Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/933580?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/933580?format=api", "purl": "pkg:deb/debian/openjdk-11@11.0.20%2B8-1~deb11u1?distro=sid", "type": "deb", "namespace": "debian", "name": "openjdk-11", "version": "11.0.20+8-1~deb11u1", "qualifiers": { "distro": "sid" }, "subpath": "", "is_vulnerable": false, "next_non_vulnerable_version": "11.0.20+8-1", "latest_non_vulnerable_version": "11.0.31~10ea-1", "affected_by_vulnerabilities": [], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/78480?format=api", "vulnerability_id": "VCID-8wud-7t2q-xfa3", "summary": "OpenJDK: missing check for slash characters in URI-to-path conversion (8298667)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-21968.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-21968.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-21968", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.23693", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.23735", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00088", "scoring_system": "epss", "scoring_elements": "0.25179", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00088", "scoring_system": "epss", "scoring_elements": "0.25193", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00088", "scoring_system": "epss", "scoring_elements": "0.2515", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00088", "scoring_system": "epss", "scoring_elements": "0.25098", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00088", "scoring_system": "epss", "scoring_elements": "0.25108", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00088", "scoring_system": "epss", "scoring_elements": "0.25064", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00088", "scoring_system": "epss", "scoring_elements": "0.25134", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-21968" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21930", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21930" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21937", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21937" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21938", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21938" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21939", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21939" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21954", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21954" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21967", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21967" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21968", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21968" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22006", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22006" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22036", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22036" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22041", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22041" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22045", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22045" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22049", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22049" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1035957", "reference_id": "1035957", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1035957" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036280", "reference_id": "1036280", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036280" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2187802", "reference_id": "2187802", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2187802" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1875", "reference_id": "RHSA-2023:1875", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1875" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1877", "reference_id": "RHSA-2023:1877", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1877" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1878", "reference_id": "RHSA-2023:1878", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1878" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1879", "reference_id": "RHSA-2023:1879", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1879" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1880", "reference_id": "RHSA-2023:1880", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1880" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1882", "reference_id": "RHSA-2023:1882", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1882" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1883", "reference_id": "RHSA-2023:1883", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1883" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1884", "reference_id": "RHSA-2023:1884", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1884" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1885", "reference_id": "RHSA-2023:1885", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1885" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1889", "reference_id": "RHSA-2023:1889", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1889" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1890", "reference_id": "RHSA-2023:1890", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1890" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1891", "reference_id": "RHSA-2023:1891", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1891" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1892", "reference_id": "RHSA-2023:1892", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1892" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1895", "reference_id": "RHSA-2023:1895", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1895" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1898", "reference_id": "RHSA-2023:1898", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1898" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1899", "reference_id": "RHSA-2023:1899", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1899" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1900", "reference_id": "RHSA-2023:1900", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1900" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1903", "reference_id": "RHSA-2023:1903", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1903" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1904", "reference_id": "RHSA-2023:1904", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1904" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1905", "reference_id": "RHSA-2023:1905", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1905" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1906", "reference_id": "RHSA-2023:1906", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1906" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1907", "reference_id": "RHSA-2023:1907", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1907" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1908", "reference_id": "RHSA-2023:1908", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1908" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1909", "reference_id": "RHSA-2023:1909", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1909" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1910", "reference_id": "RHSA-2023:1910", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1910" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1911", "reference_id": "RHSA-2023:1911", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1911" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1912", "reference_id": "RHSA-2023:1912", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1912" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4103", "reference_id": "RHSA-2023:4103", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4103" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4160", "reference_id": "RHSA-2023:4160", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4160" }, { "reference_url": "https://usn.ubuntu.com/6077-1/", "reference_id": "USN-6077-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6077-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/933581?format=api", "purl": "pkg:deb/debian/openjdk-11@11.0.19%2B7-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.19%252B7-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933580?format=api", "purl": "pkg:deb/debian/openjdk-11@11.0.20%2B8-1~deb11u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.20%252B8-1~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933555?format=api", "purl": "pkg:deb/debian/openjdk-11@11.0.24%2B8-2~deb11u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.24%252B8-2~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933557?format=api", "purl": "pkg:deb/debian/openjdk-11@11.0.31~6ea-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.31~6ea-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1062445?format=api", "purl": "pkg:deb/debian/openjdk-11@11.0.31~10ea-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.31~10ea-1%3Fdistro=sid" } ], "aliases": [ "CVE-2023-21968" ], "risk_score": 1.6, "exploitability": "0.5", "weighted_severity": "3.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8wud-7t2q-xfa3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/78477?format=api", "vulnerability_id": "VCID-9uzg-sja9-hkcy", "summary": "OpenJDK: Swing HTML parsing issue (8296832)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-21939.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-21939.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-21939", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01861", "scoring_system": "epss", "scoring_elements": "0.83001", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01861", "scoring_system": "epss", "scoring_elements": "0.83087", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01861", "scoring_system": "epss", "scoring_elements": "0.83014", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01861", "scoring_system": "epss", "scoring_elements": "0.83012", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01861", "scoring_system": "epss", "scoring_elements": "0.83037", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01861", "scoring_system": "epss", "scoring_elements": "0.83044", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01861", "scoring_system": "epss", "scoring_elements": "0.83059", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01861", "scoring_system": "epss", "scoring_elements": "0.83053", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01861", "scoring_system": "epss", "scoring_elements": "0.83048", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-21939" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21930", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21930" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21937", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21937" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21938", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21938" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21939", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21939" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21954", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21954" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21967", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21967" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21968", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21968" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22006", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22006" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22036", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22036" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22041", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22041" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22045", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22045" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22049", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22049" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1035957", "reference_id": "1035957", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1035957" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036280", "reference_id": "1036280", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036280" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2187724", "reference_id": "2187724", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2187724" }, { "reference_url": "https://www.debian.org/security/2023/dsa-5430", "reference_id": "dsa-5430", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-05T19:26:29Z/" } ], "url": "https://www.debian.org/security/2023/dsa-5430" }, { "reference_url": "https://www.debian.org/security/2023/dsa-5478", "reference_id": "dsa-5478", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-05T19:26:29Z/" } ], "url": "https://www.debian.org/security/2023/dsa-5478" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00018.html", "reference_id": "msg00018.html", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-05T19:26:29Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00018.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20230427-0008/", "reference_id": "ntap-20230427-0008", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-05T19:26:29Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20230427-0008/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1875", "reference_id": "RHSA-2023:1875", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1875" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1877", "reference_id": "RHSA-2023:1877", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1877" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1878", "reference_id": "RHSA-2023:1878", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1878" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1879", "reference_id": "RHSA-2023:1879", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1879" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1880", "reference_id": "RHSA-2023:1880", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1880" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1882", "reference_id": "RHSA-2023:1882", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1882" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1883", "reference_id": "RHSA-2023:1883", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1883" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1884", "reference_id": "RHSA-2023:1884", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1884" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1885", "reference_id": "RHSA-2023:1885", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1885" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1889", "reference_id": "RHSA-2023:1889", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1889" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1890", "reference_id": "RHSA-2023:1890", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1890" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1891", "reference_id": "RHSA-2023:1891", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1891" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1892", "reference_id": "RHSA-2023:1892", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1892" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1895", "reference_id": "RHSA-2023:1895", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1895" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1898", "reference_id": "RHSA-2023:1898", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1898" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1899", "reference_id": "RHSA-2023:1899", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1899" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1900", "reference_id": "RHSA-2023:1900", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1900" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1903", "reference_id": "RHSA-2023:1903", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1903" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1904", "reference_id": "RHSA-2023:1904", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1904" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1905", "reference_id": "RHSA-2023:1905", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1905" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1906", "reference_id": "RHSA-2023:1906", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1906" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1907", "reference_id": "RHSA-2023:1907", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1907" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1908", "reference_id": "RHSA-2023:1908", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1908" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1909", "reference_id": "RHSA-2023:1909", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1909" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1910", "reference_id": "RHSA-2023:1910", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1910" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1911", "reference_id": "RHSA-2023:1911", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1911" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1912", "reference_id": "RHSA-2023:1912", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1912" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4103", "reference_id": "RHSA-2023:4103", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4103" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4160", "reference_id": "RHSA-2023:4160", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4160" }, { "reference_url": "https://usn.ubuntu.com/6077-1/", "reference_id": "USN-6077-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6077-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/933581?format=api", "purl": "pkg:deb/debian/openjdk-11@11.0.19%2B7-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.19%252B7-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933580?format=api", "purl": "pkg:deb/debian/openjdk-11@11.0.20%2B8-1~deb11u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.20%252B8-1~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933555?format=api", "purl": "pkg:deb/debian/openjdk-11@11.0.24%2B8-2~deb11u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.24%252B8-2~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933557?format=api", "purl": "pkg:deb/debian/openjdk-11@11.0.31~6ea-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.31~6ea-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1062445?format=api", "purl": "pkg:deb/debian/openjdk-11@11.0.31~10ea-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.31~10ea-1%3Fdistro=sid" } ], "aliases": [ "CVE-2023-21939" ], "risk_score": 2.4, "exploitability": "0.5", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-9uzg-sja9-hkcy" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31962?format=api", "vulnerability_id": "VCID-a59u-h67v-yygm", "summary": "Multiple vulnerabilities have been discovered in OpenJDK, the worst of which could lead to remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-22041.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-22041.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-22041", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00073", "scoring_system": "epss", "scoring_elements": "0.22241", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00073", "scoring_system": "epss", "scoring_elements": "0.22289", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00073", "scoring_system": "epss", "scoring_elements": "0.22073", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00073", "scoring_system": "epss", "scoring_elements": "0.22154", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00073", "scoring_system": "epss", "scoring_elements": "0.22208", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00073", "scoring_system": "epss", "scoring_elements": "0.22229", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00073", "scoring_system": "epss", "scoring_elements": "0.22188", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00073", "scoring_system": "epss", "scoring_elements": "0.22128", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00073", "scoring_system": "epss", "scoring_elements": "0.22127", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-22041" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21930", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21930" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21937", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21937" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21938", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21938" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21939", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21939" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21954", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21954" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21967", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21967" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21968", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21968" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22006", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22006" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22036", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22036" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22041", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22041" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22045", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22045" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22049", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22049" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2223207", "reference_id": "2223207", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2223207" }, { "reference_url": "https://security.gentoo.org/glsa/202407-24", "reference_id": "GLSA-202407-24", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202407-24" }, { "reference_url": "https://security.gentoo.org/glsa/202412-07", "reference_id": "GLSA-202412-07", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-07" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4157", "reference_id": "RHSA-2023:4157", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4157" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4158", "reference_id": "RHSA-2023:4158", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4158" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4159", "reference_id": "RHSA-2023:4159", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4159" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4161", "reference_id": "RHSA-2023:4161", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4161" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4162", "reference_id": "RHSA-2023:4162", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4162" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4163", "reference_id": "RHSA-2023:4163", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4163" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4164", "reference_id": "RHSA-2023:4164", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4164" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4165", "reference_id": "RHSA-2023:4165", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4165" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4169", "reference_id": "RHSA-2023:4169", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4169" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4170", "reference_id": "RHSA-2023:4170", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4170" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4171", "reference_id": "RHSA-2023:4171", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4171" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4175", "reference_id": "RHSA-2023:4175", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4175" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4177", "reference_id": "RHSA-2023:4177", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4177" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4208", "reference_id": "RHSA-2023:4208", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4208" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4210", "reference_id": "RHSA-2023:4210", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4210" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4211", "reference_id": "RHSA-2023:4211", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4211" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4233", "reference_id": "RHSA-2023:4233", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4233" }, { "reference_url": "https://usn.ubuntu.com/6263-1/", "reference_id": "USN-6263-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6263-1/" }, { "reference_url": "https://usn.ubuntu.com/6272-1/", "reference_id": "USN-6272-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6272-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/933580?format=api", "purl": "pkg:deb/debian/openjdk-11@11.0.20%2B8-1~deb11u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.20%252B8-1~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933582?format=api", "purl": "pkg:deb/debian/openjdk-11@11.0.20%2B8-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.20%252B8-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933555?format=api", "purl": "pkg:deb/debian/openjdk-11@11.0.24%2B8-2~deb11u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.24%252B8-2~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933557?format=api", "purl": "pkg:deb/debian/openjdk-11@11.0.31~6ea-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.31~6ea-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1062445?format=api", "purl": "pkg:deb/debian/openjdk-11@11.0.31~10ea-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.31~10ea-1%3Fdistro=sid" } ], "aliases": [ "CVE-2023-22041" ], "risk_score": 2.3, "exploitability": "0.5", "weighted_severity": "4.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-a59u-h67v-yygm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/78479?format=api", "vulnerability_id": "VCID-dwh6-xw5k-mqg8", "summary": "OpenJDK: missing string checks for NULL characters (8296622)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-21937.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-21937.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-21937", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00087", "scoring_system": "epss", "scoring_elements": "0.25149", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00087", "scoring_system": "epss", "scoring_elements": "0.25005", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00087", "scoring_system": "epss", "scoring_elements": "0.25188", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00087", "scoring_system": "epss", "scoring_elements": "0.2496", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00087", "scoring_system": "epss", "scoring_elements": "0.25029", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00087", "scoring_system": "epss", "scoring_elements": "0.25073", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00087", "scoring_system": "epss", "scoring_elements": "0.25087", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00087", "scoring_system": "epss", "scoring_elements": "0.25047", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00087", "scoring_system": "epss", "scoring_elements": "0.24993", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-21937" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21930", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21930" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21937", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21937" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21938", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21938" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21939", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21939" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21954", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21954" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21967", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21967" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21968", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21968" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22006", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22006" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22036", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22036" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22041", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22041" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22045", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22045" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22049", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22049" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1035957", "reference_id": "1035957", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1035957" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036280", "reference_id": "1036280", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036280" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2187790", "reference_id": "2187790", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2187790" }, { "reference_url": "https://www.debian.org/security/2023/dsa-5430", "reference_id": "dsa-5430", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-17T13:34:57Z/" } ], "url": "https://www.debian.org/security/2023/dsa-5430" }, { "reference_url": "https://www.debian.org/security/2023/dsa-5478", "reference_id": "dsa-5478", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-17T13:34:57Z/" } ], "url": "https://www.debian.org/security/2023/dsa-5478" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00018.html", "reference_id": "msg00018.html", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-17T13:34:57Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00018.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20230427-0008/", "reference_id": "ntap-20230427-0008", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-17T13:34:57Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20230427-0008/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1875", "reference_id": "RHSA-2023:1875", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1875" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1877", "reference_id": "RHSA-2023:1877", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1877" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1878", "reference_id": "RHSA-2023:1878", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1878" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1879", "reference_id": "RHSA-2023:1879", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1879" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1880", "reference_id": "RHSA-2023:1880", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1880" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1882", "reference_id": "RHSA-2023:1882", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1882" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1883", "reference_id": "RHSA-2023:1883", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1883" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1884", "reference_id": "RHSA-2023:1884", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1884" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1885", "reference_id": "RHSA-2023:1885", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1885" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1889", "reference_id": "RHSA-2023:1889", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1889" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1890", "reference_id": "RHSA-2023:1890", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1890" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1891", "reference_id": "RHSA-2023:1891", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1891" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1892", "reference_id": "RHSA-2023:1892", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1892" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1895", "reference_id": "RHSA-2023:1895", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1895" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1898", "reference_id": "RHSA-2023:1898", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1898" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1899", "reference_id": "RHSA-2023:1899", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1899" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1900", "reference_id": "RHSA-2023:1900", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1900" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1903", "reference_id": "RHSA-2023:1903", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1903" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1904", "reference_id": "RHSA-2023:1904", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1904" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1905", "reference_id": "RHSA-2023:1905", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1905" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1906", "reference_id": "RHSA-2023:1906", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1906" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1907", "reference_id": "RHSA-2023:1907", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1907" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1908", "reference_id": "RHSA-2023:1908", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1908" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1909", "reference_id": "RHSA-2023:1909", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1909" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1910", "reference_id": "RHSA-2023:1910", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1910" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1911", "reference_id": "RHSA-2023:1911", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1911" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1912", "reference_id": "RHSA-2023:1912", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1912" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4103", "reference_id": "RHSA-2023:4103", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4103" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4160", "reference_id": "RHSA-2023:4160", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4160" }, { "reference_url": "https://usn.ubuntu.com/6077-1/", "reference_id": "USN-6077-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6077-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/933581?format=api", "purl": "pkg:deb/debian/openjdk-11@11.0.19%2B7-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.19%252B7-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933580?format=api", "purl": "pkg:deb/debian/openjdk-11@11.0.20%2B8-1~deb11u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.20%252B8-1~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933555?format=api", "purl": "pkg:deb/debian/openjdk-11@11.0.24%2B8-2~deb11u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.24%252B8-2~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933557?format=api", "purl": "pkg:deb/debian/openjdk-11@11.0.31~6ea-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.31~6ea-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1062445?format=api", "purl": "pkg:deb/debian/openjdk-11@11.0.31~10ea-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.31~10ea-1%3Fdistro=sid" } ], "aliases": [ "CVE-2023-21937" ], "risk_score": 1.6, "exploitability": "0.5", "weighted_severity": "3.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-dwh6-xw5k-mqg8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31965?format=api", "vulnerability_id": "VCID-dyg2-udwy-cud7", "summary": "Multiple vulnerabilities have been discovered in OpenJDK, the worst of which could lead to remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-22045.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-22045.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-22045", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00153", "scoring_system": "epss", "scoring_elements": "0.3604", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00153", "scoring_system": "epss", "scoring_elements": "0.36098", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00153", "scoring_system": "epss", "scoring_elements": "0.36104", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00153", "scoring_system": "epss", "scoring_elements": "0.36066", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00153", "scoring_system": "epss", "scoring_elements": "0.3603", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00153", "scoring_system": "epss", "scoring_elements": "0.3608", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00201", "scoring_system": "epss", "scoring_elements": "0.42145", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00201", "scoring_system": "epss", "scoring_elements": "0.42172", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-22045" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21930", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21930" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21937", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21937" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21938", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21938" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21939", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21939" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21954", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21954" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21967", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21967" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21968", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21968" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22006", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22006" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22036", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22036" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22041", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22041" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22045", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22045" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22049", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22049" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2221645", "reference_id": "2221645", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2221645" }, { "reference_url": "https://security.gentoo.org/glsa/202407-24", "reference_id": "GLSA-202407-24", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202407-24" }, { "reference_url": "https://security.gentoo.org/glsa/202412-07", "reference_id": "GLSA-202412-07", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-07" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4157", "reference_id": "RHSA-2023:4157", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4157" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4158", "reference_id": "RHSA-2023:4158", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4158" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4159", "reference_id": "RHSA-2023:4159", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4159" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4161", "reference_id": "RHSA-2023:4161", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4161" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4162", "reference_id": "RHSA-2023:4162", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4162" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4163", "reference_id": "RHSA-2023:4163", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4163" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4164", "reference_id": "RHSA-2023:4164", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4164" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4165", "reference_id": "RHSA-2023:4165", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4165" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4166", "reference_id": "RHSA-2023:4166", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4166" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4167", "reference_id": "RHSA-2023:4167", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4167" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4168", "reference_id": "RHSA-2023:4168", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4168" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4169", "reference_id": "RHSA-2023:4169", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4169" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4170", "reference_id": "RHSA-2023:4170", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4170" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4171", "reference_id": "RHSA-2023:4171", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4171" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4172", "reference_id": "RHSA-2023:4172", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4172" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4173", "reference_id": "RHSA-2023:4173", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4173" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4174", "reference_id": "RHSA-2023:4174", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4174" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4175", "reference_id": "RHSA-2023:4175", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4175" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4176", "reference_id": "RHSA-2023:4176", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4176" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4177", "reference_id": "RHSA-2023:4177", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4177" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4178", "reference_id": "RHSA-2023:4178", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4178" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4208", "reference_id": "RHSA-2023:4208", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4208" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4209", "reference_id": "RHSA-2023:4209", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4209" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4210", "reference_id": "RHSA-2023:4210", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4210" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4211", "reference_id": "RHSA-2023:4211", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4211" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4212", "reference_id": "RHSA-2023:4212", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4212" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4233", "reference_id": "RHSA-2023:4233", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4233" }, { "reference_url": "https://usn.ubuntu.com/6263-1/", "reference_id": "USN-6263-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6263-1/" }, { "reference_url": "https://usn.ubuntu.com/6272-1/", "reference_id": "USN-6272-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6272-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/933580?format=api", "purl": "pkg:deb/debian/openjdk-11@11.0.20%2B8-1~deb11u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.20%252B8-1~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933582?format=api", "purl": "pkg:deb/debian/openjdk-11@11.0.20%2B8-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.20%252B8-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933555?format=api", "purl": "pkg:deb/debian/openjdk-11@11.0.24%2B8-2~deb11u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.24%252B8-2~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933557?format=api", "purl": "pkg:deb/debian/openjdk-11@11.0.31~6ea-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.31~6ea-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1062445?format=api", "purl": "pkg:deb/debian/openjdk-11@11.0.31~10ea-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.31~10ea-1%3Fdistro=sid" } ], "aliases": [ "CVE-2023-22045" ], "risk_score": 1.6, "exploitability": "0.5", "weighted_severity": "3.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-dyg2-udwy-cud7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/78475?format=api", "vulnerability_id": "VCID-fhj9-p1gx-c7hp", "summary": "OpenJDK: incorrect enqueue of references in garbage collector (8298191)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-21954.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-21954.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-21954", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00049", "scoring_system": "epss", "scoring_elements": "0.15081", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00049", "scoring_system": "epss", "scoring_elements": "0.15288", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00049", "scoring_system": "epss", "scoring_elements": "0.15357", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00049", "scoring_system": "epss", "scoring_elements": "0.15161", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00049", "scoring_system": "epss", "scoring_elements": "0.15249", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00049", "scoring_system": "epss", "scoring_elements": "0.15301", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00049", "scoring_system": "epss", "scoring_elements": "0.1527", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00049", "scoring_system": "epss", "scoring_elements": "0.15232", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00049", "scoring_system": "epss", "scoring_elements": "0.15167", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-21954" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21930", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21930" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21937", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21937" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21938", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21938" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21939", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21939" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21954", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21954" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21967", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21967" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21968", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21968" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22006", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22006" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22036", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22036" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22041", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22041" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22045", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22045" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22049", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22049" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1035957", "reference_id": "1035957", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1035957" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036280", "reference_id": "1036280", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036280" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2187441", "reference_id": "2187441", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2187441" }, { "reference_url": "https://www.debian.org/security/2023/dsa-5430", "reference_id": "dsa-5430", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-16T14:39:04Z/" } ], "url": "https://www.debian.org/security/2023/dsa-5430" }, { "reference_url": "https://www.debian.org/security/2023/dsa-5478", "reference_id": "dsa-5478", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-16T14:39:04Z/" } ], "url": "https://www.debian.org/security/2023/dsa-5478" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00018.html", "reference_id": "msg00018.html", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-16T14:39:04Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00018.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20230427-0008/", "reference_id": "ntap-20230427-0008", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-16T14:39:04Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20230427-0008/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1875", "reference_id": "RHSA-2023:1875", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1875" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1877", "reference_id": "RHSA-2023:1877", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1877" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1878", "reference_id": "RHSA-2023:1878", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1878" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1879", "reference_id": "RHSA-2023:1879", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1879" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1880", "reference_id": "RHSA-2023:1880", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1880" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1882", "reference_id": "RHSA-2023:1882", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1882" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1883", "reference_id": "RHSA-2023:1883", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1883" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1884", "reference_id": "RHSA-2023:1884", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1884" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1885", "reference_id": "RHSA-2023:1885", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1885" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1889", "reference_id": "RHSA-2023:1889", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1889" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1890", "reference_id": "RHSA-2023:1890", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1890" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1891", "reference_id": "RHSA-2023:1891", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1891" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1892", "reference_id": "RHSA-2023:1892", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1892" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1895", "reference_id": "RHSA-2023:1895", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1895" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1898", "reference_id": "RHSA-2023:1898", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1898" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1899", "reference_id": "RHSA-2023:1899", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1899" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1900", "reference_id": "RHSA-2023:1900", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1900" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1903", "reference_id": "RHSA-2023:1903", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1903" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1904", "reference_id": "RHSA-2023:1904", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1904" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1905", "reference_id": "RHSA-2023:1905", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1905" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1906", "reference_id": "RHSA-2023:1906", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1906" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1907", "reference_id": "RHSA-2023:1907", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1907" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1908", "reference_id": "RHSA-2023:1908", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1908" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1909", "reference_id": "RHSA-2023:1909", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1909" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1910", "reference_id": "RHSA-2023:1910", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1910" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1911", "reference_id": "RHSA-2023:1911", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1911" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1912", "reference_id": "RHSA-2023:1912", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1912" }, { "reference_url": "https://usn.ubuntu.com/6077-1/", "reference_id": "USN-6077-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6077-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/933581?format=api", "purl": "pkg:deb/debian/openjdk-11@11.0.19%2B7-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.19%252B7-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933580?format=api", "purl": "pkg:deb/debian/openjdk-11@11.0.20%2B8-1~deb11u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.20%252B8-1~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933555?format=api", "purl": "pkg:deb/debian/openjdk-11@11.0.24%2B8-2~deb11u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.24%252B8-2~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933557?format=api", "purl": "pkg:deb/debian/openjdk-11@11.0.31~6ea-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.31~6ea-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1062445?format=api", "purl": "pkg:deb/debian/openjdk-11@11.0.31~10ea-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.31~10ea-1%3Fdistro=sid" } ], "aliases": [ "CVE-2023-21954" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fhj9-p1gx-c7hp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31966?format=api", "vulnerability_id": "VCID-gjgy-dfq7-zfb2", "summary": "Multiple vulnerabilities have been discovered in OpenJDK, the worst of which could lead to remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-22049.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-22049.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-22049", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.20277", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.20392", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.20347", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.20289", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.20223", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.20303", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.20363", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.24864", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.24903", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-22049" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21930", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21930" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21937", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21937" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21938", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21938" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21939", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21939" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21954", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21954" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21967", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21967" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21968", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21968" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22006", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22006" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22036", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22036" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22041", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22041" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22045", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22045" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22049", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22049" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2221647", "reference_id": "2221647", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2221647" }, { "reference_url": "https://security.gentoo.org/glsa/202407-24", "reference_id": "GLSA-202407-24", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202407-24" }, { "reference_url": "https://security.gentoo.org/glsa/202412-07", "reference_id": "GLSA-202412-07", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-07" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4157", "reference_id": "RHSA-2023:4157", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4157" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4158", "reference_id": "RHSA-2023:4158", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4158" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4159", "reference_id": "RHSA-2023:4159", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4159" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4161", "reference_id": "RHSA-2023:4161", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4161" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4162", "reference_id": "RHSA-2023:4162", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4162" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4163", "reference_id": "RHSA-2023:4163", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4163" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4164", "reference_id": "RHSA-2023:4164", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4164" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4165", "reference_id": "RHSA-2023:4165", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4165" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4166", "reference_id": "RHSA-2023:4166", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4166" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4167", "reference_id": "RHSA-2023:4167", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4167" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4168", "reference_id": "RHSA-2023:4168", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4168" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4169", "reference_id": "RHSA-2023:4169", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4169" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4170", "reference_id": "RHSA-2023:4170", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4170" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4171", "reference_id": "RHSA-2023:4171", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4171" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4172", "reference_id": "RHSA-2023:4172", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4172" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4173", "reference_id": "RHSA-2023:4173", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4173" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4174", "reference_id": "RHSA-2023:4174", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4174" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4175", "reference_id": "RHSA-2023:4175", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4175" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4176", "reference_id": "RHSA-2023:4176", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4176" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4177", "reference_id": "RHSA-2023:4177", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4177" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4178", "reference_id": "RHSA-2023:4178", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4178" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4208", "reference_id": "RHSA-2023:4208", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4208" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4209", "reference_id": "RHSA-2023:4209", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4209" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4210", "reference_id": "RHSA-2023:4210", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4210" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4211", "reference_id": "RHSA-2023:4211", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4211" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4212", "reference_id": "RHSA-2023:4212", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4212" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4233", "reference_id": "RHSA-2023:4233", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4233" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4876", "reference_id": "RHSA-2023:4876", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4876" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4877", "reference_id": "RHSA-2023:4877", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4877" }, { "reference_url": "https://usn.ubuntu.com/6263-1/", "reference_id": "USN-6263-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6263-1/" }, { "reference_url": "https://usn.ubuntu.com/6272-1/", "reference_id": "USN-6272-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6272-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/933580?format=api", "purl": "pkg:deb/debian/openjdk-11@11.0.20%2B8-1~deb11u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.20%252B8-1~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933582?format=api", "purl": "pkg:deb/debian/openjdk-11@11.0.20%2B8-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.20%252B8-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933555?format=api", "purl": "pkg:deb/debian/openjdk-11@11.0.24%2B8-2~deb11u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.24%252B8-2~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933557?format=api", "purl": "pkg:deb/debian/openjdk-11@11.0.31~6ea-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.31~6ea-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1062445?format=api", "purl": "pkg:deb/debian/openjdk-11@11.0.31~10ea-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.31~10ea-1%3Fdistro=sid" } ], "aliases": [ "CVE-2023-22049" ], "risk_score": 1.6, "exploitability": "0.5", "weighted_severity": "3.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-gjgy-dfq7-zfb2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31960?format=api", "vulnerability_id": "VCID-jw6x-cntu-nfht", "summary": "Multiple vulnerabilities have been discovered in OpenJDK, the worst of which could lead to remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-22036.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-22036.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-22036", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00097", "scoring_system": "epss", "scoring_elements": "0.26986", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00097", "scoring_system": "epss", "scoring_elements": "0.27022", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00097", "scoring_system": "epss", "scoring_elements": "0.26812", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00097", "scoring_system": "epss", "scoring_elements": "0.26881", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00097", "scoring_system": "epss", "scoring_elements": "0.26928", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00097", "scoring_system": "epss", "scoring_elements": "0.26932", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00097", "scoring_system": "epss", "scoring_elements": "0.26888", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00097", "scoring_system": "epss", "scoring_elements": "0.26831", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00097", "scoring_system": "epss", "scoring_elements": "0.26838", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-22036" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21930", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21930" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21937", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21937" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21938", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21938" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21939", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21939" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21954", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21954" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21967", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21967" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21968", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21968" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22006", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22006" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22036", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22036" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22041", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22041" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22045", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22045" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22049", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22049" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2221634", "reference_id": "2221634", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2221634" }, { "reference_url": "https://security.gentoo.org/glsa/202407-24", "reference_id": "GLSA-202407-24", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202407-24" }, { "reference_url": "https://security.gentoo.org/glsa/202412-07", "reference_id": "GLSA-202412-07", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-07" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4157", "reference_id": "RHSA-2023:4157", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4157" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4158", "reference_id": "RHSA-2023:4158", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4158" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4159", "reference_id": "RHSA-2023:4159", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4159" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4161", "reference_id": "RHSA-2023:4161", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4161" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4162", "reference_id": "RHSA-2023:4162", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4162" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4163", "reference_id": "RHSA-2023:4163", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4163" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4164", "reference_id": "RHSA-2023:4164", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4164" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4165", "reference_id": "RHSA-2023:4165", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4165" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4169", "reference_id": "RHSA-2023:4169", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4169" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4170", "reference_id": "RHSA-2023:4170", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4170" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4171", "reference_id": "RHSA-2023:4171", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4171" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4175", "reference_id": "RHSA-2023:4175", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4175" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4177", "reference_id": "RHSA-2023:4177", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4177" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4208", "reference_id": "RHSA-2023:4208", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4208" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4210", "reference_id": "RHSA-2023:4210", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4210" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4211", "reference_id": "RHSA-2023:4211", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4211" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4233", "reference_id": "RHSA-2023:4233", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4233" }, { "reference_url": "https://usn.ubuntu.com/6263-1/", "reference_id": "USN-6263-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6263-1/" }, { "reference_url": "https://usn.ubuntu.com/6272-1/", "reference_id": "USN-6272-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6272-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/933580?format=api", "purl": "pkg:deb/debian/openjdk-11@11.0.20%2B8-1~deb11u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.20%252B8-1~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933582?format=api", "purl": "pkg:deb/debian/openjdk-11@11.0.20%2B8-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.20%252B8-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933555?format=api", "purl": "pkg:deb/debian/openjdk-11@11.0.24%2B8-2~deb11u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.24%252B8-2~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933557?format=api", "purl": "pkg:deb/debian/openjdk-11@11.0.31~6ea-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.31~6ea-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1062445?format=api", "purl": "pkg:deb/debian/openjdk-11@11.0.31~10ea-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.31~10ea-1%3Fdistro=sid" } ], "aliases": [ "CVE-2023-22036" ], "risk_score": 1.6, "exploitability": "0.5", "weighted_severity": "3.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jw6x-cntu-nfht" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/78474?format=api", "vulnerability_id": "VCID-kq78-adbv-67a7", "summary": "OpenJDK: improper connection handling during TLS handshake (8294474)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-21930.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-21930.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-21930", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00155", "scoring_system": "epss", "scoring_elements": "0.36258", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00155", "scoring_system": "epss", "scoring_elements": "0.36276", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00155", "scoring_system": "epss", "scoring_elements": "0.36239", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00155", "scoring_system": "epss", "scoring_elements": "0.36214", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00159", "scoring_system": "epss", "scoring_elements": "0.36941", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00159", "scoring_system": "epss", "scoring_elements": "0.36908", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00159", "scoring_system": "epss", "scoring_elements": "0.36839", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00159", "scoring_system": "epss", "scoring_elements": "0.36824", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00159", "scoring_system": "epss", "scoring_elements": "0.36774", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-21930" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21930", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21930" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21937", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21937" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21938", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21938" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21939", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21939" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21954", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21954" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21967", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21967" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21968", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21968" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22006", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22006" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22036", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22036" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22041", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22041" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22045", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22045" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22049", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22049" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1035957", "reference_id": "1035957", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1035957" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036280", "reference_id": "1036280", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036280" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2187435", "reference_id": "2187435", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2187435" }, { "reference_url": "https://www.debian.org/security/2023/dsa-5430", "reference_id": "dsa-5430", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-22T19:44:31Z/" } ], "url": "https://www.debian.org/security/2023/dsa-5430" }, { "reference_url": "https://www.debian.org/security/2023/dsa-5478", "reference_id": "dsa-5478", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-22T19:44:31Z/" } ], "url": "https://www.debian.org/security/2023/dsa-5478" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00018.html", "reference_id": "msg00018.html", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-22T19:44:31Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00018.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20230427-0008/", "reference_id": "ntap-20230427-0008", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-22T19:44:31Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20230427-0008/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1875", "reference_id": "RHSA-2023:1875", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1875" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1877", "reference_id": "RHSA-2023:1877", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1877" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1878", "reference_id": "RHSA-2023:1878", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1878" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1879", "reference_id": "RHSA-2023:1879", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1879" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1880", "reference_id": "RHSA-2023:1880", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1880" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1882", "reference_id": "RHSA-2023:1882", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1882" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1883", "reference_id": "RHSA-2023:1883", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1883" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1884", "reference_id": "RHSA-2023:1884", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1884" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1885", "reference_id": "RHSA-2023:1885", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1885" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1889", "reference_id": "RHSA-2023:1889", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1889" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1890", "reference_id": "RHSA-2023:1890", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1890" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1891", "reference_id": "RHSA-2023:1891", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1891" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1892", "reference_id": "RHSA-2023:1892", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1892" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1895", "reference_id": "RHSA-2023:1895", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1895" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1898", "reference_id": "RHSA-2023:1898", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1898" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1899", "reference_id": "RHSA-2023:1899", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1899" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1900", "reference_id": "RHSA-2023:1900", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1900" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1903", "reference_id": "RHSA-2023:1903", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1903" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1904", "reference_id": "RHSA-2023:1904", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1904" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1905", "reference_id": "RHSA-2023:1905", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1905" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1906", "reference_id": "RHSA-2023:1906", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1906" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1907", "reference_id": "RHSA-2023:1907", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1907" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1908", "reference_id": "RHSA-2023:1908", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1908" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1909", "reference_id": "RHSA-2023:1909", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1909" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1910", "reference_id": "RHSA-2023:1910", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1910" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1911", "reference_id": "RHSA-2023:1911", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1911" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1912", "reference_id": "RHSA-2023:1912", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1912" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4103", "reference_id": "RHSA-2023:4103", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4103" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4160", "reference_id": "RHSA-2023:4160", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4160" }, { "reference_url": "https://usn.ubuntu.com/6077-1/", "reference_id": "USN-6077-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6077-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/933581?format=api", "purl": "pkg:deb/debian/openjdk-11@11.0.19%2B7-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.19%252B7-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933580?format=api", "purl": "pkg:deb/debian/openjdk-11@11.0.20%2B8-1~deb11u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.20%252B8-1~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933555?format=api", "purl": "pkg:deb/debian/openjdk-11@11.0.24%2B8-2~deb11u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.24%252B8-2~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933557?format=api", "purl": "pkg:deb/debian/openjdk-11@11.0.31~6ea-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.31~6ea-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1062445?format=api", "purl": "pkg:deb/debian/openjdk-11@11.0.31~10ea-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.31~10ea-1%3Fdistro=sid" } ], "aliases": [ "CVE-2023-21930" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.7", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-kq78-adbv-67a7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/78478?format=api", "vulnerability_id": "VCID-q5gr-6u92-6ybk", "summary": "OpenJDK: incorrect handling of NULL characters in ProcessBuilder (8295304)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-21938.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-21938.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-21938", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00087", "scoring_system": "epss", "scoring_elements": "0.25149", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00087", "scoring_system": "epss", "scoring_elements": "0.25005", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00087", "scoring_system": "epss", "scoring_elements": "0.25188", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00087", "scoring_system": "epss", "scoring_elements": "0.2496", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00087", "scoring_system": "epss", "scoring_elements": "0.25029", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00087", "scoring_system": "epss", "scoring_elements": "0.25073", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00087", "scoring_system": "epss", "scoring_elements": "0.25087", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00087", "scoring_system": "epss", "scoring_elements": "0.25047", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00087", "scoring_system": "epss", "scoring_elements": "0.24993", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-21938" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21930", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21930" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21937", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21937" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21938", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21938" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21939", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21939" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21954", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21954" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21967", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21967" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21968", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21968" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22006", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22006" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22036", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22036" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22041", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22041" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22045", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22045" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22049", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22049" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1035957", "reference_id": "1035957", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1035957" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036280", "reference_id": "1036280", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036280" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2187758", "reference_id": "2187758", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2187758" }, { "reference_url": "https://www.debian.org/security/2023/dsa-5430", "reference_id": "dsa-5430", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-16T14:39:35Z/" } ], "url": "https://www.debian.org/security/2023/dsa-5430" }, { "reference_url": "https://www.debian.org/security/2023/dsa-5478", "reference_id": "dsa-5478", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-16T14:39:35Z/" } ], "url": "https://www.debian.org/security/2023/dsa-5478" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00018.html", "reference_id": "msg00018.html", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-16T14:39:35Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00018.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20230427-0008/", "reference_id": "ntap-20230427-0008", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-16T14:39:35Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20230427-0008/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1875", "reference_id": "RHSA-2023:1875", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1875" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1877", "reference_id": "RHSA-2023:1877", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1877" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1878", "reference_id": "RHSA-2023:1878", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1878" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1879", "reference_id": "RHSA-2023:1879", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1879" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1880", "reference_id": "RHSA-2023:1880", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1880" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1882", "reference_id": "RHSA-2023:1882", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1882" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1883", "reference_id": "RHSA-2023:1883", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1883" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1884", "reference_id": "RHSA-2023:1884", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1884" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1885", "reference_id": "RHSA-2023:1885", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1885" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1889", "reference_id": "RHSA-2023:1889", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1889" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1890", "reference_id": "RHSA-2023:1890", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1890" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1891", "reference_id": "RHSA-2023:1891", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1891" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1892", "reference_id": "RHSA-2023:1892", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1892" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1895", "reference_id": "RHSA-2023:1895", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1895" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1898", "reference_id": "RHSA-2023:1898", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1898" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1899", "reference_id": "RHSA-2023:1899", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1899" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1900", "reference_id": "RHSA-2023:1900", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1900" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1903", "reference_id": "RHSA-2023:1903", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1903" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1904", "reference_id": "RHSA-2023:1904", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1904" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1905", "reference_id": "RHSA-2023:1905", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1905" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1906", "reference_id": "RHSA-2023:1906", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1906" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1907", "reference_id": "RHSA-2023:1907", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1907" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1908", "reference_id": "RHSA-2023:1908", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1908" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1909", "reference_id": "RHSA-2023:1909", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1909" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1910", "reference_id": "RHSA-2023:1910", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1910" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1911", "reference_id": "RHSA-2023:1911", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1911" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1912", "reference_id": "RHSA-2023:1912", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1912" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4103", "reference_id": "RHSA-2023:4103", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4103" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4160", "reference_id": "RHSA-2023:4160", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4160" }, { "reference_url": "https://usn.ubuntu.com/6077-1/", "reference_id": "USN-6077-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6077-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/933581?format=api", "purl": "pkg:deb/debian/openjdk-11@11.0.19%2B7-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.19%252B7-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933580?format=api", "purl": "pkg:deb/debian/openjdk-11@11.0.20%2B8-1~deb11u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.20%252B8-1~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933555?format=api", "purl": "pkg:deb/debian/openjdk-11@11.0.24%2B8-2~deb11u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.24%252B8-2~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933557?format=api", "purl": "pkg:deb/debian/openjdk-11@11.0.31~6ea-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.31~6ea-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1062445?format=api", "purl": "pkg:deb/debian/openjdk-11@11.0.31~10ea-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.31~10ea-1%3Fdistro=sid" } ], "aliases": [ "CVE-2023-21938" ], "risk_score": 1.6, "exploitability": "0.5", "weighted_severity": "3.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-q5gr-6u92-6ybk" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31957?format=api", "vulnerability_id": "VCID-x4ms-sbj7-aufu", "summary": "Multiple vulnerabilities have been discovered in OpenJDK, the worst of which could lead to remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-22006.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-22006.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-22006", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00147", "scoring_system": "epss", "scoring_elements": "0.35272", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00147", "scoring_system": "epss", "scoring_elements": "0.353", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00147", "scoring_system": "epss", "scoring_elements": "0.35182", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00147", "scoring_system": "epss", "scoring_elements": "0.35226", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00147", "scoring_system": "epss", "scoring_elements": "0.35251", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00147", "scoring_system": "epss", "scoring_elements": "0.35255", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00147", "scoring_system": "epss", "scoring_elements": "0.3522", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00147", "scoring_system": "epss", "scoring_elements": "0.35196", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00147", "scoring_system": "epss", "scoring_elements": "0.35235", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-22006" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21930", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21930" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21937", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21937" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21938", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21938" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21939", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21939" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21954", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21954" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21967", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21967" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21968", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21968" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22006", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22006" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22036", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22036" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22041", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22041" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22045", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22045" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22049", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22049" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2221626", "reference_id": "2221626", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2221626" }, { "reference_url": "https://security.gentoo.org/glsa/202407-24", "reference_id": "GLSA-202407-24", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202407-24" }, { "reference_url": "https://security.gentoo.org/glsa/202412-07", "reference_id": "GLSA-202412-07", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-07" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4157", "reference_id": "RHSA-2023:4157", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4157" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4158", "reference_id": "RHSA-2023:4158", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4158" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4159", "reference_id": "RHSA-2023:4159", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4159" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4161", "reference_id": "RHSA-2023:4161", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4161" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4162", "reference_id": "RHSA-2023:4162", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4162" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4163", "reference_id": "RHSA-2023:4163", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4163" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4164", "reference_id": "RHSA-2023:4164", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4164" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4165", "reference_id": "RHSA-2023:4165", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4165" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4169", "reference_id": "RHSA-2023:4169", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4169" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4170", "reference_id": "RHSA-2023:4170", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4170" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4171", "reference_id": "RHSA-2023:4171", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4171" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4175", "reference_id": "RHSA-2023:4175", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4175" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4177", "reference_id": "RHSA-2023:4177", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4177" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4208", "reference_id": "RHSA-2023:4208", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4208" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4210", "reference_id": "RHSA-2023:4210", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4210" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4211", "reference_id": "RHSA-2023:4211", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4211" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4233", "reference_id": "RHSA-2023:4233", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4233" }, { "reference_url": "https://usn.ubuntu.com/6263-1/", "reference_id": "USN-6263-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6263-1/" }, { "reference_url": "https://usn.ubuntu.com/6272-1/", "reference_id": "USN-6272-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6272-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/933580?format=api", "purl": "pkg:deb/debian/openjdk-11@11.0.20%2B8-1~deb11u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.20%252B8-1~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933582?format=api", "purl": "pkg:deb/debian/openjdk-11@11.0.20%2B8-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.20%252B8-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933555?format=api", "purl": "pkg:deb/debian/openjdk-11@11.0.24%2B8-2~deb11u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.24%252B8-2~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933557?format=api", "purl": "pkg:deb/debian/openjdk-11@11.0.31~6ea-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.31~6ea-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1062445?format=api", "purl": "pkg:deb/debian/openjdk-11@11.0.31~10ea-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.31~10ea-1%3Fdistro=sid" } ], "aliases": [ "CVE-2023-22006" ], "risk_score": 1.4, "exploitability": "0.5", "weighted_severity": "2.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-x4ms-sbj7-aufu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/78476?format=api", "vulnerability_id": "VCID-xk2v-7cgk-13ex", "summary": "OpenJDK: certificate validation issue in TLS session negotiation (8298310)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-21967.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-21967.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-21967", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00071", "scoring_system": "epss", "scoring_elements": "0.2175", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00071", "scoring_system": "epss", "scoring_elements": "0.21605", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00071", "scoring_system": "epss", "scoring_elements": "0.21805", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00071", "scoring_system": "epss", "scoring_elements": "0.21556", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00071", "scoring_system": "epss", "scoring_elements": "0.21633", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00071", "scoring_system": "epss", "scoring_elements": "0.21691", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00071", "scoring_system": "epss", "scoring_elements": "0.21702", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00071", "scoring_system": "epss", "scoring_elements": "0.21664", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00071", "scoring_system": "epss", "scoring_elements": "0.21607", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-21967" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21930", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21930" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21937", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21937" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21938", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21938" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21939", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21939" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21954", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21954" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21967", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21967" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21968", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21968" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22006", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22006" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22036", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22036" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22041", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22041" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22045", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22045" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22049", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22049" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1035957", "reference_id": "1035957", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1035957" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036280", "reference_id": "1036280", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036280" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2187704", "reference_id": "2187704", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2187704" }, { "reference_url": "https://www.debian.org/security/2023/dsa-5430", "reference_id": "dsa-5430", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-17T13:34:32Z/" } ], "url": "https://www.debian.org/security/2023/dsa-5430" }, { "reference_url": "https://www.debian.org/security/2023/dsa-5478", "reference_id": "dsa-5478", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-17T13:34:32Z/" } ], "url": "https://www.debian.org/security/2023/dsa-5478" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00018.html", "reference_id": "msg00018.html", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-17T13:34:32Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00018.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20230427-0008/", "reference_id": "ntap-20230427-0008", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-17T13:34:32Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20230427-0008/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1875", "reference_id": "RHSA-2023:1875", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1875" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1877", "reference_id": "RHSA-2023:1877", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1877" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1878", "reference_id": "RHSA-2023:1878", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1878" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1879", "reference_id": "RHSA-2023:1879", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1879" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1880", "reference_id": "RHSA-2023:1880", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1880" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1882", "reference_id": "RHSA-2023:1882", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1882" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1883", "reference_id": "RHSA-2023:1883", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1883" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1884", "reference_id": "RHSA-2023:1884", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1884" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1885", "reference_id": "RHSA-2023:1885", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1885" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1889", "reference_id": "RHSA-2023:1889", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1889" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1890", "reference_id": "RHSA-2023:1890", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1890" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1891", "reference_id": "RHSA-2023:1891", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1891" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1892", "reference_id": "RHSA-2023:1892", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1892" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1895", "reference_id": "RHSA-2023:1895", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1895" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1898", "reference_id": "RHSA-2023:1898", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1898" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1899", "reference_id": "RHSA-2023:1899", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1899" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1900", "reference_id": "RHSA-2023:1900", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1900" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1903", "reference_id": "RHSA-2023:1903", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1903" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1904", "reference_id": "RHSA-2023:1904", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1904" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1905", "reference_id": "RHSA-2023:1905", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1905" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1906", "reference_id": "RHSA-2023:1906", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1906" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1907", "reference_id": "RHSA-2023:1907", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1907" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1908", "reference_id": "RHSA-2023:1908", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1908" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1909", "reference_id": "RHSA-2023:1909", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1909" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1910", "reference_id": "RHSA-2023:1910", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1910" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1911", "reference_id": "RHSA-2023:1911", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1911" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1912", "reference_id": "RHSA-2023:1912", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1912" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4103", "reference_id": "RHSA-2023:4103", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4103" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4160", "reference_id": "RHSA-2023:4160", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4160" }, { "reference_url": "https://usn.ubuntu.com/6077-1/", "reference_id": "USN-6077-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6077-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/933581?format=api", "purl": "pkg:deb/debian/openjdk-11@11.0.19%2B7-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.19%252B7-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933580?format=api", "purl": "pkg:deb/debian/openjdk-11@11.0.20%2B8-1~deb11u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.20%252B8-1~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933555?format=api", "purl": "pkg:deb/debian/openjdk-11@11.0.24%2B8-2~deb11u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.24%252B8-2~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933557?format=api", "purl": "pkg:deb/debian/openjdk-11@11.0.31~6ea-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.31~6ea-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1062445?format=api", "purl": "pkg:deb/debian/openjdk-11@11.0.31~10ea-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.31~10ea-1%3Fdistro=sid" } ], "aliases": [ "CVE-2023-21967" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-xk2v-7cgk-13ex" } ], "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.20%252B8-1~deb11u1%3Fdistro=sid" }