Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/933559?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/933559?format=api", "purl": "pkg:deb/debian/openjdk-11@0?distro=sid", "type": "deb", "namespace": "debian", "name": "openjdk-11", "version": "0", "qualifiers": { "distro": "sid" }, "subpath": "", "is_vulnerable": false, "next_non_vulnerable_version": "11.0.1+13-1", "latest_non_vulnerable_version": "11.0.31~10ea-2", "affected_by_vulnerabilities": [], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/81946?format=api", "vulnerability_id": "VCID-4fz7-854p-3qa5", "summary": "OpenJDK: FilePermission checks not preformed correctly on Windows (Libraries, 8213429)", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00064.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-01T16:15:00Z/" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00064.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00066.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-01T16:15:00Z/" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00066.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00031.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-01T16:15:00Z/" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00031.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-2933.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-2933.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-2933", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00507", "scoring_system": "epss", "scoring_elements": "0.6631", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00507", "scoring_system": "epss", "scoring_elements": "0.6624", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00507", "scoring_system": "epss", "scoring_elements": "0.66284", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00507", "scoring_system": "epss", "scoring_elements": "0.66298", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00507", "scoring_system": "epss", "scoring_elements": "0.66318", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00507", "scoring_system": "epss", "scoring_elements": "0.66305", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00507", "scoring_system": "epss", "scoring_elements": "0.66273", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00507", "scoring_system": "epss", "scoring_elements": "0.66308", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00507", "scoring_system": "epss", "scoring_elements": "0.66324", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00507", "scoring_system": "epss", "scoring_elements": "0.662", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00507", "scoring_system": "epss", "scoring_elements": "0.66267", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00507", "scoring_system": "epss", "scoring_elements": "0.66237", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-2933" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10315", "reference_id": "", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-01T16:15:00Z/" } ], "url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10315" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2019/12/msg00005.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-01T16:15:00Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2019/12/msg00005.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20191017-0001/", "reference_id": "", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-01T16:15:00Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20191017-0001/" }, { "reference_url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-01T16:15:00Z/" } ], "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1777981", "reference_id": "1777981", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1777981" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mcafee:epolicy_orchestrator:5.10.0:-:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mcafee:epolicy_orchestrator:5.10.0:-:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mcafee:epolicy_orchestrator:5.10.0:-:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mcafee:epolicy_orchestrator:5.10.0:update_1:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mcafee:epolicy_orchestrator:5.10.0:update_1:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mcafee:epolicy_orchestrator:5.10.0:update_1:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mcafee:epolicy_orchestrator:5.10.0:update_2:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mcafee:epolicy_orchestrator:5.10.0:update_2:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mcafee:epolicy_orchestrator:5.10.0:update_2:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mcafee:epolicy_orchestrator:5.10.0:update_3:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mcafee:epolicy_orchestrator:5.10.0:update_3:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mcafee:epolicy_orchestrator:5.10.0:update_3:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mcafee:epolicy_orchestrator:5.10.0:update_4:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mcafee:epolicy_orchestrator:5.10.0:update_4:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mcafee:epolicy_orchestrator:5.10.0:update_4:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mcafee:epolicy_orchestrator:5.10.0:update_5:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mcafee:epolicy_orchestrator:5.10.0:update_5:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mcafee:epolicy_orchestrator:5.10.0:update_5:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mcafee:epolicy_orchestrator:5.10.0:update_6:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mcafee:epolicy_orchestrator:5.10.0:update_6:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mcafee:epolicy_orchestrator:5.10.0:update_6:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mcafee:epolicy_orchestrator:5.9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mcafee:epolicy_orchestrator:5.9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mcafee:epolicy_orchestrator:5.9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mcafee:epolicy_orchestrator:5.9.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:mcafee:epolicy_orchestrator:5.9.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mcafee:epolicy_orchestrator:5.9.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:11.0.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:jdk:11.0.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:11.0.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:13.0.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:jdk:13.0.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:13.0.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.7.0:update231:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:jdk:1.7.0:update231:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.7.0:update231:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.8.0:update221:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:jdk:1.8.0:update221:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.8.0:update221:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:11.0.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:jre:11.0.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:11.0.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:13.0.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:jre:13.0.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:13.0.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.7.0:update231:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:jre:1.7.0:update231:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.7.0:update231:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.8.0:update221:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:jre:1.8.0:update221:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.8.0:update221:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-2933", "reference_id": "CVE-2019-2933", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:N/A:N" }, { "value": "3.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-2933" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/933559?format=api", "purl": "pkg:deb/debian/openjdk-11@0?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@0%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933555?format=api", "purl": "pkg:deb/debian/openjdk-11@11.0.24%2B8-2~deb11u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.24%252B8-2~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933557?format=api", "purl": "pkg:deb/debian/openjdk-11@11.0.31~6ea-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.31~6ea-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1062445?format=api", "purl": "pkg:deb/debian/openjdk-11@11.0.31~10ea-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.31~10ea-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1067591?format=api", "purl": "pkg:deb/debian/openjdk-11@11.0.31~10ea-2?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.31~10ea-2%3Fdistro=sid" } ], "aliases": [ "CVE-2019-2933" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4fz7-854p-3qa5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/34337?format=api", "vulnerability_id": "VCID-7jyy-8x35-wbba", "summary": "Multiple vulnerabilities have been found in OpenJDK, the worst of which could result in denial of service.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-2432.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-2432.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-2432", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00233", "scoring_system": "epss", "scoring_elements": "0.4612", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00233", "scoring_system": "epss", "scoring_elements": "0.4616", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00233", "scoring_system": "epss", "scoring_elements": "0.46184", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00233", "scoring_system": "epss", "scoring_elements": "0.4618", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00233", "scoring_system": "epss", "scoring_elements": "0.46128", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00233", "scoring_system": "epss", "scoring_elements": "0.46185", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00233", "scoring_system": "epss", "scoring_elements": "0.46183", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00233", "scoring_system": "epss", "scoring_elements": "0.46206", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00233", "scoring_system": "epss", "scoring_elements": "0.46178", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00233", "scoring_system": "epss", "scoring_elements": "0.46187", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00233", "scoring_system": "epss", "scoring_elements": "0.46243", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00233", "scoring_system": "epss", "scoring_elements": "0.4624", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-2432" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1994980", "reference_id": "1994980", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1994980" }, { "reference_url": "https://security.gentoo.org/glsa/202209-05", "reference_id": "GLSA-202209-05", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-25T19:15:34Z/" } ], "url": "https://security.gentoo.org/glsa/202209-05" }, { "reference_url": "https://security.gentoo.org/glsa/202409-26", "reference_id": "GLSA-202409-26", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202409-26" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20210723-0002/", "reference_id": "ntap-20210723-0002", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-25T19:15:34Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20210723-0002/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3293", "reference_id": "RHSA-2021:3293", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3293" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/933559?format=api", "purl": "pkg:deb/debian/openjdk-11@0?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@0%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933555?format=api", "purl": "pkg:deb/debian/openjdk-11@11.0.24%2B8-2~deb11u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.24%252B8-2~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933557?format=api", "purl": "pkg:deb/debian/openjdk-11@11.0.31~6ea-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.31~6ea-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1062445?format=api", "purl": "pkg:deb/debian/openjdk-11@11.0.31~10ea-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.31~10ea-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1067591?format=api", "purl": "pkg:deb/debian/openjdk-11@11.0.31~10ea-2?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.31~10ea-2%3Fdistro=sid" } ], "aliases": [ "CVE-2021-2432" ], "risk_score": 1.6, "exploitability": "0.5", "weighted_severity": "3.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-7jyy-8x35-wbba" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/34352?format=api", "vulnerability_id": "VCID-arwd-bvw4-gya1", "summary": "Multiple vulnerabilities have been found in OpenJDK, the worst of which could result in denial of service.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-21271", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00589", "scoring_system": "epss", "scoring_elements": "0.69176", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00589", "scoring_system": "epss", "scoring_elements": "0.6912", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00589", "scoring_system": "epss", "scoring_elements": "0.69101", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00589", "scoring_system": "epss", "scoring_elements": "0.69151", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00589", "scoring_system": "epss", "scoring_elements": "0.69171", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00589", "scoring_system": "epss", "scoring_elements": "0.69192", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00589", "scoring_system": "epss", "scoring_elements": "0.69177", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00589", "scoring_system": "epss", "scoring_elements": "0.69148", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00589", "scoring_system": "epss", "scoring_elements": "0.69188", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00589", "scoring_system": "epss", "scoring_elements": "0.69196", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00589", "scoring_system": "epss", "scoring_elements": "0.69098", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-21271" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://security.gentoo.org/glsa/202209-05", "reference_id": "GLSA-202209-05", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-24T17:35:28Z/" } ], "url": "https://security.gentoo.org/glsa/202209-05" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20220121-0007/", "reference_id": "ntap-20220121-0007", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-24T17:35:28Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20220121-0007/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/933559?format=api", "purl": "pkg:deb/debian/openjdk-11@0?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@0%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933555?format=api", "purl": "pkg:deb/debian/openjdk-11@11.0.24%2B8-2~deb11u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.24%252B8-2~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933557?format=api", "purl": "pkg:deb/debian/openjdk-11@11.0.31~6ea-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.31~6ea-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1062445?format=api", "purl": "pkg:deb/debian/openjdk-11@11.0.31~10ea-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.31~10ea-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1067591?format=api", "purl": "pkg:deb/debian/openjdk-11@11.0.31~10ea-2?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.31~10ea-2%3Fdistro=sid" } ], "aliases": [ "CVE-2022-21271" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-arwd-bvw4-gya1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/34330?format=api", "vulnerability_id": "VCID-bqav-d2f9-x7d1", "summary": "Multiple vulnerabilities have been found in OpenJDK, the worst of which could result in denial of service.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-2161.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-2161.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-2161", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01404", "scoring_system": "epss", "scoring_elements": "0.80398", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01404", "scoring_system": "epss", "scoring_elements": "0.80484", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01404", "scoring_system": "epss", "scoring_elements": "0.80481", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01404", "scoring_system": "epss", "scoring_elements": "0.8048", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01404", "scoring_system": "epss", "scoring_elements": "0.80404", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01404", "scoring_system": "epss", "scoring_elements": "0.80452", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01404", "scoring_system": "epss", "scoring_elements": "0.80458", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01404", "scoring_system": "epss", "scoring_elements": "0.80473", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01404", "scoring_system": "epss", "scoring_elements": "0.80454", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01404", "scoring_system": "epss", "scoring_elements": "0.80444", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01404", "scoring_system": "epss", "scoring_elements": "0.80425", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01404", "scoring_system": "epss", "scoring_elements": "0.80414", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-2161" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1951231", "reference_id": "1951231", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1951231" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5ACX4JEVYH6H4PSMGMYWTGABPOFPH3TS/", "reference_id": "5ACX4JEVYH6H4PSMGMYWTGABPOFPH3TS", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T14:44:10Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5ACX4JEVYH6H4PSMGMYWTGABPOFPH3TS/" }, { "reference_url": "https://docs.azul.com/core/zulu-openjdk/release-notes/april-2021.html#fixed-common-vulnerabilities-and-exposures", "reference_id": "april-2021.html#fixed-common-vulnerabilities-and-exposures", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T14:44:10Z/" } ], "url": "https://docs.azul.com/core/zulu-openjdk/release-notes/april-2021.html#fixed-common-vulnerabilities-and-exposures" }, { "reference_url": "https://security.archlinux.org/AVG-1865", "reference_id": "AVG-1865", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1865" }, { "reference_url": "https://security.archlinux.org/AVG-1866", "reference_id": "AVG-1866", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1866" }, { "reference_url": "https://security.archlinux.org/AVG-1867", "reference_id": "AVG-1867", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1867" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CFXOKM2233JVGYDOWW77BN54X3GZTIBK/", "reference_id": "CFXOKM2233JVGYDOWW77BN54X3GZTIBK", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T14:44:10Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CFXOKM2233JVGYDOWW77BN54X3GZTIBK/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CG7EWXSO6JUCVHP7R3SOZQ7WPNBOISJH/", "reference_id": "CG7EWXSO6JUCVHP7R3SOZQ7WPNBOISJH", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T14:44:10Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CG7EWXSO6JUCVHP7R3SOZQ7WPNBOISJH/" }, { "reference_url": "https://www.debian.org/security/2021/dsa-4899", "reference_id": "dsa-4899", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T14:44:10Z/" } ], "url": "https://www.debian.org/security/2021/dsa-4899" }, { "reference_url": "https://security.gentoo.org/glsa/202209-05", "reference_id": "GLSA-202209-05", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T14:44:10Z/" } ], "url": "https://security.gentoo.org/glsa/202209-05" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MAULPCQFLAMBJIS27YLNNX6IHRFJMVP4/", "reference_id": "MAULPCQFLAMBJIS27YLNNX6IHRFJMVP4", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T14:44:10Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MAULPCQFLAMBJIS27YLNNX6IHRFJMVP4/" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2021/04/msg00021.html", "reference_id": "msg00021.html", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T14:44:10Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2021/04/msg00021.html" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MVDY4T5XMSYDQT6RRKPMRCV4MVGS7KXF/", "reference_id": "MVDY4T5XMSYDQT6RRKPMRCV4MVGS7KXF", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T14:44:10Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MVDY4T5XMSYDQT6RRKPMRCV4MVGS7KXF/" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20210513-0001/", "reference_id": "ntap-20210513-0001", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T14:44:10Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20210513-0001/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1445", "reference_id": "RHSA-2021:1445", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1445" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1447", "reference_id": "RHSA-2021:1447", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1447" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UD3JEP4HPLK7MNZHVUMKIJPBP74M3A2V/", "reference_id": "UD3JEP4HPLK7MNZHVUMKIJPBP74M3A2V", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T14:44:10Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UD3JEP4HPLK7MNZHVUMKIJPBP74M3A2V/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/933559?format=api", "purl": "pkg:deb/debian/openjdk-11@0?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@0%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933555?format=api", "purl": "pkg:deb/debian/openjdk-11@11.0.24%2B8-2~deb11u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.24%252B8-2~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933557?format=api", "purl": "pkg:deb/debian/openjdk-11@11.0.31~6ea-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.31~6ea-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1062445?format=api", "purl": "pkg:deb/debian/openjdk-11@11.0.31~10ea-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.31~10ea-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1067591?format=api", "purl": "pkg:deb/debian/openjdk-11@11.0.31~10ea-2?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.31~10ea-2%3Fdistro=sid" } ], "aliases": [ "CVE-2021-2161" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-bqav-d2f9-x7d1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/43659?format=api", "vulnerability_id": "VCID-nnks-uqvq-dubg", "summary": "Multiple vulnerabilities have been found in Oracle’s JDK and JRE\n software suites.", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00059.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-02T14:02:59Z/" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00059.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00013.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-02T14:02:59Z/" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00013.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-2426.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-2426.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-2426", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00527", "scoring_system": "epss", "scoring_elements": "0.67145", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00527", "scoring_system": "epss", "scoring_elements": "0.6708", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00527", "scoring_system": "epss", "scoring_elements": "0.6713", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00527", "scoring_system": "epss", "scoring_elements": "0.67142", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00527", "scoring_system": "epss", "scoring_elements": "0.67161", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00527", "scoring_system": "epss", "scoring_elements": "0.67147", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00527", "scoring_system": "epss", "scoring_elements": "0.67116", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00527", "scoring_system": "epss", "scoring_elements": "0.6715", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00527", "scoring_system": "epss", "scoring_elements": "0.67164", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00527", "scoring_system": "epss", "scoring_elements": "0.67082", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00527", "scoring_system": "epss", "scoring_elements": "0.67045", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00527", "scoring_system": "epss", "scoring_elements": "0.67106", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-2426" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20190118-0001/", "reference_id": "", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-02T14:02:59Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20190118-0001/" }, { "reference_url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03958en_us", "reference_id": "", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-02T14:02:59Z/" } ], "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03958en_us" }, { "reference_url": "http://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-02T14:02:59Z/" } ], "url": "http://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html" }, { "reference_url": "http://www.securityfocus.com/bid/106590", "reference_id": "", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-02T14:02:59Z/" } ], "url": "http://www.securityfocus.com/bid/106590" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1665953", "reference_id": "1665953", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1665953" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:hp:xp7_command_view:*:*:*:*:advanced:*:*:*", "reference_id": "cpe:2.3:a:hp:xp7_command_view:*:*:*:*:advanced:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:hp:xp7_command_view:*:*:*:*:advanced:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:oncommand_unified_manager:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:netapp:oncommand_unified_manager:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:oncommand_unified_manager:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:oncommand_unified_manager:*:*:*:*:*:vmware_vsphere:*:*", "reference_id": "cpe:2.3:a:netapp:oncommand_unified_manager:*:*:*:*:*:vmware_vsphere:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:oncommand_unified_manager:*:*:*:*:*:vmware_vsphere:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:oncommand_unified_manager:*:*:*:*:*:windows:*:*", "reference_id": "cpe:2.3:a:netapp:oncommand_unified_manager:*:*:*:*:*:windows:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:oncommand_unified_manager:*:*:*:*:*:windows:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:oncommand_workflow_automation:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:netapp:oncommand_workflow_automation:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:oncommand_workflow_automation:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:snapmanager:-:*:*:*:*:oracle:*:*", "reference_id": "cpe:2.3:a:netapp:snapmanager:-:*:*:*:*:oracle:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:snapmanager:-:*:*:*:*:oracle:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:snapmanager:-:*:*:*:*:sap:*:*", "reference_id": "cpe:2.3:a:netapp:snapmanager:-:*:*:*:*:sap:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:snapmanager:-:*:*:*:*:sap:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:11.0.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:jdk:11.0.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:11.0.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.7.0:update201:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:jdk:1.7.0:update201:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.7.0:update201:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.8.0:update191:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:jdk:1.8.0:update191:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.8.0:update191:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.8.0:update192:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:jdk:1.8.0:update192:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.8.0:update192:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:11.0.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:jre:11.0.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:11.0.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.7.0:update201:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:jre:1.7.0:update201:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.7.0:update201:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.8.0:update191:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:jre:1.8.0:update191:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.8.0:update191:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.8.0:update192:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:jre:1.8.0:update192:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.8.0:update192:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-2426", "reference_id": "CVE-2019-2426", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:N/A:N" }, { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-2426" }, { "reference_url": "https://security.gentoo.org/glsa/201903-14", "reference_id": "GLSA-201903-14", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-02T14:02:59Z/" } ], "url": "https://security.gentoo.org/glsa/201903-14" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/933559?format=api", "purl": "pkg:deb/debian/openjdk-11@0?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@0%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933555?format=api", "purl": "pkg:deb/debian/openjdk-11@11.0.24%2B8-2~deb11u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.24%252B8-2~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933557?format=api", "purl": "pkg:deb/debian/openjdk-11@11.0.31~6ea-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.31~6ea-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1062445?format=api", "purl": "pkg:deb/debian/openjdk-11@11.0.31~10ea-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.31~10ea-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1067591?format=api", "purl": "pkg:deb/debian/openjdk-11@11.0.31~10ea-2?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.31~10ea-2%3Fdistro=sid" } ], "aliases": [ "CVE-2019-2426" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-nnks-uqvq-dubg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/81945?format=api", "vulnerability_id": "VCID-qc7k-5py9-y7ab", "summary": "OpenJDK: Incorrect escaping of command line arguments in ProcessImpl on Windows (Libraries, 8221858)", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00064.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-01T16:14:26Z/" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00064.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00066.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-01T16:14:26Z/" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00066.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00031.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-01T16:14:26Z/" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00031.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-2958.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-2958.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-2958", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01183", "scoring_system": "epss", "scoring_elements": "0.78791", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01183", "scoring_system": "epss", "scoring_elements": "0.78718", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01183", "scoring_system": "epss", "scoring_elements": "0.78726", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01183", "scoring_system": "epss", "scoring_elements": "0.78765", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01183", "scoring_system": "epss", "scoring_elements": "0.78772", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01183", "scoring_system": "epss", "scoring_elements": "0.78796", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01183", "scoring_system": "epss", "scoring_elements": "0.78778", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01183", "scoring_system": "epss", "scoring_elements": "0.7877", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01183", "scoring_system": "epss", "scoring_elements": "0.78798", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01183", "scoring_system": "epss", "scoring_elements": "0.78757", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01183", "scoring_system": "epss", "scoring_elements": "0.78739", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-2958" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2019/12/msg00005.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-01T16:14:26Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2019/12/msg00005.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20191017-0001/", "reference_id": "", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-01T16:14:26Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20191017-0001/" }, { "reference_url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-01T16:14:26Z/" } ], "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1777929", "reference_id": "1777929", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1777929" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:e-series_santricity_os_controller:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:netapp:e-series_santricity_os_controller:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:e-series_santricity_os_controller:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:e-series_santricity_storage_manager:-:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:netapp:e-series_santricity_storage_manager:-:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:e-series_santricity_storage_manager:-:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:e-series_santricity_unified_manager:-:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:netapp:e-series_santricity_unified_manager:-:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:e-series_santricity_unified_manager:-:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:e-series_santricity_web_services_proxy:-:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:netapp:e-series_santricity_web_services_proxy:-:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:e-series_santricity_web_services_proxy:-:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:oncommand_workflow_automation:-:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:netapp:oncommand_workflow_automation:-:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:oncommand_workflow_automation:-:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:snapmanager:-:*:*:*:*:oracle:*:*", "reference_id": "cpe:2.3:a:netapp:snapmanager:-:*:*:*:*:oracle:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:snapmanager:-:*:*:*:*:oracle:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:snapmanager:-:*:*:*:*:sap:*:*", "reference_id": "cpe:2.3:a:netapp:snapmanager:-:*:*:*:*:sap:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:snapmanager:-:*:*:*:*:sap:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:11.0.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:jdk:11.0.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:11.0.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:13.0.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:jdk:13.0.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:13.0.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.7.0:update231:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:jdk:1.7.0:update231:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.7.0:update231:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.8.0:update221:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:jdk:1.8.0:update221:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.8.0:update221:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:11.0.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:jre:11.0.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:11.0.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:13.0.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:jre:13.0.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:13.0.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.7.0:update231:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:jre:1.7.0:update231:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.7.0:update231:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.8.0:update221:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:jre:1.8.0:update221:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.8.0:update221:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-2958", "reference_id": "CVE-2019-2958", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:P/A:N" }, { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-2958" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/933559?format=api", "purl": "pkg:deb/debian/openjdk-11@0?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@0%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933555?format=api", "purl": "pkg:deb/debian/openjdk-11@11.0.24%2B8-2~deb11u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.24%252B8-2~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933557?format=api", "purl": "pkg:deb/debian/openjdk-11@11.0.31~6ea-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.31~6ea-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1062445?format=api", "purl": "pkg:deb/debian/openjdk-11@11.0.31~10ea-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.31~10ea-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1067591?format=api", "purl": "pkg:deb/debian/openjdk-11@11.0.31~10ea-2?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.31~10ea-2%3Fdistro=sid" } ], "aliases": [ "CVE-2019-2958" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qc7k-5py9-y7ab" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/82364?format=api", "vulnerability_id": "VCID-xx59-6jd1-wbdr", "summary": "OpenJDK: Insufficient permission checks for file:// URLs on Windows (Networking, 8213431)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-2766.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-2766.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-2766", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01014", "scoring_system": "epss", "scoring_elements": "0.77172", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01014", "scoring_system": "epss", "scoring_elements": "0.77182", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01179", "scoring_system": "epss", "scoring_elements": "0.7874", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01179", "scoring_system": "epss", "scoring_elements": "0.78769", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01649", "scoring_system": "epss", "scoring_elements": "0.81945", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01649", "scoring_system": "epss", "scoring_elements": "0.81998", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01649", "scoring_system": "epss", "scoring_elements": "0.82018", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01649", "scoring_system": "epss", "scoring_elements": "0.82006", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01649", "scoring_system": "epss", "scoring_elements": "0.81934", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01649", "scoring_system": "epss", "scoring_elements": "0.81968", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01649", "scoring_system": "epss", "scoring_elements": "0.81964", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01649", "scoring_system": "epss", "scoring_elements": "0.81991", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-2766" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1730459", "reference_id": "1730459", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1730459" }, { "reference_url": "http://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html", "reference_id": "cpujul2019-5072835.html", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-01T16:18:00Z/" } ], "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html" }, { "reference_url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10300", "reference_id": "index?page=content&id=SB10300", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-01T16:18:00Z/" } ], "url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10300" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/933559?format=api", "purl": "pkg:deb/debian/openjdk-11@0?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@0%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933555?format=api", "purl": "pkg:deb/debian/openjdk-11@11.0.24%2B8-2~deb11u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.24%252B8-2~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933557?format=api", "purl": "pkg:deb/debian/openjdk-11@11.0.31~6ea-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.31~6ea-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1062445?format=api", "purl": "pkg:deb/debian/openjdk-11@11.0.31~10ea-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.31~10ea-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1067591?format=api", "purl": "pkg:deb/debian/openjdk-11@11.0.31~10ea-2?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.31~10ea-2%3Fdistro=sid" } ], "aliases": [ "CVE-2019-2766" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-xx59-6jd1-wbdr" } ], "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@0%3Fdistro=sid" }