-2022:1490", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1490" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1491", "reference_id": "RHSA-2022:1491", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1491" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1492", "reference_id": "RHSA-2022:1492", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1492" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1728", "reference_id": "RHSA-2022:1728", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1728" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1729", "reference_id": "RHSA-2022:1729", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1729" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:2137", "reference_id": "RHSA-2022:2137", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:2137" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3136", "reference_id": "RHSA-2023:3136", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3136" }, { "reference_url": "https://usn.ubuntu.com/5388-1/", "reference_id": "USN-5388-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5388-1/" }, { "reference_url": "https://usn.ubuntu.com/5388-2/", "reference_id": "USN-5388-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5388-2/" }, { "reference_url": "https://usn.ubuntu.com/5546-1/", "reference_id": "USN-5546-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5546-1/" }, { "reference_url": "https://usn.ubuntu.com/5546-2/", "reference_id": "USN-5546-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5546-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/448136?format=api", "purl": "pkg:apk/alpine/openjdk8@8.345.01-r0?arch=armv7&distroversion=v3.20&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openjdk8@8.345.01-r0%3Farch=armv7&distroversion=v3.20&reponame=community" } ], "aliases": [ "CVE-2022-21426" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-hx4c-96gx-2fbq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/53969?format=api", "vulnerability_id": "VCID-rfs8-njaq-qkc8", "summary": "Apache Xalan Java XSLT library integer truncation issue when processing malicious XSLT stylesheets\nThe Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets. This can be used to corrupt Java class files generated by the internal XSLTC compiler and execute arbitrary Java bytecode.\n\nA fix for this issue was published in September 2022 as part of an anticipated 2.7.3 release.", "references": [ { "reference_url": "http://packetstormsecurity.com/files/168186/Xalan-J-XSLTC-Integer-Truncation.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://packetstormsecurity.com/files/168186/Xalan-J-XSLTC-Integer-Truncation.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-34169.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-34169.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-34169", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.06658", "scoring_system": "epss", "scoring_elements": "0.91216", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.06658", "scoring_system": "epss", "scoring_elements": "0.91212", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.06658", "scoring_system": "epss", "scoring_elements": "0.91206", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.06658", "scoring_system": "epss", "scoring_elements": "0.91199", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.06658", "scoring_system": "epss", "scoring_elements": "0.91186", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.06658", "scoring_system": "epss", "scoring_elements": "0.91215", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.06658", "scoring_system": "epss", "scoring_elements": "0.91239", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.08992", "scoring_system": "epss", "scoring_elements": "0.92592", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.08992", "scoring_system": "epss", "scoring_elements": "0.92585", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-34169" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21540", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21540" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21541", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21541" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21549", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21549" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34169", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34169" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://gitbox.apache.org/repos/asf?p=xalan-java.git", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://gitbox.apache.org/repos/asf?p=xalan-java.git" }, { "reference_url": "https://gitbox.apache.org/repos/asf?p=xalan-java.git;a=commit;h=2e60d0a9a5b822c4abf9051857973b1c6babfe81", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://gitbox.apache.org/repos/asf?p=xalan-java.git;a=commit;h=2e60d0a9a5b822c4abf9051857973b1c6babfe81" }, { "reference_url": "https://gitbox.apache.org/repos/asf?p=xalan-java.git;a=commit;h=ab57211e5d2e97cbed06786f919fa9b749c83573", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://gitbox.apache.org/repos/asf?p=xalan-java.git;a=commit;h=ab57211e5d2e97cbed06786f919fa9b749c83573" }, { "reference_url": "https://gitbox.apache.org/repos/asf?p=xalan-java.git;a=commit;h=da3e0d06b467247643ce04e88d3346739d119f21", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://gitbox.apache.org/repos/asf?p=xalan-java.git;a=commit;h=da3e0d06b467247643ce04e88d3346739d119f21" }, { "reference_url": "https://lists.apache.org/thread/12pxy4phsry6c34x2ol4fft6xlho4kyw", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread/12pxy4phsry6c34x2ol4fft6xlho4kyw" }, { "reference_url": "https://lists.apache.org/thread/2qvl7r43wb4t8p9dd9om1bnkssk07sn8", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread/2qvl7r43wb4t8p9dd9om1bnkssk07sn8" }, { "reference_url": "https://lists.apache.org/thread/x3f7xv3p1g32qj2hlg8wd57pwcpld471", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread/x3f7xv3p1g32qj2hlg8wd57pwcpld471" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2022/10/msg00024.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.debian.org/debian-lts-announce/2022/10/msg00024.html" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/H4YNJSJ64NPCNKFPNBYITNZU5H3L4D6L", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/H4YNJSJ64NPCNKFPNBYITNZU5H3L4D6L" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I5OZNAZJ4YHLOKRRRZSWRT5OJ25E4XLM", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I5OZNAZJ4YHLOKRRRZSWRT5OJ25E4XLM" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JN3EVGR7FD3ZLV5SBTJXUIDCMSK4QUE2", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JN3EVGR7FD3ZLV5SBTJXUIDCMSK4QUE2" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KO3DXNKZ4EU3UZBT6AAR4XRKCD73KLMO", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KO3DXNKZ4EU3UZBT6AAR4XRKCD73KLMO" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L3XPOTPPBZIPFBZHQE5E7OW6PDACUMCJ", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L3XPOTPPBZIPFBZHQE5E7OW6PDACUMCJ" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YULPNO3PAWMEQQZV2C54I3H3ZOXFZUTB", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YULPNO3PAWMEQQZV2C54I3H3ZOXFZUTB" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/H4YNJSJ64NPCNKFPNBYITNZU5H3L4D6L", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/H4YNJSJ64NPCNKFPNBYITNZU5H3L4D6L" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I5OZNAZJ4YHLOKRRRZSWRT5OJ25E4XLM", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I5OZNAZJ4YHLOKRRRZSWRT5OJ25E4XLM" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JN3EVGR7FD3ZLV5SBTJXUIDCMSK4QUE2", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JN3EVGR7FD3ZLV5SBTJXUIDCMSK4QUE2" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KO3DXNKZ4EU3UZBT6AAR4XRKCD73KLMO", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KO3DXNKZ4EU3UZBT6AAR4XRKCD73KLMO" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L3XPOTPPBZIPFBZHQE5E7OW6PDACUMCJ", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L3XPOTPPBZIPFBZHQE5E7OW6PDACUMCJ" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YULPNO3PAWMEQQZV2C54I3H3ZOXFZUTB", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YULPNO3PAWMEQQZV2C54I3H3ZOXFZUTB" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-34169", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-34169" }, { "reference_url": "https://security.gentoo.org/glsa/202401-25", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.gentoo.org/glsa/202401-25" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20220729-0009", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.netapp.com/advisory/ntap-20220729-0009" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20240621-0006", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.netapp.com/advisory/ntap-20240621-0006" }, { "reference_url": "https://www.debian.org/security/2022/dsa-5188", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.debian.org/security/2022/dsa-5188" }, { "reference_url": "https://www.debian.org/security/2022/dsa-5192", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.debian.org/security/2022/dsa-5192" }, { "reference_url": "https://www.debian.org/security/2022/dsa-5256", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.debian.org/security/2022/dsa-5256" }, { "reference_url": "https://www.oracle.com/security-alerts/cpujul2022.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.oracle.com/security-alerts/cpujul2022.html" }, { "reference_url": "https://xalan.apache.org", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://xalan.apache.org" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2022/07/19/5", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.openwall.com/lists/oss-security/2022/07/19/5" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2022/07/19/6", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.openwall.com/lists/oss-security/2022/07/19/6" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2022/07/20/2", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.openwall.com/lists/oss-security/2022/07/20/2" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2022/07/20/3", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.openwall.com/lists/oss-security/2022/07/20/3" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2022/10/18/2", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.openwall.com/lists/oss-security/2022/10/18/2" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2022/11/04/8", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.openwall.com/lists/oss-security/2022/11/04/8" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2022/11/07/2", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.openwall.com/lists/oss-security/2022/11/07/2" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1015860", "reference_id": "1015860", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1015860" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2108554", "reference_id": "2108554", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2108554" }, { "reference_url": "https://github.com/advisories/GHSA-9339-86wc-4qgf", "reference_id": "GHSA-9339-86wc-4qgf", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-9339-86wc-4qgf" }, { "reference_url": "https://security.gentoo.org/glsa/202405-16", "reference_id": "GLSA-202405-16", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202405-16" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5681", "reference_id": "RHSA-2022:5681", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5681" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5683", "reference_id": "RHSA-2022:5683", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5683" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5684", "reference_id": "RHSA-2022:5684", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5684" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5685", "reference_id": "RHSA-2022:5685", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5685" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5687", "reference_id": "RHSA-2022:5687", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5687" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5695", "reference_id": "RHSA-2022:5695", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5695" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5696", "reference_id": "RHSA-2022:5696", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5696" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5697", "reference_id": "RHSA-2022:5697", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5697" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5698", "reference_id": "RHSA-2022:5698", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5698" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5700", "reference_id": "RHSA-2022:5700", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5700" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5701", "reference_id": "RHSA-2022:5701", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5701" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5709", "reference_id": "RHSA-2022:5709", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5709" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5726", "reference_id": "RHSA-2022:5726", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5726" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5736", "reference_id": "RHSA-2022:5736", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5736" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5753", "reference_id": "RHSA-2022:5753", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5753" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5754", "reference_id": "RHSA-2022:5754", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5754" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5755", "reference_id": "RHSA-2022:5755", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5755" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5756", "reference_id": "RHSA-2022:5756", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5756" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5757", "reference_id": "RHSA-2022:5757", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5757" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5758", "reference_id": "RHSA-2022:5758", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5758" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:3708", "reference_id": "RHSA-2024:3708", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:3708" }, { "reference_url": "https://usn.ubuntu.com/5546-1/", "reference_id": "USN-5546-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5546-1/" }, { "reference_url": "https://usn.ubuntu.com/5546-2/", "reference_id": "USN-5546-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5546-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/448136?format=api", "purl": "pkg:apk/alpine/openjdk8@8.345.01-r0?arch=armv7&distroversion=v3.20&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openjdk8@8.345.01-r0%3Farch=armv7&distroversion=v3.20&reponame=community" } ], "aliases": [ "CVE-2022-34169", "GHSA-9339-86wc-4qgf" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-rfs8-njaq-qkc8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/60301?format=api", "vulnerability_id": "VCID-t4r8-ujpb-5kdk", "summary": "Multiple vulnerabilities have been discovered in OpenJDK, the worst of which can lead to remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21541.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21541.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-21541", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00401", "scoring_system": "epss", "scoring_elements": "0.60711", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00401", "scoring_system": "epss", "scoring_elements": "0.60804", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00401", "scoring_system": "epss", "scoring_elements": "0.60741", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00401", "scoring_system": "epss", "scoring_elements": "0.60706", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00401", "scoring_system": "epss", "scoring_elements": "0.60755", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00401", "scoring_system": "epss", "scoring_elements": "0.6077", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00401", "scoring_system": "epss", "scoring_elements": "0.60795", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00401", "scoring_system": "epss", "scoring_elements": "0.60781", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00401", "scoring_system": "epss", "scoring_elements": "0.60761", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-21541" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21540", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21540" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21541", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21541" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21549", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21549" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34169", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34169" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2108543", "reference_id": "2108543", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2108543" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/H4YNJSJ64NPCNKFPNBYITNZU5H3L4D6L/", "reference_id": "H4YNJSJ64NPCNKFPNBYITNZU5H3L4D6L", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-11T20:42:01Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/H4YNJSJ64NPCNKFPNBYITNZU5H3L4D6L/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I5OZNAZJ4YHLOKRRRZSWRT5OJ25E4XLM/", "reference_id": "I5OZNAZJ4YHLOKRRRZSWRT5OJ25E4XLM", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-11T20:42:01Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I5OZNAZJ4YHLOKRRRZSWRT5OJ25E4XLM/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JN3EVGR7FD3ZLV5SBTJXUIDCMSK4QUE2/", "reference_id": "JN3EVGR7FD3ZLV5SBTJXUIDCMSK4QUE2", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-11T20:42:01Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JN3EVGR7FD3ZLV5SBTJXUIDCMSK4QUE2/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KO3DXNKZ4EU3UZBT6AAR4XRKCD73KLMO/", "reference_id": "KO3DXNKZ4EU3UZBT6AAR4XRKCD73KLMO", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-11T20:42:01Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KO3DXNKZ4EU3UZBT6AAR4XRKCD73KLMO/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L3XPOTPPBZIPFBZHQE5E7OW6PDACUMCJ/", "reference_id": "L3XPOTPPBZIPFBZHQE5E7OW6PDACUMCJ", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-11T20:42:01Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L3XPOTPPBZIPFBZHQE5E7OW6PDACUMCJ/" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20220729-0009/", "reference_id": "ntap-20220729-0009", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-11T20:42:01Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20220729-0009/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5681", "reference_id": "RHSA-2022:5681", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5681" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5683", "reference_id": "RHSA-2022:5683", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5683" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5684", "reference_id": "RHSA-2022:5684", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5684" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5685", "reference_id": "RHSA-2022:5685", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5685" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5687", "reference_id": "RHSA-2022:5687", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5687" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5695", "reference_id": "RHSA-2022:5695", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5695" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5696", "reference_id": "RHSA-2022:5696", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5696" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5697", "reference_id": "RHSA-2022:5697", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5697" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5698", "reference_id": "RHSA-2022:5698", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5698" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5700", "reference_id": "RHSA-2022:5700", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5700" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5701", "reference_id": "RHSA-2022:5701", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5701" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5709", "reference_id": "RHSA-2022:5709", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5709" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5726", "reference_id": "RHSA-2022:5726", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5726" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5736", "reference_id": "RHSA-2022:5736", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5736" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5753", "reference_id": "RHSA-2022:5753", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5753" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5754", "reference_id": "RHSA-2022:5754", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5754" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5755", "reference_id": "RHSA-2022:5755", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5755" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5756", "reference_id": "RHSA-2022:5756", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5756" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5757", "reference_id": "RHSA-2022:5757", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5757" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5758", "reference_id": "RHSA-2022:5758", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5758" }, { "reference_url": "https://usn.ubuntu.com/5546-1/", "reference_id": "USN-5546-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5546-1/" }, { "reference_url": "https://usn.ubuntu.com/5546-2/", "reference_id": "USN-5546-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5546-2/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YULPNO3PAWMEQQZV2C54I3H3ZOXFZUTB/", "reference_id": "YULPNO3PAWMEQQZV2C54I3H3ZOXFZUTB", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-11T20:42:01Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YULPNO3PAWMEQQZV2C54I3H3ZOXFZUTB/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/448136?format=api", "purl": "pkg:apk/alpine/openjdk8@8.345.01-r0?arch=armv7&distroversion=v3.20&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openjdk8@8.345.01-r0%3Farch=armv7&distroversion=v3.20&reponame=community" } ], "aliases": [ "CVE-2022-21541" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-t4r8-ujpb-5kdk" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/79489?format=api", "vulnerability_id": "VCID-y5qu-j3wt-wuej", "summary": "OpenJDK: URI parsing inconsistencies (JNDI, 8278972)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21496.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21496.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-21496", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00109", "scoring_system": "epss", "scoring_elements": "0.29176", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00109", "scoring_system": "epss", "scoring_elements": "0.29303", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00109", "scoring_system": "epss", "scoring_elements": "0.29203", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00109", "scoring_system": "epss", "scoring_elements": "0.29352", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00109", "scoring_system": "epss", "scoring_elements": "0.29164", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00109", "scoring_system": "epss", "scoring_elements": "0.29228", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00109", "scoring_system": "epss", "scoring_elements": "0.29269", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00109", "scoring_system": "epss", "scoring_elements": "0.29275", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00109", "scoring_system": "epss", "scoring_elements": "0.29229", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-21496" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21426", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21426" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21434", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21434" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21443", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21443" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21449", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21449" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21476", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21476" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21496", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21496" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2075849", "reference_id": "2075849", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2075849" }, { "reference_url": "https://security.archlinux.org/AVG-2686", "reference_id": "AVG-2686", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2686" }, { "reference_url": "https://security.archlinux.org/AVG-2687", "reference_id": "AVG-2687", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2687" }, { "reference_url": "https://security.archlinux.org/AVG-2688", "reference_id": "AVG-2688", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2688" }, { "reference_url": "https://security.archlinux.org/AVG-2689", "reference_id": "AVG-2689", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2689" }, { "reference_url": "https://www.debian.org/security/2022/dsa-5128", "reference_id": "dsa-5128", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-24T13:53:50Z/" } ], "url": "https://www.debian.org/security/2022/dsa-5128" }, { "reference_url": "https://www.debian.org/security/2022/dsa-5131", "reference_id": "dsa-5131", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-24T13:53:50Z/" } ], "url": "https://www.debian.org/security/2022/dsa-5131" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2022/05/msg00017.html", "reference_id": "msg00017.html", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-24T13:53:50Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2022/05/msg00017.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20220429-0006/", "reference_id": "ntap-20220429-0006", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-24T13:53:50Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20220429-0006/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1435", "reference_id": "RHSA-2022:1435", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1435" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1436", "reference_id": "RHSA-2022:1436", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1436" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1437", "reference_id": "RHSA-2022:1437", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1437" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1438", "reference_id": "RHSA-2022:1438", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1438" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1439", "reference_id": "RHSA-2022:1439", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1439" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1440", "reference_id": "RHSA-2022:1440", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1440" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1441", "reference_id": "RHSA-2022:1441", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1441" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1442", "reference_id": "RHSA-2022:1442", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1442" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1443", "reference_id": "RHSA-2022:1443", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1443" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1444", "reference_id": "RHSA-2022:1444", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1444" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1445", "reference_id": "RHSA-2022:1445", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1445" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1487", "reference_id": "RHSA-2022:1487", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1487" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1488", "reference_id": "RHSA-2022:1488", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1488" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1489", "reference_id": "RHSA-2022:1489", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1489" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1490", "reference_id": "RHSA-2022:1490", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1490" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1491", "reference_id": "RHSA-2022:1491", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1491" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1492", "reference_id": "RHSA-2022:1492", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1492" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1728", "reference_id": "RHSA-2022:1728", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1728" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1729", "reference_id": "RHSA-2022:1729", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1729" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:2137", "reference_id": "RHSA-2022:2137", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:2137" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4957", "reference_id": "RHSA-2022:4957", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4957" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4959", "reference_id": "RHSA-2022:4959", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4959" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5837", "reference_id": "RHSA-2022:5837", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5837" }, { "reference_url": "https://usn.ubuntu.com/5388-1/", "reference_id": "USN-5388-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5388-1/" }, { "reference_url": "https://usn.ubuntu.com/5388-2/", "reference_id": "USN-5388-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5388-2/" }, { "reference_url": "https://usn.ubuntu.com/5546-1/", "reference_id": "USN-5546-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5546-1/" }, { "reference_url": "https://usn.ubuntu.com/5546-2/", "reference_id": "USN-5546-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5546-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/448136?format=api", "purl": "pkg:apk/alpine/openjdk8@8.345.01-r0?arch=armv7&distroversion=v3.20&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openjdk8@8.345.01-r0%3Farch=armv7&distroversion=v3.20&reponame=community" } ], "aliases": [ "CVE-2022-21496" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-y5qu-j3wt-wuej" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/79487?format=api", "vulnerability_id": "VCID-zh9v-47ue-p7ep", "summary": "OpenJDK: Improper object-to-string conversion in AnnotationInvocationHandler (Libraries, 8277672)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21434.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21434.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-21434", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00108", "scoring_system": "epss", "scoring_elements": "0.29078", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00108", "scoring_system": "epss", "scoring_elements": "0.2911", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00108", "scoring_system": "epss", "scoring_elements": "0.29014", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00108", "scoring_system": "epss", "scoring_elements": "0.2899", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00108", "scoring_system": "epss", "scoring_elements": "0.2904", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00108", "scoring_system": "epss", "scoring_elements": "0.29084", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00108", "scoring_system": "epss", "scoring_elements": "0.29161", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00108", "scoring_system": "epss", "scoring_elements": "0.28972", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00108", "scoring_system": "epss", "scoring_elements": "0.29036", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-21434" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21426", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21426" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21434", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21434" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21443", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21443" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21449", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21449" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21476", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21476" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21496", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21496" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2075836", "reference_id": "2075836", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2075836" }, { "reference_url": "https://security.archlinux.org/AVG-2686", "reference_id": "AVG-2686", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2686" }, { "reference_url": "https://security.archlinux.org/AVG-2687", "reference_id": "AVG-2687", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2687" }, { "reference_url": "https://security.archlinux.org/AVG-2688", "reference_id": "AVG-2688", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2688" }, { "reference_url": "https://security.archlinux.org/AVG-2689", "reference_id": "AVG-2689", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2689" }, { "reference_url": "https://www.debian.org/security/2022/dsa-5128", "reference_id": "dsa-5128", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-02T19:51:37Z/" } ], "url": "https://www.debian.org/security/2022/dsa-5128" }, { "reference_url": "https://www.debian.org/security/2022/dsa-5131", "reference_id": "dsa-5131", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-02T19:51:37Z/" } ], "url": "https://www.debian.org/security/2022/dsa-5131" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2022/05/msg00017.html", "reference_id": "msg00017.html", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-02T19:51:37Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2022/05/msg00017.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20220429-0006/", "reference_id": "ntap-20220429-0006", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-02T19:51:37Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20220429-0006/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1435", "reference_id": "RHSA-2022:1435", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1435" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1436", "reference_id": "RHSA-2022:1436", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1436" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1437", "reference_id": "RHSA-2022:1437", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1437" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1438", "reference_id": "RHSA-2022:1438", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1438" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1439", "reference_id": "RHSA-2022:1439", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1439" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1440", "reference_id": "RHSA-2022:1440", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1440" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1441", "reference_id": "RHSA-2022:1441", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1441" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1442", "reference_id": "RHSA-2022:1442", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1442" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1443", "reference_id": "RHSA-2022:1443", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1443" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1444", "reference_id": "RHSA-2022:1444", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1444" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1445", "reference_id": "RHSA-2022:1445", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1445" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1487", "reference_id": "RHSA-2022:1487", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1487" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1488", "reference_id": "RHSA-2022:1488", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1488" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1489", "reference_id": "RHSA-2022:1489", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1489" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1490", "reference_id": "RHSA-2022:1490", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1490" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1491", "reference_id": "RHSA-2022:1491", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1491" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1492", "reference_id": "RHSA-2022:1492", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1492" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1728", "reference_id": "RHSA-2022:1728", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1728" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1729", "reference_id": "RHSA-2022:1729", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1729" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:2137", "reference_id": "RHSA-2022:2137", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:2137" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4957", "reference_id": "RHSA-2022:4957", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4957" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4959", "reference_id": "RHSA-2022:4959", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4959" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5837", "reference_id": "RHSA-2022:5837", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5837" }, { "reference_url": "https://usn.ubuntu.com/5388-1/", "reference_id": "USN-5388-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5388-1/" }, { "reference_url": "https://usn.ubuntu.com/5388-2/", "reference_id": "USN-5388-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5388-2/" }, { "reference_url": "https://usn.ubuntu.com/5546-1/", "reference_id": "USN-5546-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5546-1/" }, { "reference_url": "https://usn.ubuntu.com/5546-2/", "reference_id": "USN-5546-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5546-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/448136?format=api", "purl": "pkg:apk/alpine/openjdk8@8.345.01-r0?arch=armv7&distroversion=v3.20&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openjdk8@8.345.01-r0%3Farch=armv7&distroversion=v3.20&reponame=community" } ], "aliases": [ "CVE-2022-21434" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zh9v-47ue-p7ep" } ], "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openjdk8@8.345.01-r0%3Farch=armv7&distroversion=v3.20&reponame=community" }