Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/85283?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/85283?format=api", "purl": "pkg:ebuild/dev-java/openjdk@17.0.7_p7", "type": "ebuild", "namespace": "dev-java", "name": "openjdk", "version": "17.0.7_p7", "qualifiers": {}, "subpath": "", "is_vulnerable": false, "next_non_vulnerable_version": "17.0.12_p7", "latest_non_vulnerable_version": "17.0.12_p7", "affected_by_vulnerabilities": [], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/34432?format=api", "vulnerability_id": "VCID-3tav-ffar-hfhb", "summary": "Multiple vulnerabilities have been found in IcedTea, the worst of which could result in arbitrary code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-21843.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-21843.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-21843", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00117", "scoring_system": "epss", "scoring_elements": "0.30703", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00117", "scoring_system": "epss", "scoring_elements": "0.30566", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00117", "scoring_system": "epss", "scoring_elements": "0.30561", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00117", "scoring_system": "epss", "scoring_elements": "0.30619", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00117", "scoring_system": "epss", "scoring_elements": "0.30653", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00117", "scoring_system": "epss", "scoring_elements": "0.30658", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00117", "scoring_system": "epss", "scoring_elements": "0.30613", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00117", "scoring_system": "epss", "scoring_elements": "0.3075", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-21843" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21618", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21618" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21619", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21619" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21624", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21624" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21626", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21626" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21628", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21628" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39399", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39399" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21835", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21835" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21843", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21843" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2160475", "reference_id": "2160475", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2160475" }, { "reference_url": "https://security.gentoo.org/glsa/202409-26", "reference_id": "GLSA-202409-26", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202409-26" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0190", "reference_id": "RHSA-2023:0190", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0190" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0191", "reference_id": "RHSA-2023:0191", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0191" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0192", "reference_id": "RHSA-2023:0192", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0192" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0193", "reference_id": "RHSA-2023:0193", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0193" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0194", "reference_id": "RHSA-2023:0194", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0194" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0195", "reference_id": "RHSA-2023:0195", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0195" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0196", "reference_id": "RHSA-2023:0196", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0196" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0197", "reference_id": "RHSA-2023:0197", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0197" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0198", "reference_id": "RHSA-2023:0198", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0198" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0199", "reference_id": "RHSA-2023:0199", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0199" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0200", "reference_id": "RHSA-2023:0200", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0200" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0201", "reference_id": "RHSA-2023:0201", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0201" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0202", "reference_id": "RHSA-2023:0202", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0202" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0203", "reference_id": "RHSA-2023:0203", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0203" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0204", "reference_id": "RHSA-2023:0204", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0204" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0205", "reference_id": "RHSA-2023:0205", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0205" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0206", "reference_id": "RHSA-2023:0206", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0206" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0207", "reference_id": "RHSA-2023:0207", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0207" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0208", "reference_id": "RHSA-2023:0208", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0208" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0209", "reference_id": "RHSA-2023:0209", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0209" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0210", "reference_id": "RHSA-2023:0210", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0210" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0352", "reference_id": "RHSA-2023:0352", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0352" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0353", "reference_id": "RHSA-2023:0353", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0353" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0354", "reference_id": "RHSA-2023:0354", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0354" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0387", "reference_id": "RHSA-2023:0387", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0387" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0388", "reference_id": "RHSA-2023:0388", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0388" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0389", "reference_id": "RHSA-2023:0389", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0389" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3136", "reference_id": "RHSA-2023:3136", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3136" }, { "reference_url": "https://usn.ubuntu.com/5897-1/", "reference_id": "USN-5897-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5897-1/" }, { "reference_url": "https://usn.ubuntu.com/5898-1/", "reference_id": "USN-5898-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5898-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/85281?format=api", "purl": "pkg:ebuild/dev-java/openjdk@8.372_p07", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk@8.372_p07" }, { "url": "http://public2.vulnerablecode.io/api/packages/85282?format=api", "purl": "pkg:ebuild/dev-java/openjdk@11.0.19_p7", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk@11.0.19_p7" }, { "url": "http://public2.vulnerablecode.io/api/packages/85283?format=api", "purl": "pkg:ebuild/dev-java/openjdk@17.0.7_p7", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk@17.0.7_p7" } ], "aliases": [ "CVE-2023-21843" ], "risk_score": 1.6, "exploitability": "0.5", "weighted_severity": "3.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3tav-ffar-hfhb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/60302?format=api", "vulnerability_id": "VCID-44t4-tppq-ybb3", "summary": "Multiple vulnerabilities have been discovered in OpenJDK, the worst of which can lead to remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21549.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21549.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-21549", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00227", "scoring_system": "epss", "scoring_elements": "0.45479", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00227", "scoring_system": "epss", "scoring_elements": "0.45501", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00227", "scoring_system": "epss", "scoring_elements": "0.45446", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00227", "scoring_system": "epss", "scoring_elements": "0.455", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00227", "scoring_system": "epss", "scoring_elements": "0.45521", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00227", "scoring_system": "epss", "scoring_elements": "0.45491", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00227", "scoring_system": "epss", "scoring_elements": "0.45496", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-21549" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21540", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21540" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21541", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21541" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21549", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21549" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34169", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34169" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2108547", "reference_id": "2108547", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2108547" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5726", "reference_id": "RHSA-2022:5726", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5726" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5736", "reference_id": "RHSA-2022:5736", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5736" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5757", "reference_id": "RHSA-2022:5757", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5757" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5758", "reference_id": "RHSA-2022:5758", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5758" }, { "reference_url": "https://usn.ubuntu.com/5546-1/", "reference_id": "USN-5546-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5546-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/85281?format=api", "purl": "pkg:ebuild/dev-java/openjdk@8.372_p07", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk@8.372_p07" }, { "url": "http://public2.vulnerablecode.io/api/packages/85282?format=api", "purl": "pkg:ebuild/dev-java/openjdk@11.0.19_p7", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk@11.0.19_p7" }, { "url": "http://public2.vulnerablecode.io/api/packages/85283?format=api", "purl": "pkg:ebuild/dev-java/openjdk@17.0.7_p7", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk@17.0.7_p7" } ], "aliases": [ "CVE-2022-21549" ], "risk_score": 2.4, "exploitability": "0.5", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-44t4-tppq-ybb3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/60300?format=api", "vulnerability_id": "VCID-47ae-xdqr-6qgb", "summary": "Multiple vulnerabilities have been discovered in OpenJDK, the worst of which can lead to remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21540.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21540.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-21540", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00433", "scoring_system": "epss", "scoring_elements": "0.6268", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00433", "scoring_system": "epss", "scoring_elements": "0.62713", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00433", "scoring_system": "epss", "scoring_elements": "0.62677", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00433", "scoring_system": "epss", "scoring_elements": "0.62728", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00433", "scoring_system": "epss", "scoring_elements": "0.62745", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00433", "scoring_system": "epss", "scoring_elements": "0.62763", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00433", "scoring_system": "epss", "scoring_elements": "0.62752", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-21540" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21540", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21540" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21541", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21541" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21549", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21549" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34169", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34169" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2108540", "reference_id": "2108540", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2108540" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5681", "reference_id": "RHSA-2022:5681", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5681" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5683", "reference_id": "RHSA-2022:5683", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5683" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5684", "reference_id": "RHSA-2022:5684", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5684" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5685", "reference_id": "RHSA-2022:5685", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5685" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5687", "reference_id": "RHSA-2022:5687", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5687" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5695", "reference_id": "RHSA-2022:5695", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5695" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5696", "reference_id": "RHSA-2022:5696", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5696" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5697", "reference_id": "RHSA-2022:5697", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5697" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5698", "reference_id": "RHSA-2022:5698", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5698" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5700", "reference_id": "RHSA-2022:5700", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5700" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5701", "reference_id": "RHSA-2022:5701", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5701" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5709", "reference_id": "RHSA-2022:5709", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5709" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5726", "reference_id": "RHSA-2022:5726", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5726" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5736", "reference_id": "RHSA-2022:5736", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5736" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5753", "reference_id": "RHSA-2022:5753", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5753" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5754", "reference_id": "RHSA-2022:5754", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5754" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5755", "reference_id": "RHSA-2022:5755", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5755" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5756", "reference_id": "RHSA-2022:5756", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5756" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5757", "reference_id": "RHSA-2022:5757", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5757" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5758", "reference_id": "RHSA-2022:5758", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5758" }, { "reference_url": "https://usn.ubuntu.com/5546-1/", "reference_id": "USN-5546-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5546-1/" }, { "reference_url": "https://usn.ubuntu.com/5546-2/", "reference_id": "USN-5546-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5546-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/85281?format=api", "purl": "pkg:ebuild/dev-java/openjdk@8.372_p07", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk@8.372_p07" }, { "url": "http://public2.vulnerablecode.io/api/packages/85282?format=api", "purl": "pkg:ebuild/dev-java/openjdk@11.0.19_p7", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk@11.0.19_p7" }, { "url": "http://public2.vulnerablecode.io/api/packages/85283?format=api", "purl": "pkg:ebuild/dev-java/openjdk@17.0.7_p7", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk@17.0.7_p7" } ], "aliases": [ "CVE-2022-21540" ], "risk_score": 2.4, "exploitability": "0.5", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-47ae-xdqr-6qgb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/53482?format=api", "vulnerability_id": "VCID-4ke8-hhhy-efbk", "summary": "Apache Commons BCEL vulnerable to out-of-bounds write\nApache Commons BCEL has a number of APIs that would normally only allow changing specific class characteristics. However, due to an out-of-bounds writing issue, these APIs can be used to produce arbitrary bytecode. This could be abused in applications that pass attacker-controllable data to those APIs, giving the attacker more control over the resulting bytecode than otherwise expected. Update to Apache Commons BCEL 6.6.0.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-42920.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-42920.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-42920", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.03373", "scoring_system": "epss", "scoring_elements": "0.8737", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.03373", "scoring_system": "epss", "scoring_elements": "0.87379", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.03373", "scoring_system": "epss", "scoring_elements": "0.87374", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.03373", "scoring_system": "epss", "scoring_elements": "0.87326", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.03373", "scoring_system": "epss", "scoring_elements": "0.87342", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.03373", "scoring_system": "epss", "scoring_elements": "0.8736", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.03373", "scoring_system": "epss", "scoring_elements": "0.87367", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-42920" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42920", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42920" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/apache/commons-bcel", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/apache/commons-bcel" }, { "reference_url": "https://github.com/apache/commons-bcel/pull/147", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/apache/commons-bcel/pull/147" }, { "reference_url": "https://issues.apache.org/jira/browse/BCEL-363", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://issues.apache.org/jira/browse/BCEL-363" }, { "reference_url": "https://lists.apache.org/thread/lfxk7q8qmnh5bt9jm6nmjlv5hsxjhrz4", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread/lfxk7q8qmnh5bt9jm6nmjlv5hsxjhrz4" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LX3HEB4TV2BVCGDTK5BCLSYOZNQTOBN4", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LX3HEB4TV2BVCGDTK5BCLSYOZNQTOBN4" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LX3HEB4TV2BVCGDTK5BCLSYOZNQTOBN4/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LX3HEB4TV2BVCGDTK5BCLSYOZNQTOBN4/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QAMRHAKGIKZNHRBB4VLYTOIOIMMXCUCD", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QAMRHAKGIKZNHRBB4VLYTOIOIMMXCUCD" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QAMRHAKGIKZNHRBB4VLYTOIOIMMXCUCD/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QAMRHAKGIKZNHRBB4VLYTOIOIMMXCUCD/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QMVX6COVXZVS5GPWDODIRW6Z2GE7RPAQ", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QMVX6COVXZVS5GPWDODIRW6Z2GE7RPAQ" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QMVX6COVXZVS5GPWDODIRW6Z2GE7RPAQ/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QMVX6COVXZVS5GPWDODIRW6Z2GE7RPAQ/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LX3HEB4TV2BVCGDTK5BCLSYOZNQTOBN4", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LX3HEB4TV2BVCGDTK5BCLSYOZNQTOBN4" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LX3HEB4TV2BVCGDTK5BCLSYOZNQTOBN4/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LX3HEB4TV2BVCGDTK5BCLSYOZNQTOBN4/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QAMRHAKGIKZNHRBB4VLYTOIOIMMXCUCD", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QAMRHAKGIKZNHRBB4VLYTOIOIMMXCUCD" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QAMRHAKGIKZNHRBB4VLYTOIOIMMXCUCD/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QAMRHAKGIKZNHRBB4VLYTOIOIMMXCUCD/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QMVX6COVXZVS5GPWDODIRW6Z2GE7RPAQ", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QMVX6COVXZVS5GPWDODIRW6Z2GE7RPAQ" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QMVX6COVXZVS5GPWDODIRW6Z2GE7RPAQ/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QMVX6COVXZVS5GPWDODIRW6Z2GE7RPAQ/" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-42920", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-42920" }, { "reference_url": "https://security.gentoo.org/glsa/202401-25", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.gentoo.org/glsa/202401-25" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2022/11/07/2", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.openwall.com/lists/oss-security/2022/11/07/2" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2142707", "reference_id": "2142707", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2142707" }, { "reference_url": "https://github.com/advisories/GHSA-97xg-phpr-rg8q", "reference_id": "GHSA-97xg-phpr-rg8q", "reference_type": "", "scores": [ { "value": "CRITICAL", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-97xg-phpr-rg8q" }, { "reference_url": "https://security.gentoo.org/glsa/202405-16", "reference_id": "GLSA-202405-16", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202405-16" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:8958", "reference_id": "RHSA-2022:8958", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:8958" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:8959", "reference_id": "RHSA-2022:8959", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:8959" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0004", "reference_id": "RHSA-2023:0004", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0004" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0005", "reference_id": "RHSA-2023:0005", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0005" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0470", "reference_id": "RHSA-2023:0470", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0470" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0471", "reference_id": "RHSA-2023:0471", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0471" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0934", "reference_id": "RHSA-2023:0934", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0934" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4983", "reference_id": "RHSA-2023:4983", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4983" }, { "reference_url": "https://usn.ubuntu.com/7208-1/", "reference_id": "USN-7208-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7208-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/85281?format=api", "purl": "pkg:ebuild/dev-java/openjdk@8.372_p07", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk@8.372_p07" }, { "url": "http://public2.vulnerablecode.io/api/packages/85282?format=api", "purl": "pkg:ebuild/dev-java/openjdk@11.0.19_p7", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk@11.0.19_p7" }, { "url": "http://public2.vulnerablecode.io/api/packages/85283?format=api", "purl": "pkg:ebuild/dev-java/openjdk@17.0.7_p7", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk@17.0.7_p7" } ], "aliases": [ "CVE-2022-42920", "GHSA-97xg-phpr-rg8q" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4ke8-hhhy-efbk" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/34431?format=api", "vulnerability_id": "VCID-a3xk-3wya-s3gm", "summary": "Multiple vulnerabilities have been found in IcedTea, the worst of which could result in arbitrary code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-21835.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-21835.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-21835", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00077", "scoring_system": "epss", "scoring_elements": "0.23206", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00077", "scoring_system": "epss", "scoring_elements": "0.2325", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00077", "scoring_system": "epss", "scoring_elements": "0.23039", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00077", "scoring_system": "epss", "scoring_elements": "0.23112", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00077", "scoring_system": "epss", "scoring_elements": "0.23165", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00077", "scoring_system": "epss", "scoring_elements": "0.23185", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00077", "scoring_system": "epss", "scoring_elements": "0.23147", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00077", "scoring_system": "epss", "scoring_elements": "0.23089", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-21835" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21618", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21618" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21619", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21619" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21624", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21624" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21626", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21626" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21628", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21628" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39399", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39399" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21835", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21835" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21843", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21843" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2160421", "reference_id": "2160421", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2160421" }, { "reference_url": "https://security.gentoo.org/glsa/202409-26", "reference_id": "GLSA-202409-26", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202409-26" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0190", "reference_id": "RHSA-2023:0190", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0190" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0191", "reference_id": "RHSA-2023:0191", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0191" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0192", "reference_id": "RHSA-2023:0192", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0192" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0193", "reference_id": "RHSA-2023:0193", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0193" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0194", "reference_id": "RHSA-2023:0194", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0194" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0195", "reference_id": "RHSA-2023:0195", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0195" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0196", "reference_id": "RHSA-2023:0196", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0196" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0197", "reference_id": "RHSA-2023:0197", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0197" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0198", "reference_id": "RHSA-2023:0198", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0198" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0199", "reference_id": "RHSA-2023:0199", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0199" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0200", "reference_id": "RHSA-2023:0200", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0200" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0201", "reference_id": "RHSA-2023:0201", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0201" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0202", "reference_id": "RHSA-2023:0202", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0202" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0352", "reference_id": "RHSA-2023:0352", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0352" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0353", "reference_id": "RHSA-2023:0353", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0353" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0388", "reference_id": "RHSA-2023:0388", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0388" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0389", "reference_id": "RHSA-2023:0389", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0389" }, { "reference_url": "https://usn.ubuntu.com/5897-1/", "reference_id": "USN-5897-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5897-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/85281?format=api", "purl": "pkg:ebuild/dev-java/openjdk@8.372_p07", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk@8.372_p07" }, { "url": "http://public2.vulnerablecode.io/api/packages/85282?format=api", "purl": "pkg:ebuild/dev-java/openjdk@11.0.19_p7", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk@11.0.19_p7" }, { "url": "http://public2.vulnerablecode.io/api/packages/85283?format=api", "purl": "pkg:ebuild/dev-java/openjdk@17.0.7_p7", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk@17.0.7_p7" } ], "aliases": [ "CVE-2023-21835" ], "risk_score": 2.4, "exploitability": "0.5", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-a3xk-3wya-s3gm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/34430?format=api", "vulnerability_id": "VCID-ecr4-rqud-gyhf", "summary": "Multiple vulnerabilities have been found in IcedTea, the worst of which could result in arbitrary code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-21830.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-21830.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-21830", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00126", "scoring_system": "epss", "scoring_elements": "0.3205", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00126", "scoring_system": "epss", "scoring_elements": "0.3209", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00126", "scoring_system": "epss", "scoring_elements": "0.31913", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00126", "scoring_system": "epss", "scoring_elements": "0.31964", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00126", "scoring_system": "epss", "scoring_elements": "0.31993", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00126", "scoring_system": "epss", "scoring_elements": "0.31997", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00126", "scoring_system": "epss", "scoring_elements": "0.31957", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00126", "scoring_system": "epss", "scoring_elements": "0.31923", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-21830" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2160490", "reference_id": "2160490", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2160490" }, { "reference_url": "https://security.gentoo.org/glsa/202409-26", "reference_id": "GLSA-202409-26", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202409-26" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0203", "reference_id": "RHSA-2023:0203", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0203" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0204", "reference_id": "RHSA-2023:0204", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0204" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0205", "reference_id": "RHSA-2023:0205", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0205" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0206", "reference_id": "RHSA-2023:0206", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0206" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0207", "reference_id": "RHSA-2023:0207", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0207" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0208", "reference_id": "RHSA-2023:0208", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0208" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0209", "reference_id": "RHSA-2023:0209", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0209" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0210", "reference_id": "RHSA-2023:0210", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0210" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0354", "reference_id": "RHSA-2023:0354", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0354" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0387", "reference_id": "RHSA-2023:0387", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0387" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3136", "reference_id": "RHSA-2023:3136", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3136" }, { "reference_url": "https://usn.ubuntu.com/5898-1/", "reference_id": "USN-5898-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5898-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/85281?format=api", "purl": "pkg:ebuild/dev-java/openjdk@8.372_p07", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk@8.372_p07" }, { "url": "http://public2.vulnerablecode.io/api/packages/85282?format=api", "purl": "pkg:ebuild/dev-java/openjdk@11.0.19_p7", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk@11.0.19_p7" }, { "url": "http://public2.vulnerablecode.io/api/packages/85283?format=api", "purl": "pkg:ebuild/dev-java/openjdk@17.0.7_p7", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk@17.0.7_p7" } ], "aliases": [ "CVE-2023-21830" ], "risk_score": 2.4, "exploitability": "0.5", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ecr4-rqud-gyhf" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/34425?format=api", "vulnerability_id": "VCID-fwv1-sj5y-xygd", "summary": "Multiple vulnerabilities have been found in IcedTea, the worst of which could result in arbitrary code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21619.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21619.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-21619", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00262", "scoring_system": "epss", "scoring_elements": "0.49517", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00262", "scoring_system": "epss", "scoring_elements": "0.49544", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00262", "scoring_system": "epss", "scoring_elements": "0.49496", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00262", "scoring_system": "epss", "scoring_elements": "0.49551", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00262", "scoring_system": "epss", "scoring_elements": "0.49546", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00262", "scoring_system": "epss", "scoring_elements": "0.49563", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00262", "scoring_system": "epss", "scoring_elements": "0.49535", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00262", "scoring_system": "epss", "scoring_elements": "0.49537", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-21619" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21618", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21618" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21619", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21619" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21624", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21624" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21626", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21626" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21628", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21628" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39399", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39399" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21835", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21835" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21843", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21843" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2133745", "reference_id": "2133745", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2133745" }, { "reference_url": "https://security.gentoo.org/glsa/202409-26", "reference_id": "GLSA-202409-26", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202409-26" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:6999", "reference_id": "RHSA-2022:6999", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:6999" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7000", "reference_id": "RHSA-2022:7000", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7000" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7001", "reference_id": "RHSA-2022:7001", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7001" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7002", "reference_id": "RHSA-2022:7002", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7002" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7003", "reference_id": "RHSA-2022:7003", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7003" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7004", "reference_id": "RHSA-2022:7004", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7004" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7005", "reference_id": "RHSA-2022:7005", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7005" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7006", "reference_id": "RHSA-2022:7006", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7006" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7007", "reference_id": "RHSA-2022:7007", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7007" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7008", "reference_id": "RHSA-2022:7008", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7008" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7009", "reference_id": "RHSA-2022:7009", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7009" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7010", "reference_id": "RHSA-2022:7010", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7010" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7011", "reference_id": "RHSA-2022:7011", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7011" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7012", "reference_id": "RHSA-2022:7012", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7012" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7013", "reference_id": "RHSA-2022:7013", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7013" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7049", "reference_id": "RHSA-2022:7049", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7049" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7050", "reference_id": "RHSA-2022:7050", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7050" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7051", "reference_id": "RHSA-2022:7051", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7051" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7052", "reference_id": "RHSA-2022:7052", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7052" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7053", "reference_id": "RHSA-2022:7053", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7053" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7054", "reference_id": "RHSA-2022:7054", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7054" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:8880", "reference_id": "RHSA-2022:8880", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:8880" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0128", "reference_id": "RHSA-2023:0128", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0128" }, { "reference_url": "https://usn.ubuntu.com/5719-1/", "reference_id": "USN-5719-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5719-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/85281?format=api", "purl": "pkg:ebuild/dev-java/openjdk@8.372_p07", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk@8.372_p07" }, { "url": "http://public2.vulnerablecode.io/api/packages/85282?format=api", "purl": "pkg:ebuild/dev-java/openjdk@11.0.19_p7", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk@11.0.19_p7" }, { "url": "http://public2.vulnerablecode.io/api/packages/85283?format=api", "purl": "pkg:ebuild/dev-java/openjdk@17.0.7_p7", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk@17.0.7_p7" } ], "aliases": [ "CVE-2022-21619" ], "risk_score": 1.6, "exploitability": "0.5", "weighted_severity": "3.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fwv1-sj5y-xygd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/34426?format=api", "vulnerability_id": "VCID-h2w2-8e43-j3g6", "summary": "Multiple vulnerabilities have been found in IcedTea, the worst of which could result in arbitrary code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21624.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21624.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-21624", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00201", "scoring_system": "epss", "scoring_elements": "0.42206", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00201", "scoring_system": "epss", "scoring_elements": "0.42234", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00201", "scoring_system": "epss", "scoring_elements": "0.42175", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00201", "scoring_system": "epss", "scoring_elements": "0.42226", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00201", "scoring_system": "epss", "scoring_elements": "0.42257", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00201", "scoring_system": "epss", "scoring_elements": "0.4222", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00201", "scoring_system": "epss", "scoring_elements": "0.42192", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-21624" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21618", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21618" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21619", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21619" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21624", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21624" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21626", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21626" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21628", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21628" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39399", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39399" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21835", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21835" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21843", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21843" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2133765", "reference_id": "2133765", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2133765" }, { "reference_url": "https://security.gentoo.org/glsa/202409-26", "reference_id": "GLSA-202409-26", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202409-26" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:6999", "reference_id": "RHSA-2022:6999", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:6999" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7000", "reference_id": "RHSA-2022:7000", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7000" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7001", "reference_id": "RHSA-2022:7001", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7001" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7002", "reference_id": "RHSA-2022:7002", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7002" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7003", "reference_id": "RHSA-2022:7003", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7003" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7004", "reference_id": "RHSA-2022:7004", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7004" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7005", "reference_id": "RHSA-2022:7005", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7005" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7006", "reference_id": "RHSA-2022:7006", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7006" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7007", "reference_id": "RHSA-2022:7007", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7007" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7008", "reference_id": "RHSA-2022:7008", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7008" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7009", "reference_id": "RHSA-2022:7009", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7009" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7010", "reference_id": "RHSA-2022:7010", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7010" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7011", "reference_id": "RHSA-2022:7011", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7011" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7012", "reference_id": "RHSA-2022:7012", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7012" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7013", "reference_id": "RHSA-2022:7013", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7013" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7049", "reference_id": "RHSA-2022:7049", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7049" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7050", "reference_id": "RHSA-2022:7050", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7050" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7051", "reference_id": "RHSA-2022:7051", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7051" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7052", "reference_id": "RHSA-2022:7052", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7052" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7053", "reference_id": "RHSA-2022:7053", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7053" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7054", "reference_id": "RHSA-2022:7054", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7054" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:8880", "reference_id": "RHSA-2022:8880", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:8880" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0128", "reference_id": "RHSA-2023:0128", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0128" }, { "reference_url": "https://usn.ubuntu.com/5719-1/", "reference_id": "USN-5719-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5719-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/85281?format=api", "purl": "pkg:ebuild/dev-java/openjdk@8.372_p07", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk@8.372_p07" }, { "url": "http://public2.vulnerablecode.io/api/packages/85282?format=api", "purl": "pkg:ebuild/dev-java/openjdk@11.0.19_p7", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk@11.0.19_p7" }, { "url": "http://public2.vulnerablecode.io/api/packages/85283?format=api", "purl": "pkg:ebuild/dev-java/openjdk@17.0.7_p7", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk@17.0.7_p7" } ], "aliases": [ "CVE-2022-21624" ], "risk_score": 1.6, "exploitability": "0.5", "weighted_severity": "3.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-h2w2-8e43-j3g6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/34429?format=api", "vulnerability_id": "VCID-jm9f-9y4b-qye7", "summary": "Multiple vulnerabilities have been found in IcedTea, the worst of which could result in arbitrary code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-39399.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-39399.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-39399", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00286", "scoring_system": "epss", "scoring_elements": "0.52035", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00286", "scoring_system": "epss", "scoring_elements": "0.52061", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00286", "scoring_system": "epss", "scoring_elements": "0.52027", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00286", "scoring_system": "epss", "scoring_elements": "0.52081", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00286", "scoring_system": "epss", "scoring_elements": "0.52077", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00286", "scoring_system": "epss", "scoring_elements": "0.52129", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00286", "scoring_system": "epss", "scoring_elements": "0.52113", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00286", "scoring_system": "epss", "scoring_elements": "0.52098", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-39399" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21618", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21618" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21619", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21619" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21624", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21624" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21626", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21626" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21628", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21628" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39399", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39399" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21835", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21835" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21843", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21843" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2133776", "reference_id": "2133776", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2133776" }, { "reference_url": "https://security.gentoo.org/glsa/202409-26", "reference_id": "GLSA-202409-26", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202409-26" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:6999", "reference_id": "RHSA-2022:6999", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:6999" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7000", "reference_id": "RHSA-2022:7000", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7000" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7001", "reference_id": "RHSA-2022:7001", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7001" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7008", "reference_id": "RHSA-2022:7008", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7008" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7009", "reference_id": "RHSA-2022:7009", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7009" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7010", "reference_id": "RHSA-2022:7010", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7010" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7011", "reference_id": "RHSA-2022:7011", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7011" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7012", "reference_id": "RHSA-2022:7012", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7012" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7013", "reference_id": "RHSA-2022:7013", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7013" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7051", "reference_id": "RHSA-2022:7051", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7051" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7052", "reference_id": "RHSA-2022:7052", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7052" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7053", "reference_id": "RHSA-2022:7053", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7053" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7054", "reference_id": "RHSA-2022:7054", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7054" }, { "reference_url": "https://usn.ubuntu.com/5719-1/", "reference_id": "USN-5719-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5719-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/85281?format=api", "purl": "pkg:ebuild/dev-java/openjdk@8.372_p07", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk@8.372_p07" }, { "url": "http://public2.vulnerablecode.io/api/packages/85282?format=api", "purl": "pkg:ebuild/dev-java/openjdk@11.0.19_p7", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk@11.0.19_p7" }, { "url": "http://public2.vulnerablecode.io/api/packages/85283?format=api", "purl": "pkg:ebuild/dev-java/openjdk@17.0.7_p7", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk@17.0.7_p7" } ], "aliases": [ "CVE-2022-39399" ], "risk_score": 1.6, "exploitability": "0.5", "weighted_severity": "3.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jm9f-9y4b-qye7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/34424?format=api", "vulnerability_id": "VCID-m3e1-5tfw-uyhv", "summary": "Multiple vulnerabilities have been found in IcedTea, the worst of which could result in arbitrary code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21618.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21618.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-21618", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00292", "scoring_system": "epss", "scoring_elements": "0.52551", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00292", "scoring_system": "epss", "scoring_elements": "0.52577", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00292", "scoring_system": "epss", "scoring_elements": "0.52544", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00292", "scoring_system": "epss", "scoring_elements": "0.52595", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00292", "scoring_system": "epss", "scoring_elements": "0.52589", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00292", "scoring_system": "epss", "scoring_elements": "0.52639", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00292", "scoring_system": "epss", "scoring_elements": "0.52623", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00292", "scoring_system": "epss", "scoring_elements": "0.52609", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-21618" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21618", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21618" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21619", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21619" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21624", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21624" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21628", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21628" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39399", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39399" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21835", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21835" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21843", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21843" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2133817", "reference_id": "2133817", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2133817" }, { "reference_url": "https://security.gentoo.org/glsa/202409-26", "reference_id": "GLSA-202409-26", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202409-26" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:6999", "reference_id": "RHSA-2022:6999", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:6999" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7000", "reference_id": "RHSA-2022:7000", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7000" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7001", "reference_id": "RHSA-2022:7001", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7001" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7008", "reference_id": "RHSA-2022:7008", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7008" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7009", "reference_id": "RHSA-2022:7009", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7009" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7010", "reference_id": "RHSA-2022:7010", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7010" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7011", "reference_id": "RHSA-2022:7011", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7011" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7012", "reference_id": "RHSA-2022:7012", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7012" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7013", "reference_id": "RHSA-2022:7013", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7013" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7051", "reference_id": "RHSA-2022:7051", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7051" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7052", "reference_id": "RHSA-2022:7052", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7052" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7053", "reference_id": "RHSA-2022:7053", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7053" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7054", "reference_id": "RHSA-2022:7054", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7054" }, { "reference_url": "https://usn.ubuntu.com/5719-1/", "reference_id": "USN-5719-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5719-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/85281?format=api", "purl": "pkg:ebuild/dev-java/openjdk@8.372_p07", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk@8.372_p07" }, { "url": "http://public2.vulnerablecode.io/api/packages/85282?format=api", "purl": "pkg:ebuild/dev-java/openjdk@11.0.19_p7", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk@11.0.19_p7" }, { "url": "http://public2.vulnerablecode.io/api/packages/85283?format=api", "purl": "pkg:ebuild/dev-java/openjdk@17.0.7_p7", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk@17.0.7_p7" } ], "aliases": [ "CVE-2022-21618" ], "risk_score": 2.4, "exploitability": "0.5", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-m3e1-5tfw-uyhv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/53969?format=api", "vulnerability_id": "VCID-rfs8-njaq-qkc8", "summary": "Apache Xalan Java XSLT library integer truncation issue when processing malicious XSLT stylesheets\nThe Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets. This can be used to corrupt Java class files generated by the internal XSLTC compiler and execute arbitrary Java bytecode.\n\nA fix for this issue was published in September 2022 as part of an anticipated 2.7.3 release.", "references": [ { "reference_url": "http://packetstormsecurity.com/files/168186/Xalan-J-XSLTC-Integer-Truncation.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://packetstormsecurity.com/files/168186/Xalan-J-XSLTC-Integer-Truncation.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-34169.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-34169.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-34169", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.06658", "scoring_system": "epss", "scoring_elements": "0.91212", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.06658", "scoring_system": "epss", "scoring_elements": "0.91206", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.06658", "scoring_system": "epss", "scoring_elements": "0.91199", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.06658", "scoring_system": "epss", "scoring_elements": "0.91186", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.06658", "scoring_system": "epss", "scoring_elements": "0.91216", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.06658", "scoring_system": "epss", "scoring_elements": "0.91215", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.08992", "scoring_system": "epss", "scoring_elements": "0.92592", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.08992", "scoring_system": "epss", "scoring_elements": "0.92585", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-34169" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21540", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21540" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21541", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21541" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21549", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21549" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34169", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34169" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://gitbox.apache.org/repos/asf?p=xalan-java.git", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://gitbox.apache.org/repos/asf?p=xalan-java.git" }, { "reference_url": "https://gitbox.apache.org/repos/asf?p=xalan-java.git;a=commit;h=2e60d0a9a5b822c4abf9051857973b1c6babfe81", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://gitbox.apache.org/repos/asf?p=xalan-java.git;a=commit;h=2e60d0a9a5b822c4abf9051857973b1c6babfe81" }, { "reference_url": "https://gitbox.apache.org/repos/asf?p=xalan-java.git;a=commit;h=ab57211e5d2e97cbed06786f919fa9b749c83573", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://gitbox.apache.org/repos/asf?p=xalan-java.git;a=commit;h=ab57211e5d2e97cbed06786f919fa9b749c83573" }, { "reference_url": "https://gitbox.apache.org/repos/asf?p=xalan-java.git;a=commit;h=da3e0d06b467247643ce04e88d3346739d119f21", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://gitbox.apache.org/repos/asf?p=xalan-java.git;a=commit;h=da3e0d06b467247643ce04e88d3346739d119f21" }, { "reference_url": "https://lists.apache.org/thread/12pxy4phsry6c34x2ol4fft6xlho4kyw", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread/12pxy4phsry6c34x2ol4fft6xlho4kyw" }, { "reference_url": "https://lists.apache.org/thread/2qvl7r43wb4t8p9dd9om1bnkssk07sn8", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread/2qvl7r43wb4t8p9dd9om1bnkssk07sn8" }, { "reference_url": "https://lists.apache.org/thread/x3f7xv3p1g32qj2hlg8wd57pwcpld471", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread/x3f7xv3p1g32qj2hlg8wd57pwcpld471" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2022/10/msg00024.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.debian.org/debian-lts-announce/2022/10/msg00024.html" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/H4YNJSJ64NPCNKFPNBYITNZU5H3L4D6L", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/H4YNJSJ64NPCNKFPNBYITNZU5H3L4D6L" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I5OZNAZJ4YHLOKRRRZSWRT5OJ25E4XLM", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I5OZNAZJ4YHLOKRRRZSWRT5OJ25E4XLM" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JN3EVGR7FD3ZLV5SBTJXUIDCMSK4QUE2", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JN3EVGR7FD3ZLV5SBTJXUIDCMSK4QUE2" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KO3DXNKZ4EU3UZBT6AAR4XRKCD73KLMO", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KO3DXNKZ4EU3UZBT6AAR4XRKCD73KLMO" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L3XPOTPPBZIPFBZHQE5E7OW6PDACUMCJ", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L3XPOTPPBZIPFBZHQE5E7OW6PDACUMCJ" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YULPNO3PAWMEQQZV2C54I3H3ZOXFZUTB", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YULPNO3PAWMEQQZV2C54I3H3ZOXFZUTB" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/H4YNJSJ64NPCNKFPNBYITNZU5H3L4D6L", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/H4YNJSJ64NPCNKFPNBYITNZU5H3L4D6L" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I5OZNAZJ4YHLOKRRRZSWRT5OJ25E4XLM", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I5OZNAZJ4YHLOKRRRZSWRT5OJ25E4XLM" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JN3EVGR7FD3ZLV5SBTJXUIDCMSK4QUE2", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JN3EVGR7FD3ZLV5SBTJXUIDCMSK4QUE2" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KO3DXNKZ4EU3UZBT6AAR4XRKCD73KLMO", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KO3DXNKZ4EU3UZBT6AAR4XRKCD73KLMO" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L3XPOTPPBZIPFBZHQE5E7OW6PDACUMCJ", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L3XPOTPPBZIPFBZHQE5E7OW6PDACUMCJ" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YULPNO3PAWMEQQZV2C54I3H3ZOXFZUTB", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YULPNO3PAWMEQQZV2C54I3H3ZOXFZUTB" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-34169", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-34169" }, { "reference_url": "https://security.gentoo.org/glsa/202401-25", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.gentoo.org/glsa/202401-25" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20220729-0009", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.netapp.com/advisory/ntap-20220729-0009" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20240621-0006", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.netapp.com/advisory/ntap-20240621-0006" }, { "reference_url": "https://www.debian.org/security/2022/dsa-5188", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.debian.org/security/2022/dsa-5188" }, { "reference_url": "https://www.debian.org/security/2022/dsa-5192", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.debian.org/security/2022/dsa-5192" }, { "reference_url": "https://www.debian.org/security/2022/dsa-5256", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.debian.org/security/2022/dsa-5256" }, { "reference_url": "https://www.oracle.com/security-alerts/cpujul2022.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.oracle.com/security-alerts/cpujul2022.html" }, { "reference_url": "https://xalan.apache.org", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://xalan.apache.org" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2022/07/19/5", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.openwall.com/lists/oss-security/2022/07/19/5" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2022/07/19/6", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.openwall.com/lists/oss-security/2022/07/19/6" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2022/07/20/2", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.openwall.com/lists/oss-security/2022/07/20/2" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2022/07/20/3", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.openwall.com/lists/oss-security/2022/07/20/3" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2022/10/18/2", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.openwall.com/lists/oss-security/2022/10/18/2" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2022/11/04/8", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.openwall.com/lists/oss-security/2022/11/04/8" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2022/11/07/2", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.openwall.com/lists/oss-security/2022/11/07/2" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1015860", "reference_id": "1015860", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1015860" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2108554", "reference_id": "2108554", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2108554" }, { "reference_url": "https://github.com/advisories/GHSA-9339-86wc-4qgf", "reference_id": "GHSA-9339-86wc-4qgf", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-9339-86wc-4qgf" }, { "reference_url": "https://security.gentoo.org/glsa/202405-16", "reference_id": "GLSA-202405-16", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202405-16" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5681", "reference_id": "RHSA-2022:5681", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5681" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5683", "reference_id": "RHSA-2022:5683", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5683" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5684", "reference_id": "RHSA-2022:5684", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5684" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5685", "reference_id": "RHSA-2022:5685", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5685" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5687", "reference_id": "RHSA-2022:5687", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5687" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5695", "reference_id": "RHSA-2022:5695", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5695" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5696", "reference_id": "RHSA-2022:5696", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5696" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5697", "reference_id": "RHSA-2022:5697", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5697" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5698", "reference_id": "RHSA-2022:5698", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5698" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5700", "reference_id": "RHSA-2022:5700", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5700" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5701", "reference_id": "RHSA-2022:5701", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5701" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5709", "reference_id": "RHSA-2022:5709", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5709" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5726", "reference_id": "RHSA-2022:5726", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5726" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5736", "reference_id": "RHSA-2022:5736", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5736" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5753", "reference_id": "RHSA-2022:5753", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5753" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5754", "reference_id": "RHSA-2022:5754", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5754" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5755", "reference_id": "RHSA-2022:5755", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5755" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5756", "reference_id": "RHSA-2022:5756", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5756" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5757", "reference_id": "RHSA-2022:5757", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5757" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5758", "reference_id": "RHSA-2022:5758", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5758" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:3708", "reference_id": "RHSA-2024:3708", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:3708" }, { "reference_url": "https://usn.ubuntu.com/5546-1/", "reference_id": "USN-5546-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5546-1/" }, { "reference_url": "https://usn.ubuntu.com/5546-2/", "reference_id": "USN-5546-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5546-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/85281?format=api", "purl": "pkg:ebuild/dev-java/openjdk@8.372_p07", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk@8.372_p07" }, { "url": "http://public2.vulnerablecode.io/api/packages/85282?format=api", "purl": "pkg:ebuild/dev-java/openjdk@11.0.19_p7", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk@11.0.19_p7" }, { "url": "http://public2.vulnerablecode.io/api/packages/85283?format=api", "purl": "pkg:ebuild/dev-java/openjdk@17.0.7_p7", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk@17.0.7_p7" } ], "aliases": [ "CVE-2022-34169", "GHSA-9339-86wc-4qgf" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-rfs8-njaq-qkc8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/60301?format=api", "vulnerability_id": "VCID-t4r8-ujpb-5kdk", "summary": "Multiple vulnerabilities have been discovered in OpenJDK, the worst of which can lead to remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21541.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21541.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-21541", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00401", "scoring_system": "epss", "scoring_elements": "0.60711", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00401", "scoring_system": "epss", "scoring_elements": "0.60761", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00401", "scoring_system": "epss", "scoring_elements": "0.60741", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00401", "scoring_system": "epss", "scoring_elements": "0.60706", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00401", "scoring_system": "epss", "scoring_elements": "0.60755", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00401", "scoring_system": "epss", "scoring_elements": "0.6077", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00401", "scoring_system": "epss", "scoring_elements": "0.60795", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00401", "scoring_system": "epss", "scoring_elements": "0.60781", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-21541" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21540", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21540" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21541", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21541" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21549", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21549" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34169", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34169" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2108543", "reference_id": "2108543", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2108543" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/H4YNJSJ64NPCNKFPNBYITNZU5H3L4D6L/", "reference_id": "H4YNJSJ64NPCNKFPNBYITNZU5H3L4D6L", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-11T20:42:01Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/H4YNJSJ64NPCNKFPNBYITNZU5H3L4D6L/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I5OZNAZJ4YHLOKRRRZSWRT5OJ25E4XLM/", "reference_id": "I5OZNAZJ4YHLOKRRRZSWRT5OJ25E4XLM", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-11T20:42:01Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I5OZNAZJ4YHLOKRRRZSWRT5OJ25E4XLM/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JN3EVGR7FD3ZLV5SBTJXUIDCMSK4QUE2/", "reference_id": "JN3EVGR7FD3ZLV5SBTJXUIDCMSK4QUE2", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-11T20:42:01Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JN3EVGR7FD3ZLV5SBTJXUIDCMSK4QUE2/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KO3DXNKZ4EU3UZBT6AAR4XRKCD73KLMO/", "reference_id": "KO3DXNKZ4EU3UZBT6AAR4XRKCD73KLMO", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-11T20:42:01Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KO3DXNKZ4EU3UZBT6AAR4XRKCD73KLMO/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L3XPOTPPBZIPFBZHQE5E7OW6PDACUMCJ/", "reference_id": "L3XPOTPPBZIPFBZHQE5E7OW6PDACUMCJ", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-11T20:42:01Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L3XPOTPPBZIPFBZHQE5E7OW6PDACUMCJ/" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20220729-0009/", "reference_id": "ntap-20220729-0009", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-11T20:42:01Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20220729-0009/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5681", "reference_id": "RHSA-2022:5681", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5681" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5683", "reference_id": "RHSA-2022:5683", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5683" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5684", "reference_id": "RHSA-2022:5684", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5684" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5685", "reference_id": "RHSA-2022:5685", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5685" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5687", "reference_id": "RHSA-2022:5687", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5687" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5695", "reference_id": "RHSA-2022:5695", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5695" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5696", "reference_id": "RHSA-2022:5696", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5696" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5697", "reference_id": "RHSA-2022:5697", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5697" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5698", "reference_id": "RHSA-2022:5698", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5698" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5700", "reference_id": "RHSA-2022:5700", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5700" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5701", "reference_id": "RHSA-2022:5701", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5701" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5709", "reference_id": "RHSA-2022:5709", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5709" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5726", "reference_id": "RHSA-2022:5726", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5726" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5736", "reference_id": "RHSA-2022:5736", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5736" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5753", "reference_id": "RHSA-2022:5753", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5753" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5754", "reference_id": "RHSA-2022:5754", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5754" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5755", "reference_id": "RHSA-2022:5755", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5755" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5756", "reference_id": "RHSA-2022:5756", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5756" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5757", "reference_id": "RHSA-2022:5757", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5757" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5758", "reference_id": "RHSA-2022:5758", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5758" }, { "reference_url": "https://usn.ubuntu.com/5546-1/", "reference_id": "USN-5546-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5546-1/" }, { "reference_url": "https://usn.ubuntu.com/5546-2/", "reference_id": "USN-5546-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5546-2/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YULPNO3PAWMEQQZV2C54I3H3ZOXFZUTB/", "reference_id": "YULPNO3PAWMEQQZV2C54I3H3ZOXFZUTB", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-11T20:42:01Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YULPNO3PAWMEQQZV2C54I3H3ZOXFZUTB/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/85281?format=api", "purl": "pkg:ebuild/dev-java/openjdk@8.372_p07", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk@8.372_p07" }, { "url": "http://public2.vulnerablecode.io/api/packages/85282?format=api", "purl": "pkg:ebuild/dev-java/openjdk@11.0.19_p7", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk@11.0.19_p7" }, { "url": "http://public2.vulnerablecode.io/api/packages/85283?format=api", "purl": "pkg:ebuild/dev-java/openjdk@17.0.7_p7", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk@17.0.7_p7" } ], "aliases": [ "CVE-2022-21541" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-t4r8-ujpb-5kdk" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/34427?format=api", "vulnerability_id": "VCID-t5sp-ea5b-f7af", "summary": "Multiple vulnerabilities have been found in IcedTea, the worst of which could result in arbitrary code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21626.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21626.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-21626", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00242", "scoring_system": "epss", "scoring_elements": "0.47467", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00242", "scoring_system": "epss", "scoring_elements": "0.47488", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00242", "scoring_system": "epss", "scoring_elements": "0.47437", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00242", "scoring_system": "epss", "scoring_elements": "0.47492", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00242", "scoring_system": "epss", "scoring_elements": "0.4749", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00242", "scoring_system": "epss", "scoring_elements": "0.47511", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00242", "scoring_system": "epss", "scoring_elements": "0.47487", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00242", "scoring_system": "epss", "scoring_elements": "0.47494", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-21626" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21619", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21619" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21624", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21624" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21626", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21626" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21628", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21628" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39399", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39399" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21835", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21835" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21843", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21843" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2133753", "reference_id": "2133753", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2133753" }, { "reference_url": "https://security.gentoo.org/glsa/202409-26", "reference_id": "GLSA-202409-26", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202409-26" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:6999", "reference_id": "RHSA-2022:6999", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:6999" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7000", "reference_id": "RHSA-2022:7000", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7000" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7001", "reference_id": "RHSA-2022:7001", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7001" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7002", "reference_id": "RHSA-2022:7002", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7002" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7003", "reference_id": "RHSA-2022:7003", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7003" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7004", "reference_id": "RHSA-2022:7004", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7004" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7005", "reference_id": "RHSA-2022:7005", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7005" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7006", "reference_id": "RHSA-2022:7006", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7006" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7007", "reference_id": "RHSA-2022:7007", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7007" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7008", "reference_id": "RHSA-2022:7008", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7008" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7009", "reference_id": "RHSA-2022:7009", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7009" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7010", "reference_id": "RHSA-2022:7010", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7010" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7011", "reference_id": "RHSA-2022:7011", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7011" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7012", "reference_id": "RHSA-2022:7012", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7012" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7013", "reference_id": "RHSA-2022:7013", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7013" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7049", "reference_id": "RHSA-2022:7049", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7049" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7050", "reference_id": "RHSA-2022:7050", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7050" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7051", "reference_id": "RHSA-2022:7051", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7051" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7052", "reference_id": "RHSA-2022:7052", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7052" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7053", "reference_id": "RHSA-2022:7053", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7053" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7054", "reference_id": "RHSA-2022:7054", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7054" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:8880", "reference_id": "RHSA-2022:8880", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:8880" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0128", "reference_id": "RHSA-2023:0128", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0128" }, { "reference_url": "https://usn.ubuntu.com/5719-1/", "reference_id": "USN-5719-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5719-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/85281?format=api", "purl": "pkg:ebuild/dev-java/openjdk@8.372_p07", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk@8.372_p07" }, { "url": "http://public2.vulnerablecode.io/api/packages/85282?format=api", "purl": "pkg:ebuild/dev-java/openjdk@11.0.19_p7", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk@11.0.19_p7" }, { "url": "http://public2.vulnerablecode.io/api/packages/85283?format=api", "purl": "pkg:ebuild/dev-java/openjdk@17.0.7_p7", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk@17.0.7_p7" } ], "aliases": [ "CVE-2022-21626" ], "risk_score": 2.4, "exploitability": "0.5", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-t5sp-ea5b-f7af" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/34428?format=api", "vulnerability_id": "VCID-um54-6ggz-gqf9", "summary": "Multiple vulnerabilities have been found in IcedTea, the worst of which could result in arbitrary code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21628.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21628.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-21628", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00248", "scoring_system": "epss", "scoring_elements": "0.48077", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00248", "scoring_system": "epss", "scoring_elements": "0.48105", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00248", "scoring_system": "epss", "scoring_elements": "0.48098", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00248", "scoring_system": "epss", "scoring_elements": "0.48048", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00248", "scoring_system": "epss", "scoring_elements": "0.48101", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00248", "scoring_system": "epss", "scoring_elements": "0.48096", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00248", "scoring_system": "epss", "scoring_elements": "0.48119", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00248", "scoring_system": "epss", "scoring_elements": "0.48094", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-21628" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21618", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21618" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21619", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21619" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21624", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21624" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21626", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21626" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21628", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21628" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39399", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39399" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21835", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21835" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21843", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21843" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2133769", "reference_id": "2133769", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2133769" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/37QDWJBGEPP65X43NXQTXQ7KASLUHON6/", "reference_id": "37QDWJBGEPP65X43NXQTXQ7KASLUHON6", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-23T16:44:33Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/37QDWJBGEPP65X43NXQTXQ7KASLUHON6/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3ARF4QF4N3X5GSFHXUBWARGLISGKJ33R/", "reference_id": "3ARF4QF4N3X5GSFHXUBWARGLISGKJ33R", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-23T16:44:33Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3ARF4QF4N3X5GSFHXUBWARGLISGKJ33R/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3QLQ7OD33W6LT3HWI7VYDFFJLV75Y73K/", "reference_id": "3QLQ7OD33W6LT3HWI7VYDFFJLV75Y73K", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-23T16:44:33Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3QLQ7OD33W6LT3HWI7VYDFFJLV75Y73K/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EXSBV3W6EP6B7XJ63Z2FPVBH6HAPGJ5T/", "reference_id": "EXSBV3W6EP6B7XJ63Z2FPVBH6HAPGJ5T", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-23T16:44:33Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EXSBV3W6EP6B7XJ63Z2FPVBH6HAPGJ5T/" }, { "reference_url": "https://security.gentoo.org/glsa/202409-26", "reference_id": "GLSA-202409-26", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202409-26" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HNGMDNIHAA73BEX6XPA2IMXJSGOKKYE6/", "reference_id": "HNGMDNIHAA73BEX6XPA2IMXJSGOKKYE6", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-23T16:44:33Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HNGMDNIHAA73BEX6XPA2IMXJSGOKKYE6/" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20221028-0012/", "reference_id": "ntap-20221028-0012", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-23T16:44:33Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20221028-0012/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PB3CIGOFG7CENUVVE4FFZT2HI5FO77XU/", "reference_id": "PB3CIGOFG7CENUVVE4FFZT2HI5FO77XU", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-23T16:44:33Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PB3CIGOFG7CENUVVE4FFZT2HI5FO77XU/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:6999", "reference_id": "RHSA-2022:6999", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:6999" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7000", "reference_id": "RHSA-2022:7000", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7000" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7001", "reference_id": "RHSA-2022:7001", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7001" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7002", "reference_id": "RHSA-2022:7002", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7002" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7003", "reference_id": "RHSA-2022:7003", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7003" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7004", "reference_id": "RHSA-2022:7004", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7004" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7005", "reference_id": "RHSA-2022:7005", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7005" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7006", "reference_id": "RHSA-2022:7006", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7006" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7007", "reference_id": "RHSA-2022:7007", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7007" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7008", "reference_id": "RHSA-2022:7008", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7008" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7009", "reference_id": "RHSA-2022:7009", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7009" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7010", "reference_id": "RHSA-2022:7010", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7010" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7011", "reference_id": "RHSA-2022:7011", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7011" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7012", "reference_id": "RHSA-2022:7012", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7012" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7013", "reference_id": "RHSA-2022:7013", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7013" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7049", "reference_id": "RHSA-2022:7049", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7049" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7050", "reference_id": "RHSA-2022:7050", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7050" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7051", "reference_id": "RHSA-2022:7051", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7051" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7052", "reference_id": "RHSA-2022:7052", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7052" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7053", "reference_id": "RHSA-2022:7053", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7053" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7054", "reference_id": "RHSA-2022:7054", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7054" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:8880", "reference_id": "RHSA-2022:8880", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:8880" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0128", "reference_id": "RHSA-2023:0128", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0128" }, { "reference_url": "https://usn.ubuntu.com/5719-1/", "reference_id": "USN-5719-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5719-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/85281?format=api", "purl": "pkg:ebuild/dev-java/openjdk@8.372_p07", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk@8.372_p07" }, { "url": "http://public2.vulnerablecode.io/api/packages/85282?format=api", "purl": "pkg:ebuild/dev-java/openjdk@11.0.19_p7", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk@11.0.19_p7" }, { "url": "http://public2.vulnerablecode.io/api/packages/85283?format=api", "purl": "pkg:ebuild/dev-java/openjdk@17.0.7_p7", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk@17.0.7_p7" } ], "aliases": [ "CVE-2022-21628" ], "risk_score": 2.4, "exploitability": "0.5", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-um54-6ggz-gqf9" } ], "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk@17.0.7_p7" }