Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/933602?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/933602?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1?distro=sid", "type": "deb", "namespace": "debian", "name": "openjdk-17", "version": "17.0.17+10-1~deb12u1", "qualifiers": { "distro": "sid" }, "subpath": "", "is_vulnerable": false, "next_non_vulnerable_version": "17.0.17+10-1", "latest_non_vulnerable_version": "17.0.19~9ea-1", "affected_by_vulnerabilities": [], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/70352?format=api", "vulnerability_id": "VCID-11vj-5zz4-6fe7", "summary": "openjdk: Enhance Buffered Image handling (Oracle CPU 2025-04)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-30698.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.6", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-30698.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-30698", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00605", "scoring_system": "epss", "scoring_elements": "0.69565", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00605", "scoring_system": "epss", "scoring_elements": "0.69661", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00605", "scoring_system": "epss", "scoring_elements": "0.6965", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00605", "scoring_system": "epss", "scoring_elements": "0.69635", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00605", "scoring_system": "epss", "scoring_elements": "0.69621", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00605", "scoring_system": "epss", "scoring_elements": "0.69581", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00605", "scoring_system": "epss", "scoring_elements": "0.6956", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00605", "scoring_system": "epss", "scoring_elements": "0.69611", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00605", "scoring_system": "epss", "scoring_elements": "0.69627", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-30698" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-30698", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-30698" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103897", "reference_id": "1103897", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103897" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103898", "reference_id": "1103898", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103898" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103899", "reference_id": "1103899", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103899" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103900", "reference_id": "1103900", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103900" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2359693", "reference_id": "2359693", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2359693" }, { "reference_url": "https://www.oracle.com/security-alerts/cpuapr2025.html", "reference_id": "cpuapr2025.html", "reference_type": "", "scores": [ { "value": "5.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-16T14:13:36Z/" } ], "url": "https://www.oracle.com/security-alerts/cpuapr2025.html" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3844", "reference_id": "RHSA-2025:3844", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3844" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3845", "reference_id": "RHSA-2025:3845", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3845" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3846", "reference_id": "RHSA-2025:3846", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3846" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3847", "reference_id": "RHSA-2025:3847", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3847" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3848", "reference_id": "RHSA-2025:3848", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3848" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3849", "reference_id": "RHSA-2025:3849", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3849" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3850", "reference_id": "RHSA-2025:3850", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3850" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3852", "reference_id": "RHSA-2025:3852", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3852" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3853", "reference_id": "RHSA-2025:3853", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3853" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3854", "reference_id": "RHSA-2025:3854", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3854" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3855", "reference_id": "RHSA-2025:3855", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3855" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3856", "reference_id": "RHSA-2025:3856", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3856" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3857", "reference_id": "RHSA-2025:3857", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3857" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7508", "reference_id": "RHSA-2025:7508", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:7508" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8063", "reference_id": "RHSA-2025:8063", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8063" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8431", "reference_id": "RHSA-2025:8431", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8431" }, { "reference_url": "https://usn.ubuntu.com/7480-1/", "reference_id": "USN-7480-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7480-1/" }, { "reference_url": "https://usn.ubuntu.com/7481-1/", "reference_id": "USN-7481-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7481-1/" }, { "reference_url": "https://usn.ubuntu.com/7482-1/", "reference_id": "USN-7482-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7482-1/" }, { "reference_url": "https://usn.ubuntu.com/7483-1/", "reference_id": "USN-7483-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7483-1/" }, { "reference_url": "https://usn.ubuntu.com/7484-1/", "reference_id": "USN-7484-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7484-1/" }, { "reference_url": "https://usn.ubuntu.com/7531-1/", "reference_id": "USN-7531-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7531-1/" }, { "reference_url": "https://usn.ubuntu.com/7533-1/", "reference_id": "USN-7533-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7533-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/933604?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.12%2B7-2~deb11u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.12%252B7-2~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933641?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.15%2B6-1~deb11u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.15%252B6-1~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933640?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.15%2B6-1~deb12u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.15%252B6-1~deb12u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933642?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.15%2B6-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.15%252B6-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933602?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.17%252B10-1~deb12u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933605?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.19~6ea-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~6ea-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1062446?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.19~9ea-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-1%3Fdistro=sid" } ], "aliases": [ "CVE-2025-30698" ], "risk_score": 2.5, "exploitability": "0.5", "weighted_severity": "5.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-11vj-5zz4-6fe7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/66833?format=api", "vulnerability_id": "VCID-13t7-vubq-8kae", "summary": "openjdk: Enhance certificate handling (Oracle CPU 2025-10)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-53057.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-53057.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-53057", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00075", "scoring_system": "epss", "scoring_elements": "0.22702", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00075", "scoring_system": "epss", "scoring_elements": "0.22602", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00075", "scoring_system": "epss", "scoring_elements": "0.22683", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00075", "scoring_system": "epss", "scoring_elements": "0.22642", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00075", "scoring_system": "epss", "scoring_elements": "0.22587", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00075", "scoring_system": "epss", "scoring_elements": "0.22747", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00075", "scoring_system": "epss", "scoring_elements": "0.22535", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00075", "scoring_system": "epss", "scoring_elements": "0.22612", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00075", "scoring_system": "epss", "scoring_elements": "0.22666", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-53057" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-53057", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-53057" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1118944", "reference_id": "1118944", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1118944" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2403082", "reference_id": "2403082", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2403082" }, { "reference_url": "https://www.oracle.com/security-alerts/cpuoct2025.html", "reference_id": "cpuoct2025.html", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-22T14:46:38Z/" } ], "url": "https://www.oracle.com/security-alerts/cpuoct2025.html" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:18814", "reference_id": "RHSA-2025:18814", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:18814" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:18815", "reference_id": "RHSA-2025:18815", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:18815" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:18816", "reference_id": "RHSA-2025:18816", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:18816" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:18817", "reference_id": "RHSA-2025:18817", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:18817" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:18818", "reference_id": "RHSA-2025:18818", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:18818" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:18819", "reference_id": "RHSA-2025:18819", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:18819" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:18820", "reference_id": "RHSA-2025:18820", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:18820" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:18821", "reference_id": "RHSA-2025:18821", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:18821" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:18822", "reference_id": "RHSA-2025:18822", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:18822" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:18823", "reference_id": "RHSA-2025:18823", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:18823" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:18824", "reference_id": "RHSA-2025:18824", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:18824" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:18825", "reference_id": "RHSA-2025:18825", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:18825" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:18826", "reference_id": "RHSA-2025:18826", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:18826" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21485", "reference_id": "RHSA-2025:21485", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21485" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22370", "reference_id": "RHSA-2025:22370", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22370" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22672", "reference_id": "RHSA-2025:22672", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22672" }, { "reference_url": "https://usn.ubuntu.com/7881-1/", "reference_id": "USN-7881-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7881-1/" }, { "reference_url": "https://usn.ubuntu.com/7882-1/", "reference_id": "USN-7882-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7882-1/" }, { "reference_url": "https://usn.ubuntu.com/7883-1/", "reference_id": "USN-7883-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7883-1/" }, { "reference_url": "https://usn.ubuntu.com/7884-1/", "reference_id": "USN-7884-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7884-1/" }, { "reference_url": "https://usn.ubuntu.com/7885-1/", "reference_id": "USN-7885-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7885-1/" }, { "reference_url": "https://usn.ubuntu.com/7900-1/", "reference_id": "USN-7900-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7900-1/" }, { "reference_url": "https://usn.ubuntu.com/7901-1/", "reference_id": "USN-7901-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7901-1/" }, { "reference_url": "https://usn.ubuntu.com/7902-1/", "reference_id": "USN-7902-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7902-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/933604?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.12%2B7-2~deb11u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.12%252B7-2~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933646?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb11u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.17%252B10-1~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933602?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.17%252B10-1~deb12u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933647?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.17%2B10-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.17%252B10-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933605?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.19~6ea-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~6ea-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1062446?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.19~9ea-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-1%3Fdistro=sid" } ], "aliases": [ "CVE-2025-53057" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-13t7-vubq-8kae" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31964?format=api", "vulnerability_id": "VCID-1buj-5nv9-bbcd", "summary": "Multiple vulnerabilities have been discovered in OpenJDK, the worst of which could lead to remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-22044.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-22044.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-22044", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00141", "scoring_system": "epss", "scoring_elements": "0.34387", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00141", "scoring_system": "epss", "scoring_elements": "0.34329", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00141", "scoring_system": "epss", "scoring_elements": "0.34415", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00141", "scoring_system": "epss", "scoring_elements": "0.34282", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00141", "scoring_system": "epss", "scoring_elements": "0.34325", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00141", "scoring_system": "epss", "scoring_elements": "0.34355", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00141", "scoring_system": "epss", "scoring_elements": "0.34357", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00141", "scoring_system": "epss", "scoring_elements": "0.34317", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00141", "scoring_system": "epss", "scoring_elements": "0.34294", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-22044" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22044", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22044" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2221642", "reference_id": "2221642", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2221642" }, { "reference_url": "https://www.oracle.com/security-alerts/cpujul2023.html", "reference_id": "cpujul2023.html", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-13T16:29:00Z/" } ], "url": "https://www.oracle.com/security-alerts/cpujul2023.html" }, { "reference_url": "https://www.debian.org/security/2023/dsa-5458", "reference_id": "dsa-5458", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-13T16:29:00Z/" } ], "url": "https://www.debian.org/security/2023/dsa-5458" }, { "reference_url": "https://security.gentoo.org/glsa/202407-24", "reference_id": "GLSA-202407-24", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202407-24" }, { "reference_url": "https://security.gentoo.org/glsa/202412-07", "reference_id": "GLSA-202412-07", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-07" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20230725-0006/", "reference_id": "ntap-20230725-0006", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-13T16:29:00Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20230725-0006/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4159", "reference_id": "RHSA-2023:4159", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4159" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4169", "reference_id": "RHSA-2023:4169", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4169" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4170", "reference_id": "RHSA-2023:4170", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4170" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4171", "reference_id": "RHSA-2023:4171", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4171" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4177", "reference_id": "RHSA-2023:4177", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4177" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4210", "reference_id": "RHSA-2023:4210", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4210" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4211", "reference_id": "RHSA-2023:4211", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4211" }, { "reference_url": "https://usn.ubuntu.com/6263-1/", "reference_id": "USN-6263-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6263-1/" }, { "reference_url": "https://usn.ubuntu.com/6272-1/", "reference_id": "USN-6272-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6272-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/933621?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.8%2B7-1~deb12u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.8%252B7-1~deb12u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933622?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.8%2B7-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.8%252B7-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933604?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.12%2B7-2~deb11u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.12%252B7-2~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933602?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.17%252B10-1~deb12u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933605?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.19~6ea-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~6ea-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1062446?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.19~9ea-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-1%3Fdistro=sid" } ], "aliases": [ "CVE-2023-22044" ], "risk_score": 1.6, "exploitability": "0.5", "weighted_severity": "3.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1buj-5nv9-bbcd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/79485?format=api", "vulnerability_id": "VCID-1d6t-ndfc-m7hg", "summary": "OpenJDK: Missing check for negative ObjectIdentifier (Libraries, 8275151)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21443.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21443.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-21443", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00058", "scoring_system": "epss", "scoring_elements": "0.1802", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00058", "scoring_system": "epss", "scoring_elements": "0.18274", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00058", "scoring_system": "epss", "scoring_elements": "0.18326", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00058", "scoring_system": "epss", "scoring_elements": "0.18029", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00058", "scoring_system": "epss", "scoring_elements": "0.18111", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00058", "scoring_system": "epss", "scoring_elements": "0.18168", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00058", "scoring_system": "epss", "scoring_elements": "0.18174", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00058", "scoring_system": "epss", "scoring_elements": "0.18126", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00058", "scoring_system": "epss", "scoring_elements": "0.18078", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-21443" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21426", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21426" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21434", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21434" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21443", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21443" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21449", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21449" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21476", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21476" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21496", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21496" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2075793", "reference_id": "2075793", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2075793" }, { "reference_url": "https://security.archlinux.org/AVG-2686", "reference_id": "AVG-2686", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2686" }, { "reference_url": "https://security.archlinux.org/AVG-2687", "reference_id": "AVG-2687", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2687" }, { "reference_url": "https://security.archlinux.org/AVG-2688", "reference_id": "AVG-2688", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2688" }, { "reference_url": "https://security.archlinux.org/AVG-2689", "reference_id": "AVG-2689", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2689" }, { "reference_url": "https://www.debian.org/security/2022/dsa-5128", "reference_id": "dsa-5128", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-24T15:31:25Z/" } ], "url": "https://www.debian.org/security/2022/dsa-5128" }, { "reference_url": "https://www.debian.org/security/2022/dsa-5131", "reference_id": "dsa-5131", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-24T15:31:25Z/" } ], "url": "https://www.debian.org/security/2022/dsa-5131" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2022/05/msg00017.html", "reference_id": "msg00017.html", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-24T15:31:25Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2022/05/msg00017.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20220429-0006/", "reference_id": "ntap-20220429-0006", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-24T15:31:25Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20220429-0006/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1435", "reference_id": "RHSA-2022:1435", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1435" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1436", "reference_id": "RHSA-2022:1436", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1436" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1437", "reference_id": "RHSA-2022:1437", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1437" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1438", "reference_id": "RHSA-2022:1438", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1438" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1439", "reference_id": "RHSA-2022:1439", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1439" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1440", "reference_id": "RHSA-2022:1440", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1440" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1441", "reference_id": "RHSA-2022:1441", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1441" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1442", "reference_id": "RHSA-2022:1442", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1442" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1443", "reference_id": "RHSA-2022:1443", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1443" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1444", "reference_id": "RHSA-2022:1444", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1444" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1445", "reference_id": "RHSA-2022:1445", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1445" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1487", "reference_id": "RHSA-2022:1487", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1487" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1488", "reference_id": "RHSA-2022:1488", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1488" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1489", "reference_id": "RHSA-2022:1489", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1489" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1490", "reference_id": "RHSA-2022:1490", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1490" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1491", "reference_id": "RHSA-2022:1491", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1491" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1492", "reference_id": "RHSA-2022:1492", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1492" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1728", "reference_id": "RHSA-2022:1728", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1728" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1729", "reference_id": "RHSA-2022:1729", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1729" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:2137", "reference_id": "RHSA-2022:2137", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:2137" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4957", "reference_id": "RHSA-2022:4957", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4957" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4959", "reference_id": "RHSA-2022:4959", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4959" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5837", "reference_id": "RHSA-2022:5837", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5837" }, { "reference_url": "https://usn.ubuntu.com/5388-1/", "reference_id": "USN-5388-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5388-1/" }, { "reference_url": "https://usn.ubuntu.com/5388-2/", "reference_id": "USN-5388-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5388-2/" }, { "reference_url": "https://usn.ubuntu.com/5546-1/", "reference_id": "USN-5546-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5546-1/" }, { "reference_url": "https://usn.ubuntu.com/5546-2/", "reference_id": "USN-5546-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5546-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/933612?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.3%2B7-1~deb11u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.3%252B7-1~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933611?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.3%2B7-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.3%252B7-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933604?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.12%2B7-2~deb11u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.12%252B7-2~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933602?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.17%252B10-1~deb12u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933605?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.19~6ea-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~6ea-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1062446?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.19~9ea-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-1%3Fdistro=sid" } ], "aliases": [ "CVE-2022-21443" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1d6t-ndfc-m7hg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/76844?format=api", "vulnerability_id": "VCID-2tju-1r8k-sbf9", "summary": "OpenJDK: C2 compilation fails with \"Exceeded _node_regs array\" (8317507)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21094.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21094.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-21094", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00417", "scoring_system": "epss", "scoring_elements": "0.61798", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00417", "scoring_system": "epss", "scoring_elements": "0.6173", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00417", "scoring_system": "epss", "scoring_elements": "0.61701", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00417", "scoring_system": "epss", "scoring_elements": "0.6175", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00417", "scoring_system": "epss", "scoring_elements": "0.61766", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00417", "scoring_system": "epss", "scoring_elements": "0.61787", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00417", "scoring_system": "epss", "scoring_elements": "0.61775", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00417", "scoring_system": "epss", "scoring_elements": "0.61756", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00417", "scoring_system": "epss", "scoring_elements": "0.617", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-21094" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21011", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21011" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21012", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21012" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21068", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21068" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21085", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21085" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21094", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21094" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1069678", "reference_id": "1069678", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1069678" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2275005", "reference_id": "2275005", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2275005" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm:20.3.13:*:*:*:enterprise:*:*:*", "reference_id": "cpe:2.3:a:oracle:graalvm:20.3.13:*:*:*:enterprise:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm:20.3.13:*:*:*:enterprise:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm:21.3.9:*:*:*:enterprise:*:*:*", "reference_id": "cpe:2.3:a:oracle:graalvm:21.3.9:*:*:*:enterprise:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm:21.3.9:*:*:*:enterprise:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:17.0.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:graalvm_for_jdk:17.0.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:17.0.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:21.0.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:graalvm_for_jdk:21.0.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:21.0.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:22:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:graalvm_for_jdk:22:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:22:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:11.0.22:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:java_se:11.0.22:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:11.0.22:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:17.0.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:java_se:17.0.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:17.0.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:21.0.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:java_se:21.0.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:21.0.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:22:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:java_se:22:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:22:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:8u401:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:java_se:8u401:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:8u401:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:8u401:*:*:*:enterprise_performance:*:*:*", "reference_id": "cpe:2.3:a:oracle:java_se:8u401:*:*:*:enterprise_performance:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:8u401:*:*:*:enterprise_performance:*:*:*" }, { "reference_url": "https://www.oracle.com/security-alerts/cpuapr2024.html", "reference_id": "cpuapr2024.html", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-23T13:58:54Z/" } ], "url": "https://www.oracle.com/security-alerts/cpuapr2024.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00014.html", "reference_id": "msg00014.html", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-23T13:58:54Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00014.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20240426-0004/", "reference_id": "ntap-20240426-0004", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-23T13:58:54Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20240426-0004/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0248", "reference_id": "RHSA-2024:0248", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0248" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0249", "reference_id": "RHSA-2024:0249", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0249" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1815", "reference_id": "RHSA-2024:1815", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1815" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1816", "reference_id": "RHSA-2024:1816", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1816" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1817", "reference_id": "RHSA-2024:1817", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1817" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1818", "reference_id": "RHSA-2024:1818", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1818" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1819", "reference_id": "RHSA-2024:1819", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1819" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1820", "reference_id": "RHSA-2024:1820", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1820" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1821", "reference_id": "RHSA-2024:1821", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1821" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1822", "reference_id": "RHSA-2024:1822", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1822" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1823", "reference_id": "RHSA-2024:1823", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1823" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1824", "reference_id": "RHSA-2024:1824", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1824" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1825", "reference_id": "RHSA-2024:1825", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1825" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1826", "reference_id": "RHSA-2024:1826", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1826" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1828", "reference_id": "RHSA-2024:1828", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1828" }, { "reference_url": "https://usn.ubuntu.com/6810-1/", "reference_id": "USN-6810-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6810-1/" }, { "reference_url": "https://usn.ubuntu.com/6811-1/", "reference_id": "USN-6811-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6811-1/" }, { "reference_url": "https://usn.ubuntu.com/6812-1/", "reference_id": "USN-6812-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6812-1/" }, { "reference_url": "https://usn.ubuntu.com/6813-1/", "reference_id": "USN-6813-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6813-1/" }, { "reference_url": "https://usn.ubuntu.com/7096-1/", "reference_id": "USN-7096-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7096-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/933630?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.11%2B9-1~deb11u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.11%252B9-1~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933629?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.11%2B9-1~deb12u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.11%252B9-1~deb12u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933631?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.11%2B9-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.11%252B9-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933604?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.12%2B7-2~deb11u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.12%252B7-2~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933602?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.17%252B10-1~deb12u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933605?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.19~6ea-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~6ea-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1062446?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.19~9ea-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-1%3Fdistro=sid" } ], "aliases": [ "CVE-2024-21094" ], "risk_score": 1.6, "exploitability": "0.5", "weighted_severity": "3.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2tju-1r8k-sbf9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/34358?format=api", "vulnerability_id": "VCID-3aae-859j-1bg9", "summary": "Multiple vulnerabilities have been found in OpenJDK, the worst of which could result in denial of service.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21293.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21293.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-21293", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00096", "scoring_system": "epss", "scoring_elements": "0.26644", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00096", "scoring_system": "epss", "scoring_elements": "0.26688", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00096", "scoring_system": "epss", "scoring_elements": "0.26473", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00096", "scoring_system": "epss", "scoring_elements": "0.26541", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00096", "scoring_system": "epss", "scoring_elements": "0.2659", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00096", "scoring_system": "epss", "scoring_elements": "0.26596", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00096", "scoring_system": "epss", "scoring_elements": "0.26551", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00096", "scoring_system": "epss", "scoring_elements": "0.26494", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00096", "scoring_system": "epss", "scoring_elements": "0.265", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-21293" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21248", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21248" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21277", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21277" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21282", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21282" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21283", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21283" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21291", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21291" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21293", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21293" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21294", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21294" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21296", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21296" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21299", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21299" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21305", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21305" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21340", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21340" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21341", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21341" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21360", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21360" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21365", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21365" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21366", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21366" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2041417", "reference_id": "2041417", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2041417" }, { "reference_url": "https://security.gentoo.org/glsa/202209-05", "reference_id": "GLSA-202209-05", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202209-05" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0161", "reference_id": "RHSA-2022:0161", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0161" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0165", "reference_id": "RHSA-2022:0165", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0165" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0166", "reference_id": "RHSA-2022:0166", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0166" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0185", "reference_id": "RHSA-2022:0185", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0185" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0204", "reference_id": "RHSA-2022:0204", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0204" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0209", "reference_id": "RHSA-2022:0209", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0209" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0211", "reference_id": "RHSA-2022:0211", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0211" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0228", "reference_id": "RHSA-2022:0228", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0228" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0229", "reference_id": "RHSA-2022:0229", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0229" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0233", "reference_id": "RHSA-2022:0233", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0233" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0304", "reference_id": "RHSA-2022:0304", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0304" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0305", "reference_id": "RHSA-2022:0305", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0305" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0306", "reference_id": "RHSA-2022:0306", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0306" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0307", "reference_id": "RHSA-2022:0307", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0307" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0312", "reference_id": "RHSA-2022:0312", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0312" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0317", "reference_id": "RHSA-2022:0317", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0317" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0321", "reference_id": "RHSA-2022:0321", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0321" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0968", "reference_id": "RHSA-2022:0968", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0968" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0969", "reference_id": "RHSA-2022:0969", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0969" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0970", "reference_id": "RHSA-2022:0970", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0970" }, { "reference_url": "https://usn.ubuntu.com/5313-1/", "reference_id": "USN-5313-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5313-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/933610?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.2%2B8-1~deb11u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.2%252B8-1~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933609?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.2%2B8-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.2%252B8-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933604?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.12%2B7-2~deb11u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.12%252B7-2~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933602?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.17%252B10-1~deb12u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933605?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.19~6ea-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~6ea-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1062446?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.19~9ea-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-1%3Fdistro=sid" } ], "aliases": [ "CVE-2022-21293" ], "risk_score": 2.4, "exploitability": "0.5", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3aae-859j-1bg9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/34372?format=api", "vulnerability_id": "VCID-3hj5-z3ck-tkha", "summary": "Multiple vulnerabilities have been found in OpenJDK, the worst of which could result in denial of service.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21365.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21365.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-21365", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00112", "scoring_system": "epss", "scoring_elements": "0.29664", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00112", "scoring_system": "epss", "scoring_elements": "0.29741", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00112", "scoring_system": "epss", "scoring_elements": "0.29633", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00112", "scoring_system": "epss", "scoring_elements": "0.29614", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00112", "scoring_system": "epss", "scoring_elements": "0.29788", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00112", "scoring_system": "epss", "scoring_elements": "0.29607", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00112", "scoring_system": "epss", "scoring_elements": "0.29669", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00112", "scoring_system": "epss", "scoring_elements": "0.29706", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00112", "scoring_system": "epss", "scoring_elements": "0.29709", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-21365" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21248", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21248" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21277", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21277" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21282", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21282" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21283", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21283" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21291", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21291" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21293", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21293" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21294", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21294" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21296", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21296" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21299", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21299" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21305", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21305" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21340", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21340" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21341", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21341" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21360", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21360" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21365", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21365" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21366", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21366" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2041785", "reference_id": "2041785", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2041785" }, { "reference_url": "https://www.debian.org/security/2022/dsa-5057", "reference_id": "dsa-5057", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-30T20:59:23Z/" } ], "url": "https://www.debian.org/security/2022/dsa-5057" }, { "reference_url": "https://www.debian.org/security/2022/dsa-5058", "reference_id": "dsa-5058", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-30T20:59:23Z/" } ], "url": "https://www.debian.org/security/2022/dsa-5058" }, { "reference_url": "https://security.gentoo.org/glsa/202209-05", "reference_id": "GLSA-202209-05", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-30T20:59:23Z/" } ], "url": "https://security.gentoo.org/glsa/202209-05" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2022/02/msg00011.html", "reference_id": "msg00011.html", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-30T20:59:23Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2022/02/msg00011.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20220121-0007/", "reference_id": "ntap-20220121-0007", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-30T20:59:23Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20220121-0007/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0161", "reference_id": "RHSA-2022:0161", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0161" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0165", "reference_id": "RHSA-2022:0165", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0165" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0166", "reference_id": "RHSA-2022:0166", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0166" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0185", "reference_id": "RHSA-2022:0185", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0185" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0204", "reference_id": "RHSA-2022:0204", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0204" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0209", "reference_id": "RHSA-2022:0209", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0209" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0211", "reference_id": "RHSA-2022:0211", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0211" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0228", "reference_id": "RHSA-2022:0228", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0228" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0229", "reference_id": "RHSA-2022:0229", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0229" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0233", "reference_id": "RHSA-2022:0233", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0233" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0304", "reference_id": "RHSA-2022:0304", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0304" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0305", "reference_id": "RHSA-2022:0305", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0305" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0306", "reference_id": "RHSA-2022:0306", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0306" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0307", "reference_id": "RHSA-2022:0307", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0307" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0312", "reference_id": "RHSA-2022:0312", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0312" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0317", "reference_id": "RHSA-2022:0317", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0317" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0321", "reference_id": "RHSA-2022:0321", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0321" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0968", "reference_id": "RHSA-2022:0968", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0968" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0969", "reference_id": "RHSA-2022:0969", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0969" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0970", "reference_id": "RHSA-2022:0970", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0970" }, { "reference_url": "https://usn.ubuntu.com/5313-1/", "reference_id": "USN-5313-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5313-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/933610?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.2%2B8-1~deb11u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.2%252B8-1~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933609?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.2%2B8-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.2%252B8-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933604?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.12%2B7-2~deb11u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.12%252B7-2~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933602?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.17%252B10-1~deb12u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933605?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.19~6ea-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~6ea-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1062446?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.19~9ea-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-1%3Fdistro=sid" } ], "aliases": [ "CVE-2022-21365" ], "risk_score": 2.4, "exploitability": "0.5", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3hj5-z3ck-tkha" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/34432?format=api", "vulnerability_id": "VCID-3tav-ffar-hfhb", "summary": "Multiple vulnerabilities have been found in IcedTea, the worst of which could result in arbitrary code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-21843.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-21843.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-21843", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00117", "scoring_system": "epss", "scoring_elements": "0.30703", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00117", "scoring_system": "epss", "scoring_elements": "0.30591", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00117", "scoring_system": "epss", "scoring_elements": "0.30619", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00117", "scoring_system": "epss", "scoring_elements": "0.30653", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00117", "scoring_system": "epss", "scoring_elements": "0.30658", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00117", "scoring_system": "epss", "scoring_elements": "0.30613", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00117", "scoring_system": "epss", "scoring_elements": "0.30566", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00117", "scoring_system": "epss", "scoring_elements": "0.3075", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00117", "scoring_system": "epss", "scoring_elements": "0.30561", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-21843" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21618", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21618" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21619", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21619" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21624", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21624" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21626", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21626" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21628", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21628" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39399", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39399" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21835", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21835" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21843", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21843" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2160475", "reference_id": "2160475", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2160475" }, { "reference_url": "https://security.gentoo.org/glsa/202409-26", "reference_id": "GLSA-202409-26", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202409-26" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0190", "reference_id": "RHSA-2023:0190", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0190" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0191", "reference_id": "RHSA-2023:0191", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0191" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0192", "reference_id": "RHSA-2023:0192", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0192" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0193", "reference_id": "RHSA-2023:0193", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0193" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0194", "reference_id": "RHSA-2023:0194", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0194" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0195", "reference_id": "RHSA-2023:0195", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0195" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0196", "reference_id": "RHSA-2023:0196", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0196" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0197", "reference_id": "RHSA-2023:0197", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0197" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0198", "reference_id": "RHSA-2023:0198", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0198" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0199", "reference_id": "RHSA-2023:0199", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0199" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0200", "reference_id": "RHSA-2023:0200", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0200" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0201", "reference_id": "RHSA-2023:0201", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0201" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0202", "reference_id": "RHSA-2023:0202", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0202" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0203", "reference_id": "RHSA-2023:0203", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0203" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0204", "reference_id": "RHSA-2023:0204", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0204" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0205", "reference_id": "RHSA-2023:0205", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0205" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0206", "reference_id": "RHSA-2023:0206", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0206" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0207", "reference_id": "RHSA-2023:0207", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0207" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0208", "reference_id": "RHSA-2023:0208", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0208" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0209", "reference_id": "RHSA-2023:0209", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0209" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0210", "reference_id": "RHSA-2023:0210", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0210" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0352", "reference_id": "RHSA-2023:0352", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0352" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0353", "reference_id": "RHSA-2023:0353", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0353" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0354", "reference_id": "RHSA-2023:0354", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0354" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0387", "reference_id": "RHSA-2023:0387", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0387" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0388", "reference_id": "RHSA-2023:0388", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0388" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0389", "reference_id": "RHSA-2023:0389", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0389" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3136", "reference_id": "RHSA-2023:3136", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3136" }, { "reference_url": "https://usn.ubuntu.com/5897-1/", "reference_id": "USN-5897-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5897-1/" }, { "reference_url": "https://usn.ubuntu.com/5898-1/", "reference_id": "USN-5898-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5898-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/933616?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.6%2B10-1~deb11u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.6%252B10-1~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933617?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.6%2B10-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.6%252B10-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933604?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.12%2B7-2~deb11u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.12%252B7-2~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933602?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.17%252B10-1~deb12u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933605?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.19~6ea-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~6ea-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1062446?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.19~9ea-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-1%3Fdistro=sid" } ], "aliases": [ "CVE-2023-21843" ], "risk_score": 1.6, "exploitability": "0.5", "weighted_severity": "3.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3tav-ffar-hfhb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/60302?format=api", "vulnerability_id": "VCID-44t4-tppq-ybb3", "summary": "Multiple vulnerabilities have been discovered in OpenJDK, the worst of which can lead to remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21549.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21549.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-21549", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00227", "scoring_system": "epss", "scoring_elements": "0.45479", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00227", "scoring_system": "epss", "scoring_elements": "0.45501", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00227", "scoring_system": "epss", "scoring_elements": "0.45446", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00227", "scoring_system": "epss", "scoring_elements": "0.455", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00227", "scoring_system": "epss", "scoring_elements": "0.45521", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00227", "scoring_system": "epss", "scoring_elements": "0.45491", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00227", "scoring_system": "epss", "scoring_elements": "0.45496", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00227", "scoring_system": "epss", "scoring_elements": "0.45544", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-21549" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21540", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21540" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21541", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21541" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21549", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21549" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34169", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34169" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2108547", "reference_id": "2108547", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2108547" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5726", "reference_id": "RHSA-2022:5726", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5726" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5736", "reference_id": "RHSA-2022:5736", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5736" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5757", "reference_id": "RHSA-2022:5757", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5757" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5758", "reference_id": "RHSA-2022:5758", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5758" }, { "reference_url": "https://usn.ubuntu.com/5546-1/", "reference_id": "USN-5546-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5546-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/933614?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.4%2B8-1~deb11u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.4%252B8-1~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933613?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.4%2B8-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.4%252B8-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933604?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.12%2B7-2~deb11u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.12%252B7-2~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933602?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.17%252B10-1~deb12u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933605?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.19~6ea-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~6ea-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1062446?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.19~9ea-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-1%3Fdistro=sid" } ], "aliases": [ "CVE-2022-21549" ], "risk_score": 2.4, "exploitability": "0.5", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-44t4-tppq-ybb3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/60300?format=api", "vulnerability_id": "VCID-47ae-xdqr-6qgb", "summary": "Multiple vulnerabilities have been discovered in OpenJDK, the worst of which can lead to remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21540.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21540.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-21540", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00433", "scoring_system": "epss", "scoring_elements": "0.6268", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00433", "scoring_system": "epss", "scoring_elements": "0.62713", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00433", "scoring_system": "epss", "scoring_elements": "0.62677", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00433", "scoring_system": "epss", "scoring_elements": "0.62728", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00433", "scoring_system": "epss", "scoring_elements": "0.62745", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00433", "scoring_system": "epss", "scoring_elements": "0.62763", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00433", "scoring_system": "epss", "scoring_elements": "0.62752", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00433", "scoring_system": "epss", "scoring_elements": "0.62769", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-21540" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21540", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21540" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21541", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21541" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21549", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21549" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34169", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34169" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2108540", "reference_id": "2108540", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2108540" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5681", "reference_id": "RHSA-2022:5681", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5681" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5683", "reference_id": "RHSA-2022:5683", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5683" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5684", "reference_id": "RHSA-2022:5684", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5684" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5685", "reference_id": "RHSA-2022:5685", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5685" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5687", "reference_id": "RHSA-2022:5687", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5687" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5695", "reference_id": "RHSA-2022:5695", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5695" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5696", "reference_id": "RHSA-2022:5696", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5696" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5697", "reference_id": "RHSA-2022:5697", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5697" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5698", "reference_id": "RHSA-2022:5698", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5698" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5700", "reference_id": "RHSA-2022:5700", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5700" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5701", "reference_id": "RHSA-2022:5701", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5701" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5709", "reference_id": "RHSA-2022:5709", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5709" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5726", "reference_id": "RHSA-2022:5726", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5726" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5736", "reference_id": "RHSA-2022:5736", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5736" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5753", "reference_id": "RHSA-2022:5753", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5753" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5754", "reference_id": "RHSA-2022:5754", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5754" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5755", "reference_id": "RHSA-2022:5755", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5755" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5756", "reference_id": "RHSA-2022:5756", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5756" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5757", "reference_id": "RHSA-2022:5757", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5757" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5758", "reference_id": "RHSA-2022:5758", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5758" }, { "reference_url": "https://usn.ubuntu.com/5546-1/", "reference_id": "USN-5546-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5546-1/" }, { "reference_url": "https://usn.ubuntu.com/5546-2/", "reference_id": "USN-5546-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5546-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/933614?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.4%2B8-1~deb11u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.4%252B8-1~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933613?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.4%2B8-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.4%252B8-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933604?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.12%2B7-2~deb11u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.12%252B7-2~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933602?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.17%252B10-1~deb12u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933605?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.19~6ea-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~6ea-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1062446?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.19~9ea-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-1%3Fdistro=sid" } ], "aliases": [ "CVE-2022-21540" ], "risk_score": 2.4, "exploitability": "0.5", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-47ae-xdqr-6qgb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/64943?format=api", "vulnerability_id": "VCID-4snj-etwf-eqe8", "summary": "openjdk: Improve HttpServer Request handling (Oracle CPU 2026-01)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-21933.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-21933.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-21933", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00032", "scoring_system": "epss", "scoring_elements": "0.09035", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00032", "scoring_system": "epss", "scoring_elements": "0.08972", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00032", "scoring_system": "epss", "scoring_elements": "0.09122", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00032", "scoring_system": "epss", "scoring_elements": "0.09091", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00032", "scoring_system": "epss", "scoring_elements": "0.09077", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00032", "scoring_system": "epss", "scoring_elements": "0.09086", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00032", "scoring_system": "epss", "scoring_elements": "0.0901", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00032", "scoring_system": "epss", "scoring_elements": "0.0909", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00032", "scoring_system": "epss", "scoring_elements": "0.09121", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-21933" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-21933", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-21933" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1126119", "reference_id": "1126119", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1126119" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2429926", "reference_id": "2429926", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2429926" }, { "reference_url": "https://www.oracle.com/security-alerts/cpujan2026.html", "reference_id": "cpujan2026.html", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-21T20:56:13Z/" } ], "url": "https://www.oracle.com/security-alerts/cpujan2026.html" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0847", "reference_id": "RHSA-2026:0847", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0847" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0848", "reference_id": "RHSA-2026:0848", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0848" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0849", "reference_id": "RHSA-2026:0849", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0849" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0895", "reference_id": "RHSA-2026:0895", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0895" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0896", "reference_id": "RHSA-2026:0896", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0896" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0897", "reference_id": "RHSA-2026:0897", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0897" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0898", "reference_id": "RHSA-2026:0898", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0898" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0899", "reference_id": "RHSA-2026:0899", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0899" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0900", "reference_id": "RHSA-2026:0900", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0900" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0901", "reference_id": "RHSA-2026:0901", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0901" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0927", "reference_id": "RHSA-2026:0927", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0927" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0928", "reference_id": "RHSA-2026:0928", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0928" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0931", "reference_id": "RHSA-2026:0931", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0931" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0932", "reference_id": "RHSA-2026:0932", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0932" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0933", "reference_id": "RHSA-2026:0933", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0933" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1606", "reference_id": "RHSA-2026:1606", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1606" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4832", "reference_id": "RHSA-2026:4832", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4832" }, { "reference_url": "https://usn.ubuntu.com/7995-1/", "reference_id": "USN-7995-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7995-1/" }, { "reference_url": "https://usn.ubuntu.com/7996-1/", "reference_id": "USN-7996-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7996-1/" }, { "reference_url": "https://usn.ubuntu.com/7997-1/", "reference_id": "USN-7997-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7997-1/" }, { "reference_url": "https://usn.ubuntu.com/7998-1/", "reference_id": "USN-7998-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7998-1/" }, { "reference_url": "https://usn.ubuntu.com/8000-1/", "reference_id": "USN-8000-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8000-1/" }, { "reference_url": "https://usn.ubuntu.com/8001-1/", "reference_id": "USN-8001-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8001-1/" }, { "reference_url": "https://usn.ubuntu.com/8002-1/", "reference_id": "USN-8002-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8002-1/" }, { "reference_url": "https://usn.ubuntu.com/8003-1/", "reference_id": "USN-8003-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8003-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/933604?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.12%2B7-2~deb11u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.12%252B7-2~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933602?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.17%252B10-1~deb12u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933649?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.18%2B8-1~deb11u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.18%252B8-1~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933648?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.18%2B8-1~deb12u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.18%252B8-1~deb12u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933650?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.18%2B8-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.18%252B8-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933605?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.19~6ea-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~6ea-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1062446?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.19~9ea-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-1%3Fdistro=sid" } ], "aliases": [ "CVE-2026-21933" ], "risk_score": 2.8, "exploitability": "0.5", "weighted_severity": "5.5", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4snj-etwf-eqe8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/34370?format=api", "vulnerability_id": "VCID-4thy-7844-xuc9", "summary": "Multiple vulnerabilities have been found in OpenJDK, the worst of which could result in denial of service.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21360.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21360.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-21360", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00112", "scoring_system": "epss", "scoring_elements": "0.29741", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00112", "scoring_system": "epss", "scoring_elements": "0.29788", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00112", "scoring_system": "epss", "scoring_elements": "0.29607", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00112", "scoring_system": "epss", "scoring_elements": "0.29669", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00112", "scoring_system": "epss", "scoring_elements": "0.29706", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00112", "scoring_system": "epss", "scoring_elements": "0.29709", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00112", "scoring_system": "epss", "scoring_elements": "0.29664", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00112", "scoring_system": "epss", "scoring_elements": "0.29614", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00112", "scoring_system": "epss", "scoring_elements": "0.29633", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-21360" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21248", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21248" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21277", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21277" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21282", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21282" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21283", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21283" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21291", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21291" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21293", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21293" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21294", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21294" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21296", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21296" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21299", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21299" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21305", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21305" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21340", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21340" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21341", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21341" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21360", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21360" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21365", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21365" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21366", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21366" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2041491", "reference_id": "2041491", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2041491" }, { "reference_url": "https://security.gentoo.org/glsa/202209-05", "reference_id": "GLSA-202209-05", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202209-05" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0161", "reference_id": "RHSA-2022:0161", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0161" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0165", "reference_id": "RHSA-2022:0165", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0165" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0166", "reference_id": "RHSA-2022:0166", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0166" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0185", "reference_id": "RHSA-2022:0185", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0185" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0204", "reference_id": "RHSA-2022:0204", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0204" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0209", "reference_id": "RHSA-2022:0209", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0209" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0211", "reference_id": "RHSA-2022:0211", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0211" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0228", "reference_id": "RHSA-2022:0228", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0228" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0229", "reference_id": "RHSA-2022:0229", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0229" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0233", "reference_id": "RHSA-2022:0233", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0233" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0304", "reference_id": "RHSA-2022:0304", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0304" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0305", "reference_id": "RHSA-2022:0305", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0305" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0306", "reference_id": "RHSA-2022:0306", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0306" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0307", "reference_id": "RHSA-2022:0307", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0307" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0312", "reference_id": "RHSA-2022:0312", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0312" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0317", "reference_id": "RHSA-2022:0317", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0317" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0321", "reference_id": "RHSA-2022:0321", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0321" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0968", "reference_id": "RHSA-2022:0968", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0968" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0969", "reference_id": "RHSA-2022:0969", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0969" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0970", "reference_id": "RHSA-2022:0970", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0970" }, { "reference_url": "https://usn.ubuntu.com/5313-1/", "reference_id": "USN-5313-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5313-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/933610?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.2%2B8-1~deb11u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.2%252B8-1~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933609?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.2%2B8-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.2%252B8-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933604?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.12%2B7-2~deb11u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.12%252B7-2~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933602?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.17%252B10-1~deb12u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933605?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.19~6ea-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~6ea-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1062446?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.19~9ea-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-1%3Fdistro=sid" } ], "aliases": [ "CVE-2022-21360" ], "risk_score": 2.4, "exploitability": "0.5", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4thy-7844-xuc9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/74702?format=api", "vulnerability_id": "VCID-5et1-ytak-xqh7", "summary": "OpenJDK: Excessive symbol length can lead to infinite loop (8319859)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21138.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21138.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-21138", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00333", "scoring_system": "epss", "scoring_elements": "0.56203", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00333", "scoring_system": "epss", "scoring_elements": "0.56195", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00333", "scoring_system": "epss", "scoring_elements": "0.56201", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00333", "scoring_system": "epss", "scoring_elements": "0.5621", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00333", "scoring_system": "epss", "scoring_elements": "0.56186", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00333", "scoring_system": "epss", "scoring_elements": "0.5617", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00333", "scoring_system": "epss", "scoring_elements": "0.56144", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00333", "scoring_system": "epss", "scoring_elements": "0.56165", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-21138" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21131", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21131" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21138", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21138" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21140", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21140" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21144", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21144" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21145", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21145" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21147", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21147" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2297962", "reference_id": "2297962", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2297962" }, { "reference_url": "https://www.oracle.com/security-alerts/cpujul2024.html", "reference_id": "cpujul2024.html", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-17T13:32:40Z/" } ], "url": "https://www.oracle.com/security-alerts/cpujul2024.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20240719-0008/", "reference_id": "ntap-20240719-0008", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-17T13:32:40Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20240719-0008/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4560", "reference_id": "RHSA-2024:4560", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4560" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4561", "reference_id": "RHSA-2024:4561", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4561" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4562", "reference_id": "RHSA-2024:4562", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4562" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4563", "reference_id": "RHSA-2024:4563", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4563" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4564", "reference_id": "RHSA-2024:4564", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4564" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4565", "reference_id": "RHSA-2024:4565", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4565" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4566", "reference_id": "RHSA-2024:4566", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4566" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4567", "reference_id": "RHSA-2024:4567", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4567" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4568", "reference_id": "RHSA-2024:4568", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4568" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4569", "reference_id": "RHSA-2024:4569", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4569" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4570", "reference_id": "RHSA-2024:4570", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4570" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4571", "reference_id": "RHSA-2024:4571", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4571" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4572", "reference_id": "RHSA-2024:4572", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4572" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4573", "reference_id": "RHSA-2024:4573", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4573" }, { "reference_url": "https://usn.ubuntu.com/6929-1/", "reference_id": "USN-6929-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6929-1/" }, { "reference_url": "https://usn.ubuntu.com/6930-1/", "reference_id": "USN-6930-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6930-1/" }, { "reference_url": "https://usn.ubuntu.com/6931-1/", "reference_id": "USN-6931-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6931-1/" }, { "reference_url": "https://usn.ubuntu.com/6932-1/", "reference_id": "USN-6932-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6932-1/" }, { "reference_url": "https://usn.ubuntu.com/7096-1/", "reference_id": "USN-7096-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7096-1/" }, { "reference_url": "https://usn.ubuntu.com/7097-1/", "reference_id": "USN-7097-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7097-1/" }, { "reference_url": "https://usn.ubuntu.com/7098-1/", "reference_id": "USN-7098-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7098-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/933633?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.12%2B7-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.12%252B7-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933604?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.12%2B7-2~deb11u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.12%252B7-2~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933632?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.12%2B7-2~deb12u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.12%252B7-2~deb12u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933602?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.17%252B10-1~deb12u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933605?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.19~6ea-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~6ea-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1062446?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.19~9ea-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-1%3Fdistro=sid" } ], "aliases": [ "CVE-2024-21138" ], "risk_score": 1.6, "exploitability": "0.5", "weighted_severity": "3.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5et1-ytak-xqh7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/34360?format=api", "vulnerability_id": "VCID-5xg6-kds9-g3hf", "summary": "Multiple vulnerabilities have been found in OpenJDK, the worst of which could result in denial of service.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21294.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21294.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-21294", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00112", "scoring_system": "epss", "scoring_elements": "0.29741", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00112", "scoring_system": "epss", "scoring_elements": "0.29788", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00112", "scoring_system": "epss", "scoring_elements": "0.29607", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00112", "scoring_system": "epss", "scoring_elements": "0.29669", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00112", "scoring_system": "epss", "scoring_elements": "0.29706", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00112", "scoring_system": "epss", "scoring_elements": "0.29709", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00112", "scoring_system": "epss", "scoring_elements": "0.29664", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00112", "scoring_system": "epss", "scoring_elements": "0.29614", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00112", "scoring_system": "epss", "scoring_elements": "0.29633", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-21294" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21248", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21248" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21277", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21277" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21282", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21282" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21283", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21283" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21291", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21291" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21293", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21293" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21294", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21294" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21296", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21296" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21299", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21299" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21305", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21305" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21340", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21340" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21341", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21341" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21360", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21360" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21365", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21365" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21366", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21366" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2041427", "reference_id": "2041427", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2041427" }, { "reference_url": "https://security.gentoo.org/glsa/202209-05", "reference_id": "GLSA-202209-05", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202209-05" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0161", "reference_id": "RHSA-2022:0161", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0161" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0165", "reference_id": "RHSA-2022:0165", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0165" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0166", "reference_id": "RHSA-2022:0166", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0166" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0185", "reference_id": "RHSA-2022:0185", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0185" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0204", "reference_id": "RHSA-2022:0204", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0204" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0209", "reference_id": "RHSA-2022:0209", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0209" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0211", "reference_id": "RHSA-2022:0211", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0211" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0228", "reference_id": "RHSA-2022:0228", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0228" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0229", "reference_id": "RHSA-2022:0229", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0229" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0233", "reference_id": "RHSA-2022:0233", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0233" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0304", "reference_id": "RHSA-2022:0304", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0304" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0305", "reference_id": "RHSA-2022:0305", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0305" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0306", "reference_id": "RHSA-2022:0306", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0306" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0307", "reference_id": "RHSA-2022:0307", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0307" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0312", "reference_id": "RHSA-2022:0312", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0312" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0317", "reference_id": "RHSA-2022:0317", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0317" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0321", "reference_id": "RHSA-2022:0321", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0321" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0968", "reference_id": "RHSA-2022:0968", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0968" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0969", "reference_id": "RHSA-2022:0969", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0969" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0970", "reference_id": "RHSA-2022:0970", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0970" }, { "reference_url": "https://usn.ubuntu.com/5313-1/", "reference_id": "USN-5313-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5313-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/933610?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.2%2B8-1~deb11u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.2%252B8-1~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933609?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.2%2B8-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.2%252B8-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933604?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.12%2B7-2~deb11u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.12%252B7-2~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933602?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.17%252B10-1~deb12u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933605?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.19~6ea-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~6ea-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1062446?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.19~9ea-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-1%3Fdistro=sid" } ], "aliases": [ "CVE-2022-21294" ], "risk_score": 2.4, "exploitability": "0.5", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5xg6-kds9-g3hf" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31982?format=api", "vulnerability_id": "VCID-6196-gvhx-ruh8", "summary": "Multiple vulnerabilities have been discovered in OpenJDK, the worst of which could lead to remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21235.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21235.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-21235", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00171", "scoring_system": "epss", "scoring_elements": "0.38305", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00171", "scoring_system": "epss", "scoring_elements": "0.38417", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00171", "scoring_system": "epss", "scoring_elements": "0.38441", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00171", "scoring_system": "epss", "scoring_elements": "0.38355", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00171", "scoring_system": "epss", "scoring_elements": "0.38363", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00171", "scoring_system": "epss", "scoring_elements": "0.3838", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00216", "scoring_system": "epss", "scoring_elements": "0.44158", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00216", "scoring_system": "epss", "scoring_elements": "0.44159", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00216", "scoring_system": "epss", "scoring_elements": "0.4422", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-21235" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21235", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21235" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1085696", "reference_id": "1085696", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1085696" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2318534", "reference_id": "2318534", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2318534" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm:20.3.15:*:*:*:enterprise:*:*:*", "reference_id": "cpe:2.3:a:oracle:graalvm:20.3.15:*:*:*:enterprise:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm:20.3.15:*:*:*:enterprise:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm:21.3.11:*:*:*:enterprise:*:*:*", "reference_id": "cpe:2.3:a:oracle:graalvm:21.3.11:*:*:*:enterprise:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm:21.3.11:*:*:*:enterprise:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:17.0.12:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:graalvm_for_jdk:17.0.12:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:17.0.12:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:21.0.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:graalvm_for_jdk:21.0.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:21.0.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:23:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:graalvm_for_jdk:23:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:23:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:11.0.24:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:java_se:11.0.24:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:11.0.24:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:17.0.12:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:java_se:17.0.12:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:17.0.12:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:21.0.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:java_se:21.0.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:21.0.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:23:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:java_se:23:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:23:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:8u421:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:java_se:8u421:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:8u421:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:8u421:*:*:*:enterprise_performance:*:*:*", "reference_id": "cpe:2.3:a:oracle:java_se:8u421:*:*:*:enterprise_performance:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:8u421:*:*:*:enterprise_performance:*:*:*" }, { "reference_url": "https://security.gentoo.org/glsa/202412-07", "reference_id": "GLSA-202412-07", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-07" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10926", "reference_id": "RHSA-2024:10926", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10926" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8116", "reference_id": "RHSA-2024:8116", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8116" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8117", "reference_id": "RHSA-2024:8117", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8117" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8118", "reference_id": "RHSA-2024:8118", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8118" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8119", "reference_id": "RHSA-2024:8119", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8119" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8120", "reference_id": "RHSA-2024:8120", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8120" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8121", "reference_id": "RHSA-2024:8121", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8121" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8122", "reference_id": "RHSA-2024:8122", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8122" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8123", "reference_id": "RHSA-2024:8123", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8123" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8124", "reference_id": "RHSA-2024:8124", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8124" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8125", "reference_id": "RHSA-2024:8125", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8125" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8126", "reference_id": "RHSA-2024:8126", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8126" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8127", "reference_id": "RHSA-2024:8127", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8127" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8128", "reference_id": "RHSA-2024:8128", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8128" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8129", "reference_id": "RHSA-2024:8129", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8129" }, { "reference_url": "https://usn.ubuntu.com/7096-1/", "reference_id": "USN-7096-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7096-1/" }, { "reference_url": "https://usn.ubuntu.com/7097-1/", "reference_id": "USN-7097-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7097-1/" }, { "reference_url": "https://usn.ubuntu.com/7098-1/", "reference_id": "USN-7098-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7098-1/" }, { "reference_url": "https://usn.ubuntu.com/7099-1/", "reference_id": "USN-7099-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7099-1/" }, { "reference_url": "https://usn.ubuntu.com/7124-1/", "reference_id": "USN-7124-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7124-1/" }, { "reference_url": "https://usn.ubuntu.com/7338-1/", "reference_id": "USN-7338-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7338-1/" }, { "reference_url": "https://usn.ubuntu.com/7339-1/", "reference_id": "USN-7339-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7339-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/933604?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.12%2B7-2~deb11u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.12%252B7-2~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933635?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.13%2B11-1~deb11u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.13%252B11-1~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933636?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.13%2B11-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.13%252B11-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933634?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.13%2B11-2~deb12u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.13%252B11-2~deb12u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933602?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.17%252B10-1~deb12u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933605?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.19~6ea-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~6ea-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1062446?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.19~9ea-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-1%3Fdistro=sid" } ], "aliases": [ "CVE-2024-21235" ], "risk_score": 2.1, "exploitability": "0.5", "weighted_severity": "4.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6196-gvhx-ruh8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/34340?format=api", "vulnerability_id": "VCID-6wtu-f43b-1ue9", "summary": "Multiple vulnerabilities have been found in OpenJDK, the worst of which could result in denial of service.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-35559.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-35559.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-35559", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00117", "scoring_system": "epss", "scoring_elements": "0.30596", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00117", "scoring_system": "epss", "scoring_elements": "0.30602", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00117", "scoring_system": "epss", "scoring_elements": "0.30732", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00117", "scoring_system": "epss", "scoring_elements": "0.30627", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00117", "scoring_system": "epss", "scoring_elements": "0.30781", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00117", "scoring_system": "epss", "scoring_elements": "0.30654", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00117", "scoring_system": "epss", "scoring_elements": "0.30687", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00117", "scoring_system": "epss", "scoring_elements": "0.30692", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00117", "scoring_system": "epss", "scoring_elements": "0.30647", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-35559" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35550", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35550" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35556", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35556" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35559", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35559" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35561", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35561" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35564", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35564" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35565", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35565" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35567", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35567" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35578", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35578" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35586", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35586" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35603", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35603" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2014518", "reference_id": "2014518", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2014518" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6EUURAQOIJYFZHQ7DFZCO6IKDPIAWTNK/", "reference_id": "6EUURAQOIJYFZHQ7DFZCO6IKDPIAWTNK", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-06-25T16:02:35Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6EUURAQOIJYFZHQ7DFZCO6IKDPIAWTNK/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7WTVCIVHTX3XONYOEGUMLKCM4QEC6INT/", "reference_id": "7WTVCIVHTX3XONYOEGUMLKCM4QEC6INT", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-06-25T16:02:35Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7WTVCIVHTX3XONYOEGUMLKCM4QEC6INT/" }, { "reference_url": "https://security.archlinux.org/AVG-2477", "reference_id": "AVG-2477", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2477" }, { "reference_url": "https://security.archlinux.org/AVG-2478", "reference_id": "AVG-2478", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2478" }, { "reference_url": "https://security.archlinux.org/AVG-2479", "reference_id": "AVG-2479", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2479" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DJILEHYV2U37HKMGFEQ7CAVOV4DUWW2O/", "reference_id": "DJILEHYV2U37HKMGFEQ7CAVOV4DUWW2O", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-06-25T16:02:35Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DJILEHYV2U37HKMGFEQ7CAVOV4DUWW2O/" }, { "reference_url": "https://www.debian.org/security/2021/dsa-5000", "reference_id": "dsa-5000", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-06-25T16:02:35Z/" } ], "url": "https://www.debian.org/security/2021/dsa-5000" }, { "reference_url": "https://www.debian.org/security/2021/dsa-5012", "reference_id": "dsa-5012", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-06-25T16:02:35Z/" } ], "url": "https://www.debian.org/security/2021/dsa-5012" }, { "reference_url": "https://security.gentoo.org/glsa/202209-05", "reference_id": "GLSA-202209-05", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-06-25T16:02:35Z/" } ], "url": "https://security.gentoo.org/glsa/202209-05" }, { "reference_url": "https://security.gentoo.org/glsa/202409-26", "reference_id": "GLSA-202409-26", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202409-26" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GTYZWIXDFUV2H57YQZJWPOD3BC3I3EIQ/", "reference_id": "GTYZWIXDFUV2H57YQZJWPOD3BC3I3EIQ", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-06-25T16:02:35Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GTYZWIXDFUV2H57YQZJWPOD3BC3I3EIQ/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GXTUWAWXVU37GRNIG4TPMA47THO6VAE6/", "reference_id": "GXTUWAWXVU37GRNIG4TPMA47THO6VAE6", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-06-25T16:02:35Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GXTUWAWXVU37GRNIG4TPMA47THO6VAE6/" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2021/11/msg00008.html", "reference_id": "msg00008.html", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-06-25T16:02:35Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2021/11/msg00008.html" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3884", "reference_id": "RHSA-2021:3884", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3884" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3885", "reference_id": "RHSA-2021:3885", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3885" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3886", "reference_id": "RHSA-2021:3886", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3886" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3887", "reference_id": "RHSA-2021:3887", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3887" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3889", "reference_id": "RHSA-2021:3889", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3889" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3891", "reference_id": "RHSA-2021:3891", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3891" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3892", "reference_id": "RHSA-2021:3892", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3892" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3893", "reference_id": "RHSA-2021:3893", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3893" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3960", "reference_id": "RHSA-2021:3960", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3960" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3961", "reference_id": "RHSA-2021:3961", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3961" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3967", "reference_id": "RHSA-2021:3967", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3967" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3968", "reference_id": "RHSA-2021:3968", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3968" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4135", "reference_id": "RHSA-2021:4135", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4135" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4531", "reference_id": "RHSA-2021:4531", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4531" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4532", "reference_id": "RHSA-2021:4532", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4532" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:5030", "reference_id": "RHSA-2021:5030", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:5030" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0310", "reference_id": "RHSA-2022:0310", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0310" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0345", "reference_id": "RHSA-2022:0345", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0345" }, { "reference_url": "https://usn.ubuntu.com/5202-1/", "reference_id": "USN-5202-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5202-1/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/V362B2BWTH5IJDL45QPQGMBKIQOG7JX5/", "reference_id": "V362B2BWTH5IJDL45QPQGMBKIQOG7JX5", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-06-25T16:02:35Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/V362B2BWTH5IJDL45QPQGMBKIQOG7JX5/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/933607?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.1%2B12-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.1%252B12-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933608?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.1%2B12-1%2Bdeb11u2?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.1%252B12-1%252Bdeb11u2%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933604?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.12%2B7-2~deb11u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.12%252B7-2~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933602?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.17%252B10-1~deb12u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933605?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.19~6ea-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~6ea-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1062446?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.19~9ea-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-1%3Fdistro=sid" } ], "aliases": [ "CVE-2021-35559" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6wtu-f43b-1ue9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/34348?format=api", "vulnerability_id": "VCID-6zn4-b8k4-3bcn", "summary": "Multiple vulnerabilities have been found in OpenJDK, the worst of which could result in denial of service.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-35586.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-35586.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-35586", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00167", "scoring_system": "epss", "scoring_elements": "0.37711", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00167", "scoring_system": "epss", "scoring_elements": "0.37796", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00167", "scoring_system": "epss", "scoring_elements": "0.37892", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00167", "scoring_system": "epss", "scoring_elements": "0.37812", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00167", "scoring_system": "epss", "scoring_elements": "0.37837", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00167", "scoring_system": "epss", "scoring_elements": "0.37874", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00167", "scoring_system": "epss", "scoring_elements": "0.37859", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00167", "scoring_system": "epss", "scoring_elements": "0.37846", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00167", "scoring_system": "epss", "scoring_elements": "0.37917", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-35586" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35550", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35550" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35556", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35556" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35559", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35559" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35561", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35561" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35564", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35564" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35565", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35565" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35567", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35567" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35578", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35578" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35586", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35586" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35603", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35603" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2015308", "reference_id": "2015308", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2015308" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6EUURAQOIJYFZHQ7DFZCO6IKDPIAWTNK/", "reference_id": "6EUURAQOIJYFZHQ7DFZCO6IKDPIAWTNK", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-25T19:32:02Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6EUURAQOIJYFZHQ7DFZCO6IKDPIAWTNK/" }, { "reference_url": "https://security.archlinux.org/AVG-2477", "reference_id": "AVG-2477", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2477" }, { "reference_url": "https://security.archlinux.org/AVG-2478", "reference_id": "AVG-2478", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2478" }, { "reference_url": "https://security.archlinux.org/AVG-2479", "reference_id": "AVG-2479", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2479" }, { "reference_url": "https://www.debian.org/security/2021/dsa-5000", "reference_id": "dsa-5000", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-25T19:32:02Z/" } ], "url": "https://www.debian.org/security/2021/dsa-5000" }, { "reference_url": "https://www.debian.org/security/2021/dsa-5012", "reference_id": "dsa-5012", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-25T19:32:02Z/" } ], "url": "https://www.debian.org/security/2021/dsa-5012" }, { "reference_url": "https://security.gentoo.org/glsa/202209-05", "reference_id": "GLSA-202209-05", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-25T19:32:02Z/" } ], "url": "https://security.gentoo.org/glsa/202209-05" }, { "reference_url": "https://security.gentoo.org/glsa/202409-26", "reference_id": "GLSA-202409-26", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202409-26" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GTYZWIXDFUV2H57YQZJWPOD3BC3I3EIQ/", "reference_id": "GTYZWIXDFUV2H57YQZJWPOD3BC3I3EIQ", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-25T19:32:02Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GTYZWIXDFUV2H57YQZJWPOD3BC3I3EIQ/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GXTUWAWXVU37GRNIG4TPMA47THO6VAE6/", "reference_id": "GXTUWAWXVU37GRNIG4TPMA47THO6VAE6", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-25T19:32:02Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GXTUWAWXVU37GRNIG4TPMA47THO6VAE6/" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2021/11/msg00008.html", "reference_id": "msg00008.html", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-25T19:32:02Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2021/11/msg00008.html" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3884", "reference_id": "RHSA-2021:3884", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3884" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3885", "reference_id": "RHSA-2021:3885", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3885" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3886", "reference_id": "RHSA-2021:3886", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3886" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3887", "reference_id": "RHSA-2021:3887", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3887" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3889", "reference_id": "RHSA-2021:3889", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3889" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3891", "reference_id": "RHSA-2021:3891", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3891" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3892", "reference_id": "RHSA-2021:3892", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3892" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3893", "reference_id": "RHSA-2021:3893", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3893" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3960", "reference_id": "RHSA-2021:3960", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3960" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3961", "reference_id": "RHSA-2021:3961", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3961" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3967", "reference_id": "RHSA-2021:3967", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3967" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3968", "reference_id": "RHSA-2021:3968", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3968" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4135", "reference_id": "RHSA-2021:4135", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4135" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4531", "reference_id": "RHSA-2021:4531", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4531" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4532", "reference_id": "RHSA-2021:4532", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4532" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:5030", "reference_id": "RHSA-2021:5030", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:5030" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0310", "reference_id": "RHSA-2022:0310", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0310" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0345", "reference_id": "RHSA-2022:0345", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0345" }, { "reference_url": "https://usn.ubuntu.com/5202-1/", "reference_id": "USN-5202-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5202-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/933607?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.1%2B12-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.1%252B12-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933608?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.1%2B12-1%2Bdeb11u2?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.1%252B12-1%252Bdeb11u2%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933604?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.12%2B7-2~deb11u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.12%252B7-2~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933602?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.17%252B10-1~deb12u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933605?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.19~6ea-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~6ea-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1062446?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.19~9ea-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-1%3Fdistro=sid" } ], "aliases": [ "CVE-2021-35586" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6zn4-b8k4-3bcn" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/74699?format=api", "vulnerability_id": "VCID-76rb-sg3r-bqce", "summary": "OpenJDK: potential UTF8 size overflow (8314794)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21131.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21131.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-21131", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00442", "scoring_system": "epss", "scoring_elements": "0.63286", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00442", "scoring_system": "epss", "scoring_elements": "0.63252", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00442", "scoring_system": "epss", "scoring_elements": "0.63303", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00442", "scoring_system": "epss", "scoring_elements": "0.63321", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00442", "scoring_system": "epss", "scoring_elements": "0.63338", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00442", "scoring_system": "epss", "scoring_elements": "0.63322", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00442", "scoring_system": "epss", "scoring_elements": "0.63258", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00442", "scoring_system": "epss", "scoring_elements": "0.63287", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-21131" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21131", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21131" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21138", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21138" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21140", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21140" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21144", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21144" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21145", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21145" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21147", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21147" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2297961", "reference_id": "2297961", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2297961" }, { "reference_url": "https://www.oracle.com/security-alerts/cpujul2024.html", "reference_id": "cpujul2024.html", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-17T13:34:16Z/" } ], "url": "https://www.oracle.com/security-alerts/cpujul2024.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20240719-0008/", "reference_id": "ntap-20240719-0008", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-17T13:34:16Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20240719-0008/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4560", "reference_id": "RHSA-2024:4560", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4560" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4561", "reference_id": "RHSA-2024:4561", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4561" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4562", "reference_id": "RHSA-2024:4562", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4562" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4563", "reference_id": "RHSA-2024:4563", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4563" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4564", "reference_id": "RHSA-2024:4564", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4564" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4565", "reference_id": "RHSA-2024:4565", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4565" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4566", "reference_id": "RHSA-2024:4566", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4566" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4567", "reference_id": "RHSA-2024:4567", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4567" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4568", "reference_id": "RHSA-2024:4568", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4568" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4569", "reference_id": "RHSA-2024:4569", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4569" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4570", "reference_id": "RHSA-2024:4570", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4570" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4571", "reference_id": "RHSA-2024:4571", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4571" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4572", "reference_id": "RHSA-2024:4572", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4572" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4573", "reference_id": "RHSA-2024:4573", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4573" }, { "reference_url": "https://usn.ubuntu.com/6929-1/", "reference_id": "USN-6929-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6929-1/" }, { "reference_url": "https://usn.ubuntu.com/6930-1/", "reference_id": "USN-6930-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6930-1/" }, { "reference_url": "https://usn.ubuntu.com/6931-1/", "reference_id": "USN-6931-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6931-1/" }, { "reference_url": "https://usn.ubuntu.com/6932-1/", "reference_id": "USN-6932-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6932-1/" }, { "reference_url": "https://usn.ubuntu.com/7096-1/", "reference_id": "USN-7096-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7096-1/" }, { "reference_url": "https://usn.ubuntu.com/7097-1/", "reference_id": "USN-7097-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7097-1/" }, { "reference_url": "https://usn.ubuntu.com/7098-1/", "reference_id": "USN-7098-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7098-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/933633?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.12%2B7-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.12%252B7-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933604?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.12%2B7-2~deb11u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.12%252B7-2~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933632?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.12%2B7-2~deb12u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.12%252B7-2~deb12u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933602?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.17%252B10-1~deb12u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933605?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.19~6ea-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~6ea-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1062446?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.19~9ea-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-1%3Fdistro=sid" } ], "aliases": [ "CVE-2024-21131" ], "risk_score": 1.6, "exploitability": "0.5", "weighted_severity": "3.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-76rb-sg3r-bqce" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31977?format=api", "vulnerability_id": "VCID-8cup-qnc8-wudx", "summary": "Multiple vulnerabilities have been discovered in OpenJDK, the worst of which could lead to remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-20952.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-20952.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-20952", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00324", "scoring_system": "epss", "scoring_elements": "0.55503", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00324", "scoring_system": "epss", "scoring_elements": "0.55441", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00324", "scoring_system": "epss", "scoring_elements": "0.55465", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00324", "scoring_system": "epss", "scoring_elements": "0.55444", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00324", "scoring_system": "epss", "scoring_elements": "0.55495", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00324", "scoring_system": "epss", "scoring_elements": "0.55505", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00324", "scoring_system": "epss", "scoring_elements": "0.55483", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00324", "scoring_system": "epss", "scoring_elements": "0.55466", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-20952" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20918", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20918" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20919", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20919" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20921", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20921" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20926", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20926" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20932", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20932" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20945", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20945" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20952", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20952" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2257837", "reference_id": "2257837", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2257837" }, { "reference_url": "https://security.gentoo.org/glsa/202412-07", "reference_id": "GLSA-202412-07", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-07" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2024/01/msg00023.html", "reference_id": "msg00023.html", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-01-25T05:01:04Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2024/01/msg00023.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20240201-0002/", "reference_id": "ntap-20240201-0002", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-01-25T05:01:04Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20240201-0002/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0222", "reference_id": "RHSA-2024:0222", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0222" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0223", "reference_id": "RHSA-2024:0223", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0223" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0224", "reference_id": "RHSA-2024:0224", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0224" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0225", "reference_id": "RHSA-2024:0225", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0225" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0226", "reference_id": "RHSA-2024:0226", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0226" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0228", "reference_id": "RHSA-2024:0228", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0228" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0230", "reference_id": "RHSA-2024:0230", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0230" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0231", "reference_id": "RHSA-2024:0231", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0231" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0232", "reference_id": "RHSA-2024:0232", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0232" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0233", "reference_id": "RHSA-2024:0233", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0233" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0234", "reference_id": "RHSA-2024:0234", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0234" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0235", "reference_id": "RHSA-2024:0235", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0235" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0237", "reference_id": "RHSA-2024:0237", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0237" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0239", "reference_id": "RHSA-2024:0239", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0239" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0240", "reference_id": "RHSA-2024:0240", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0240" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0241", "reference_id": "RHSA-2024:0241", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0241" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0242", "reference_id": "RHSA-2024:0242", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0242" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0244", "reference_id": "RHSA-2024:0244", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0244" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0246", "reference_id": "RHSA-2024:0246", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0246" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0247", "reference_id": "RHSA-2024:0247", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0247" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0248", "reference_id": "RHSA-2024:0248", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0248" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0249", "reference_id": "RHSA-2024:0249", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0249" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0250", "reference_id": "RHSA-2024:0250", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0250" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0265", "reference_id": "RHSA-2024:0265", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0265" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0266", "reference_id": "RHSA-2024:0266", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0266" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0267", "reference_id": "RHSA-2024:0267", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0267" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1481", "reference_id": "RHSA-2024:1481", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1481" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1482", "reference_id": "RHSA-2024:1482", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1482" }, { "reference_url": "https://usn.ubuntu.com/6660-1/", "reference_id": "USN-6660-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6660-1/" }, { "reference_url": "https://usn.ubuntu.com/6661-1/", "reference_id": "USN-6661-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6661-1/" }, { "reference_url": "https://usn.ubuntu.com/6662-1/", "reference_id": "USN-6662-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6662-1/" }, { "reference_url": "https://usn.ubuntu.com/6696-1/", "reference_id": "USN-6696-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6696-1/" }, { "reference_url": "https://usn.ubuntu.com/7096-1/", "reference_id": "USN-7096-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7096-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/933627?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.10%2B7-1~deb11u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.10%252B7-1~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933626?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.10%2B7-1~deb12u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.10%252B7-1~deb12u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933628?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.10%2B7-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.10%252B7-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933604?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.12%2B7-2~deb11u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.12%252B7-2~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933602?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.17%252B10-1~deb12u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933605?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.19~6ea-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~6ea-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1062446?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.19~9ea-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-1%3Fdistro=sid" } ], "aliases": [ "CVE-2024-20952" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.7", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8cup-qnc8-wudx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/78480?format=api", "vulnerability_id": "VCID-8wud-7t2q-xfa3", "summary": "OpenJDK: missing check for slash characters in URI-to-path conversion (8298667)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-21968.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-21968.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-21968", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.23693", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.23735", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00088", "scoring_system": "epss", "scoring_elements": "0.25179", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00088", "scoring_system": "epss", "scoring_elements": "0.25193", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00088", "scoring_system": "epss", "scoring_elements": "0.2515", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00088", "scoring_system": "epss", "scoring_elements": "0.25098", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00088", "scoring_system": "epss", "scoring_elements": "0.25108", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00088", "scoring_system": "epss", "scoring_elements": "0.25064", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00088", "scoring_system": "epss", "scoring_elements": "0.25134", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-21968" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21930", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21930" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21937", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21937" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21938", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21938" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21939", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21939" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21954", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21954" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21967", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21967" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21968", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21968" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22006", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22006" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22036", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22036" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22041", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22041" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22045", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22045" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22049", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22049" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1035957", "reference_id": "1035957", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1035957" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036280", "reference_id": "1036280", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036280" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2187802", "reference_id": "2187802", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2187802" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1875", "reference_id": "RHSA-2023:1875", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1875" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1877", "reference_id": "RHSA-2023:1877", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1877" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1878", "reference_id": "RHSA-2023:1878", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1878" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1879", "reference_id": "RHSA-2023:1879", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1879" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1880", "reference_id": "RHSA-2023:1880", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1880" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1882", "reference_id": "RHSA-2023:1882", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1882" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1883", "reference_id": "RHSA-2023:1883", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1883" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1884", "reference_id": "RHSA-2023:1884", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1884" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1885", "reference_id": "RHSA-2023:1885", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1885" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1889", "reference_id": "RHSA-2023:1889", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1889" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1890", "reference_id": "RHSA-2023:1890", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1890" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1891", "reference_id": "RHSA-2023:1891", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1891" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1892", "reference_id": "RHSA-2023:1892", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1892" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1895", "reference_id": "RHSA-2023:1895", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1895" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1898", "reference_id": "RHSA-2023:1898", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1898" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1899", "reference_id": "RHSA-2023:1899", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1899" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1900", "reference_id": "RHSA-2023:1900", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1900" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1903", "reference_id": "RHSA-2023:1903", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1903" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1904", "reference_id": "RHSA-2023:1904", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1904" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1905", "reference_id": "RHSA-2023:1905", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1905" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1906", "reference_id": "RHSA-2023:1906", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1906" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1907", "reference_id": "RHSA-2023:1907", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1907" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1908", "reference_id": "RHSA-2023:1908", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1908" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1909", "reference_id": "RHSA-2023:1909", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1909" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1910", "reference_id": "RHSA-2023:1910", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1910" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1911", "reference_id": "RHSA-2023:1911", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1911" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1912", "reference_id": "RHSA-2023:1912", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1912" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4103", "reference_id": "RHSA-2023:4103", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4103" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4160", "reference_id": "RHSA-2023:4160", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4160" }, { "reference_url": "https://usn.ubuntu.com/6077-1/", "reference_id": "USN-6077-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6077-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/933619?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.7%2B7-1~deb11u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.7%252B7-1~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933618?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.7%2B7-1~deb12u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.7%252B7-1~deb12u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933620?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.7%2B7-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.7%252B7-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933604?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.12%2B7-2~deb11u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.12%252B7-2~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933602?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.17%252B10-1~deb12u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933605?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.19~6ea-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~6ea-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1062446?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.19~9ea-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-1%3Fdistro=sid" } ], "aliases": [ "CVE-2023-21968" ], "risk_score": 1.6, "exploitability": "0.5", "weighted_severity": "3.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8wud-7t2q-xfa3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/34346?format=api", "vulnerability_id": "VCID-97bv-kegv-uyd9", "summary": "Multiple vulnerabilities have been found in OpenJDK, the worst of which could result in denial of service.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-35567.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-35567.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-35567", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0022", "scoring_system": "epss", "scoring_elements": "0.44539", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.0022", "scoring_system": "epss", "scoring_elements": "0.44673", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0022", "scoring_system": "epss", "scoring_elements": "0.44617", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0022", "scoring_system": "epss", "scoring_elements": "0.44638", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0022", "scoring_system": "epss", "scoring_elements": "0.44576", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0022", "scoring_system": "epss", "scoring_elements": "0.44628", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0022", "scoring_system": "epss", "scoring_elements": "0.4463", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0022", "scoring_system": "epss", "scoring_elements": "0.44647", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0022", "scoring_system": "epss", "scoring_elements": "0.44618", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-35567" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35550", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35550" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35556", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35556" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35559", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35559" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35561", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35561" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35564", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35564" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35565", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35565" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35567", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35567" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35578", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35578" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35586", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35586" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35603", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35603" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2015658", "reference_id": "2015658", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2015658" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6EUURAQOIJYFZHQ7DFZCO6IKDPIAWTNK/", "reference_id": "6EUURAQOIJYFZHQ7DFZCO6IKDPIAWTNK", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-25T19:14:55Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6EUURAQOIJYFZHQ7DFZCO6IKDPIAWTNK/" }, { "reference_url": "https://security.archlinux.org/AVG-2477", "reference_id": "AVG-2477", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2477" }, { "reference_url": "https://security.archlinux.org/AVG-2478", "reference_id": "AVG-2478", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2478" }, { "reference_url": "https://security.archlinux.org/AVG-2479", "reference_id": "AVG-2479", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2479" }, { "reference_url": "https://www.debian.org/security/2021/dsa-5000", "reference_id": "dsa-5000", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-25T19:14:55Z/" } ], "url": "https://www.debian.org/security/2021/dsa-5000" }, { "reference_url": "https://www.debian.org/security/2021/dsa-5012", "reference_id": "dsa-5012", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-25T19:14:55Z/" } ], "url": "https://www.debian.org/security/2021/dsa-5012" }, { "reference_url": "https://security.gentoo.org/glsa/202209-05", "reference_id": "GLSA-202209-05", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-25T19:14:55Z/" } ], "url": "https://security.gentoo.org/glsa/202209-05" }, { "reference_url": "https://security.gentoo.org/glsa/202409-26", "reference_id": "GLSA-202409-26", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202409-26" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GTYZWIXDFUV2H57YQZJWPOD3BC3I3EIQ/", "reference_id": "GTYZWIXDFUV2H57YQZJWPOD3BC3I3EIQ", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-25T19:14:55Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GTYZWIXDFUV2H57YQZJWPOD3BC3I3EIQ/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GXTUWAWXVU37GRNIG4TPMA47THO6VAE6/", "reference_id": "GXTUWAWXVU37GRNIG4TPMA47THO6VAE6", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-25T19:14:55Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GXTUWAWXVU37GRNIG4TPMA47THO6VAE6/" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2021/11/msg00008.html", "reference_id": "msg00008.html", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-25T19:14:55Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2021/11/msg00008.html" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3884", "reference_id": "RHSA-2021:3884", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3884" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3885", "reference_id": "RHSA-2021:3885", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3885" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3886", "reference_id": "RHSA-2021:3886", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3886" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3887", "reference_id": "RHSA-2021:3887", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3887" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3889", "reference_id": "RHSA-2021:3889", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3889" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3891", "reference_id": "RHSA-2021:3891", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3891" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3892", "reference_id": "RHSA-2021:3892", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3892" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3893", "reference_id": "RHSA-2021:3893", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3893" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3960", "reference_id": "RHSA-2021:3960", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3960" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3961", "reference_id": "RHSA-2021:3961", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3961" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3967", "reference_id": "RHSA-2021:3967", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3967" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3968", "reference_id": "RHSA-2021:3968", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3968" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4135", "reference_id": "RHSA-2021:4135", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4135" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4531", "reference_id": "RHSA-2021:4531", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4531" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4532", "reference_id": "RHSA-2021:4532", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4532" }, { "reference_url": "https://usn.ubuntu.com/5202-1/", "reference_id": "USN-5202-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5202-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/933607?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.1%2B12-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.1%252B12-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933608?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.1%2B12-1%2Bdeb11u2?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.1%252B12-1%252Bdeb11u2%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933604?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.12%2B7-2~deb11u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.12%252B7-2~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933602?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.17%252B10-1~deb12u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933605?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.19~6ea-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~6ea-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1062446?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.19~9ea-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-1%3Fdistro=sid" } ], "aliases": [ "CVE-2021-35567" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-97bv-kegv-uyd9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/34368?format=api", "vulnerability_id": "VCID-98bc-5jrc-5kas", "summary": "Multiple vulnerabilities have been found in OpenJDK, the worst of which could result in denial of service.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21341.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21341.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-21341", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00112", "scoring_system": "epss", "scoring_elements": "0.29741", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00112", "scoring_system": "epss", "scoring_elements": "0.29788", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00112", "scoring_system": "epss", "scoring_elements": "0.29607", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00112", "scoring_system": "epss", "scoring_elements": "0.29669", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00112", "scoring_system": "epss", "scoring_elements": "0.29706", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00112", "scoring_system": "epss", "scoring_elements": "0.29709", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00112", "scoring_system": "epss", "scoring_elements": "0.29664", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00112", "scoring_system": "epss", "scoring_elements": "0.29614", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00112", "scoring_system": "epss", "scoring_elements": "0.29633", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-21341" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21248", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21248" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21277", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21277" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21282", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21282" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21283", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21283" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21291", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21291" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21293", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21293" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21294", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21294" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21296", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21296" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21299", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21299" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21305", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21305" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21340", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21340" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21341", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21341" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21360", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21360" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21365", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21365" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21366", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21366" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2041897", "reference_id": "2041897", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2041897" }, { "reference_url": "https://security.gentoo.org/glsa/202209-05", "reference_id": "GLSA-202209-05", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202209-05" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0161", "reference_id": "RHSA-2022:0161", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0161" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0165", "reference_id": "RHSA-2022:0165", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0165" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0166", "reference_id": "RHSA-2022:0166", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0166" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0185", "reference_id": "RHSA-2022:0185", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0185" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0204", "reference_id": "RHSA-2022:0204", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0204" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0209", "reference_id": "RHSA-2022:0209", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0209" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0211", "reference_id": "RHSA-2022:0211", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0211" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0228", "reference_id": "RHSA-2022:0228", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0228" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0229", "reference_id": "RHSA-2022:0229", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0229" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0233", "reference_id": "RHSA-2022:0233", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0233" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0304", "reference_id": "RHSA-2022:0304", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0304" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0305", "reference_id": "RHSA-2022:0305", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0305" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0306", "reference_id": "RHSA-2022:0306", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0306" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0307", "reference_id": "RHSA-2022:0307", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0307" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0312", "reference_id": "RHSA-2022:0312", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0312" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0317", "reference_id": "RHSA-2022:0317", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0317" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0321", "reference_id": "RHSA-2022:0321", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0321" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0968", "reference_id": "RHSA-2022:0968", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0968" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0969", "reference_id": "RHSA-2022:0969", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0969" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0970", "reference_id": "RHSA-2022:0970", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0970" }, { "reference_url": "https://usn.ubuntu.com/5313-1/", "reference_id": "USN-5313-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5313-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/933610?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.2%2B8-1~deb11u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.2%252B8-1~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933609?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.2%2B8-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.2%252B8-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933604?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.12%2B7-2~deb11u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.12%252B7-2~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933602?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.17%252B10-1~deb12u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933605?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.19~6ea-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~6ea-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1062446?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.19~9ea-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-1%3Fdistro=sid" } ], "aliases": [ "CVE-2022-21341" ], "risk_score": 2.4, "exploitability": "0.5", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-98bc-5jrc-5kas" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31980?format=api", "vulnerability_id": "VCID-9n5v-4daz-eyc2", "summary": "Multiple vulnerabilities have been discovered in OpenJDK, the worst of which could lead to remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21217.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21217.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-21217", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00096", "scoring_system": "epss", "scoring_elements": "0.26618", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00096", "scoring_system": "epss", "scoring_elements": "0.26713", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00096", "scoring_system": "epss", "scoring_elements": "0.26668", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00096", "scoring_system": "epss", "scoring_elements": "0.26611", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00096", "scoring_system": "epss", "scoring_elements": "0.26767", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00096", "scoring_system": "epss", "scoring_elements": "0.26807", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00096", "scoring_system": "epss", "scoring_elements": "0.26591", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00096", "scoring_system": "epss", "scoring_elements": "0.26658", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00096", "scoring_system": "epss", "scoring_elements": "0.26708", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-21217" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21217", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21217" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1085696", "reference_id": "1085696", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1085696" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2318530", "reference_id": "2318530", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2318530" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm:20.3.15:*:*:*:enterprise:*:*:*", "reference_id": "cpe:2.3:a:oracle:graalvm:20.3.15:*:*:*:enterprise:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm:20.3.15:*:*:*:enterprise:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm:21.3.11:*:*:*:enterprise:*:*:*", "reference_id": "cpe:2.3:a:oracle:graalvm:21.3.11:*:*:*:enterprise:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm:21.3.11:*:*:*:enterprise:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:17.0.12:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:graalvm_for_jdk:17.0.12:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:17.0.12:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:21.0.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:graalvm_for_jdk:21.0.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:21.0.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:23:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:graalvm_for_jdk:23:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:23:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:11.0.24:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:java_se:11.0.24:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:11.0.24:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:17.0.12:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:java_se:17.0.12:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:17.0.12:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:21.0.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:java_se:21.0.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:21.0.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:23:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:java_se:23:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:23:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:8u421:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:java_se:8u421:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:8u421:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:8u421:*:*:*:enterprise_performance:*:*:*", "reference_id": "cpe:2.3:a:oracle:java_se:8u421:*:*:*:enterprise_performance:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:8u421:*:*:*:enterprise_performance:*:*:*" }, { "reference_url": "https://security.gentoo.org/glsa/202412-07", "reference_id": "GLSA-202412-07", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-07" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10926", "reference_id": "RHSA-2024:10926", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10926" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8116", "reference_id": "RHSA-2024:8116", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8116" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8117", "reference_id": "RHSA-2024:8117", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8117" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8118", "reference_id": "RHSA-2024:8118", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8118" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8119", "reference_id": "RHSA-2024:8119", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8119" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8120", "reference_id": "RHSA-2024:8120", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8120" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8121", "reference_id": "RHSA-2024:8121", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8121" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8122", "reference_id": "RHSA-2024:8122", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8122" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8123", "reference_id": "RHSA-2024:8123", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8123" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8124", "reference_id": "RHSA-2024:8124", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8124" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8125", "reference_id": "RHSA-2024:8125", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8125" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8126", "reference_id": "RHSA-2024:8126", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8126" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8127", "reference_id": "RHSA-2024:8127", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8127" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8128", "reference_id": "RHSA-2024:8128", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8128" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8129", "reference_id": "RHSA-2024:8129", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8129" }, { "reference_url": "https://usn.ubuntu.com/7096-1/", "reference_id": "USN-7096-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7096-1/" }, { "reference_url": "https://usn.ubuntu.com/7097-1/", "reference_id": "USN-7097-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7097-1/" }, { "reference_url": "https://usn.ubuntu.com/7098-1/", "reference_id": "USN-7098-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7098-1/" }, { "reference_url": "https://usn.ubuntu.com/7099-1/", "reference_id": "USN-7099-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7099-1/" }, { "reference_url": "https://usn.ubuntu.com/7124-1/", "reference_id": "USN-7124-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7124-1/" }, { "reference_url": "https://usn.ubuntu.com/7338-1/", "reference_id": "USN-7338-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7338-1/" }, { "reference_url": "https://usn.ubuntu.com/7339-1/", "reference_id": "USN-7339-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7339-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/933604?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.12%2B7-2~deb11u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.12%252B7-2~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933635?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.13%2B11-1~deb11u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.13%252B11-1~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933636?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.13%2B11-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.13%252B11-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933634?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.13%2B11-2~deb12u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.13%252B11-2~deb12u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933602?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.17%252B10-1~deb12u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933605?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.19~6ea-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~6ea-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1062446?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.19~9ea-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-1%3Fdistro=sid" } ], "aliases": [ "CVE-2024-21217" ], "risk_score": 1.6, "exploitability": "0.5", "weighted_severity": "3.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-9n5v-4daz-eyc2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/76841?format=api", "vulnerability_id": "VCID-9urr-3gt2-mfhe", "summary": "OpenJDK: long Exception message leading to crash (8319851)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21011.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21011.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-21011", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00339", "scoring_system": "epss", "scoring_elements": "0.56731", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00339", "scoring_system": "epss", "scoring_elements": "0.5668", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00339", "scoring_system": "epss", "scoring_elements": "0.56701", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00339", "scoring_system": "epss", "scoring_elements": "0.56732", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00339", "scoring_system": "epss", "scoring_elements": "0.56736", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00339", "scoring_system": "epss", "scoring_elements": "0.56745", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00339", "scoring_system": "epss", "scoring_elements": "0.56721", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00339", "scoring_system": "epss", "scoring_elements": "0.567", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-21011" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21011", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21011" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21012", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21012" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21068", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21068" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21085", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21085" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21094", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21094" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1069678", "reference_id": "1069678", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1069678" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2274977", "reference_id": "2274977", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2274977" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm:20.3.13:*:*:*:enterprise:*:*:*", "reference_id": "cpe:2.3:a:oracle:graalvm:20.3.13:*:*:*:enterprise:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm:20.3.13:*:*:*:enterprise:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm:21.3.9:*:*:*:enterprise:*:*:*", "reference_id": "cpe:2.3:a:oracle:graalvm:21.3.9:*:*:*:enterprise:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm:21.3.9:*:*:*:enterprise:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:17.0.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:graalvm_for_jdk:17.0.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:17.0.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:21.0.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:graalvm_for_jdk:21.0.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:21.0.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:22:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:graalvm_for_jdk:22:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:22:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:11.0.22:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:java_se:11.0.22:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:11.0.22:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:17.0.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:java_se:17.0.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:17.0.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:21.0.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:java_se:21.0.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:21.0.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:22:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:java_se:22:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:22:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:8u401:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:java_se:8u401:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:8u401:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:8u401:*:*:*:enterprise_performance:*:*:*", "reference_id": "cpe:2.3:a:oracle:java_se:8u401:*:*:*:enterprise_performance:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:8u401:*:*:*:enterprise_performance:*:*:*" }, { "reference_url": "https://www.oracle.com/security-alerts/cpuapr2024.html", "reference_id": "cpuapr2024.html", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-26T15:16:14Z/" } ], "url": "https://www.oracle.com/security-alerts/cpuapr2024.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00014.html", "reference_id": "msg00014.html", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-26T15:16:14Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00014.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20240426-0004/", "reference_id": "ntap-20240426-0004", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-26T15:16:14Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20240426-0004/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1815", "reference_id": "RHSA-2024:1815", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1815" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1816", "reference_id": "RHSA-2024:1816", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1816" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1817", "reference_id": "RHSA-2024:1817", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1817" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1818", "reference_id": "RHSA-2024:1818", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1818" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1819", "reference_id": "RHSA-2024:1819", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1819" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1820", "reference_id": "RHSA-2024:1820", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1820" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1821", "reference_id": "RHSA-2024:1821", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1821" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1822", "reference_id": "RHSA-2024:1822", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1822" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1823", "reference_id": "RHSA-2024:1823", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1823" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1824", "reference_id": "RHSA-2024:1824", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1824" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1825", "reference_id": "RHSA-2024:1825", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1825" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1826", "reference_id": "RHSA-2024:1826", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1826" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1827", "reference_id": "RHSA-2024:1827", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1827" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1828", "reference_id": "RHSA-2024:1828", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1828" }, { "reference_url": "https://usn.ubuntu.com/6810-1/", "reference_id": "USN-6810-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6810-1/" }, { "reference_url": "https://usn.ubuntu.com/6811-1/", "reference_id": "USN-6811-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6811-1/" }, { "reference_url": "https://usn.ubuntu.com/6812-1/", "reference_id": "USN-6812-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6812-1/" }, { "reference_url": "https://usn.ubuntu.com/6813-1/", "reference_id": "USN-6813-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6813-1/" }, { "reference_url": "https://usn.ubuntu.com/7096-1/", "reference_id": "USN-7096-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7096-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/933630?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.11%2B9-1~deb11u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.11%252B9-1~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933629?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.11%2B9-1~deb12u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.11%252B9-1~deb12u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933631?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.11%2B9-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.11%252B9-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933604?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.12%2B7-2~deb11u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.12%252B7-2~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933602?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.17%252B10-1~deb12u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933605?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.19~6ea-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~6ea-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1062446?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.19~9ea-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-1%3Fdistro=sid" } ], "aliases": [ "CVE-2024-21011" ], "risk_score": 1.6, "exploitability": "0.5", "weighted_severity": "3.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-9urr-3gt2-mfhe" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/78477?format=api", "vulnerability_id": "VCID-9uzg-sja9-hkcy", "summary": "OpenJDK: Swing HTML parsing issue (8296832)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-21939.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-21939.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-21939", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01861", "scoring_system": "epss", "scoring_elements": "0.83001", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01861", "scoring_system": "epss", "scoring_elements": "0.83087", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01861", "scoring_system": "epss", "scoring_elements": "0.83014", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01861", "scoring_system": "epss", "scoring_elements": "0.83012", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01861", "scoring_system": "epss", "scoring_elements": "0.83037", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01861", "scoring_system": "epss", "scoring_elements": "0.83044", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01861", "scoring_system": "epss", "scoring_elements": "0.83059", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01861", "scoring_system": "epss", "scoring_elements": "0.83053", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01861", "scoring_system": "epss", "scoring_elements": "0.83048", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-21939" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21930", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21930" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21937", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21937" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21938", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21938" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21939", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21939" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21954", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21954" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21967", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21967" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21968", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21968" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22006", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22006" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22036", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22036" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22041", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22041" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22045", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22045" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22049", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22049" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1035957", "reference_id": "1035957", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1035957" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036280", "reference_id": "1036280", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036280" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2187724", "reference_id": "2187724", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2187724" }, { "reference_url": "https://www.debian.org/security/2023/dsa-5430", "reference_id": "dsa-5430", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-05T19:26:29Z/" } ], "url": "https://www.debian.org/security/2023/dsa-5430" }, { "reference_url": "https://www.debian.org/security/2023/dsa-5478", "reference_id": "dsa-5478", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-05T19:26:29Z/" } ], "url": "https://www.debian.org/security/2023/dsa-5478" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00018.html", "reference_id": "msg00018.html", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-05T19:26:29Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00018.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20230427-0008/", "reference_id": "ntap-20230427-0008", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-05T19:26:29Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20230427-0008/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1875", "reference_id": "RHSA-2023:1875", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1875" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1877", "reference_id": "RHSA-2023:1877", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1877" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1878", "reference_id": "RHSA-2023:1878", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1878" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1879", "reference_id": "RHSA-2023:1879", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1879" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1880", "reference_id": "RHSA-2023:1880", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1880" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1882", "reference_id": "RHSA-2023:1882", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1882" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1883", "reference_id": "RHSA-2023:1883", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1883" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1884", "reference_id": "RHSA-2023:1884", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1884" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1885", "reference_id": "RHSA-2023:1885", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1885" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1889", "reference_id": "RHSA-2023:1889", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1889" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1890", "reference_id": "RHSA-2023:1890", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1890" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1891", "reference_id": "RHSA-2023:1891", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1891" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1892", "reference_id": "RHSA-2023:1892", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1892" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1895", "reference_id": "RHSA-2023:1895", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1895" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1898", "reference_id": "RHSA-2023:1898", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1898" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1899", "reference_id": "RHSA-2023:1899", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1899" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1900", "reference_id": "RHSA-2023:1900", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1900" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1903", "reference_id": "RHSA-2023:1903", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1903" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1904", "reference_id": "RHSA-2023:1904", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1904" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1905", "reference_id": "RHSA-2023:1905", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1905" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1906", "reference_id": "RHSA-2023:1906", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1906" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1907", "reference_id": "RHSA-2023:1907", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1907" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1908", "reference_id": "RHSA-2023:1908", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1908" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1909", "reference_id": "RHSA-2023:1909", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1909" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1910", "reference_id": "RHSA-2023:1910", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1910" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1911", "reference_id": "RHSA-2023:1911", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1911" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1912", "reference_id": "RHSA-2023:1912", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1912" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4103", "reference_id": "RHSA-2023:4103", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4103" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4160", "reference_id": "RHSA-2023:4160", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4160" }, { "reference_url": "https://usn.ubuntu.com/6077-1/", "reference_id": "USN-6077-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6077-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/933619?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.7%2B7-1~deb11u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.7%252B7-1~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933618?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.7%2B7-1~deb12u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.7%252B7-1~deb12u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933620?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.7%2B7-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.7%252B7-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933604?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.12%2B7-2~deb11u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.12%252B7-2~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933602?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.17%252B10-1~deb12u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933605?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.19~6ea-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~6ea-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1062446?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.19~9ea-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-1%3Fdistro=sid" } ], "aliases": [ "CVE-2023-21939" ], "risk_score": 2.4, "exploitability": "0.5", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-9uzg-sja9-hkcy" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31968?format=api", "vulnerability_id": "VCID-a282-ksr4-j3cu", "summary": "Multiple vulnerabilities have been discovered in OpenJDK, the worst of which could lead to remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-22081.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-22081.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-22081", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00097", "scoring_system": "epss", "scoring_elements": "0.26809", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00097", "scoring_system": "epss", "scoring_elements": "0.26849", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00097", "scoring_system": "epss", "scoring_elements": "0.26634", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00097", "scoring_system": "epss", "scoring_elements": "0.26702", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00097", "scoring_system": "epss", "scoring_elements": "0.26753", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00097", "scoring_system": "epss", "scoring_elements": "0.26756", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00097", "scoring_system": "epss", "scoring_elements": "0.26712", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00097", "scoring_system": "epss", "scoring_elements": "0.26655", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00097", "scoring_system": "epss", "scoring_elements": "0.26664", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-22081" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22025", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22025" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22081", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22081" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243627", "reference_id": "2243627", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243627" }, { "reference_url": "https://security.gentoo.org/glsa/202412-07", "reference_id": "GLSA-202412-07", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-07" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5725", "reference_id": "RHSA-2023:5725", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5725" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5726", "reference_id": "RHSA-2023:5726", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5726" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5727", "reference_id": "RHSA-2023:5727", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5727" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5728", "reference_id": "RHSA-2023:5728", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5728" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5729", "reference_id": "RHSA-2023:5729", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5729" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5730", "reference_id": "RHSA-2023:5730", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5730" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5731", "reference_id": "RHSA-2023:5731", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5731" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5732", "reference_id": "RHSA-2023:5732", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5732" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5733", "reference_id": "RHSA-2023:5733", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5733" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5734", "reference_id": "RHSA-2023:5734", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5734" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5735", "reference_id": "RHSA-2023:5735", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5735" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5736", "reference_id": "RHSA-2023:5736", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5736" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5737", "reference_id": "RHSA-2023:5737", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5737" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5739", "reference_id": "RHSA-2023:5739", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5739" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5740", "reference_id": "RHSA-2023:5740", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5740" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5741", "reference_id": "RHSA-2023:5741", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5741" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5742", "reference_id": "RHSA-2023:5742", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5742" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5743", "reference_id": "RHSA-2023:5743", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5743" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5744", "reference_id": "RHSA-2023:5744", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5744" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5745", "reference_id": "RHSA-2023:5745", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5745" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5746", "reference_id": "RHSA-2023:5746", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5746" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5747", "reference_id": "RHSA-2023:5747", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5747" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5750", "reference_id": "RHSA-2023:5750", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5750" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5751", "reference_id": "RHSA-2023:5751", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5751" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5752", "reference_id": "RHSA-2023:5752", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5752" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5753", "reference_id": "RHSA-2023:5753", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5753" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5761", "reference_id": "RHSA-2023:5761", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5761" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6738", "reference_id": "RHSA-2023:6738", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6738" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6887", "reference_id": "RHSA-2023:6887", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6887" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0866", "reference_id": "RHSA-2024:0866", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0866" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0879", "reference_id": "RHSA-2024:0879", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0879" }, { "reference_url": "https://usn.ubuntu.com/6527-1/", "reference_id": "USN-6527-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6527-1/" }, { "reference_url": "https://usn.ubuntu.com/6528-1/", "reference_id": "USN-6528-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6528-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/933624?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.9%2B9-1~deb11u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.9%252B9-1~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933623?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.9%2B9-1~deb12u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.9%252B9-1~deb12u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933625?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.9%2B9-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.9%252B9-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933604?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.12%2B7-2~deb11u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.12%252B7-2~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933602?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.17%252B10-1~deb12u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933605?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.19~6ea-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~6ea-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1062446?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.19~9ea-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-1%3Fdistro=sid" } ], "aliases": [ "CVE-2023-22081" ], "risk_score": 2.4, "exploitability": "0.5", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-a282-ksr4-j3cu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/34431?format=api", "vulnerability_id": "VCID-a3xk-3wya-s3gm", "summary": "Multiple vulnerabilities have been found in IcedTea, the worst of which could result in arbitrary code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-21835.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-21835.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-21835", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00077", "scoring_system": "epss", "scoring_elements": "0.23206", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00077", "scoring_system": "epss", "scoring_elements": "0.2325", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00077", "scoring_system": "epss", "scoring_elements": "0.23039", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00077", "scoring_system": "epss", "scoring_elements": "0.23112", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00077", "scoring_system": "epss", "scoring_elements": "0.23165", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00077", "scoring_system": "epss", "scoring_elements": "0.23185", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00077", "scoring_system": "epss", "scoring_elements": "0.23147", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00077", "scoring_system": "epss", "scoring_elements": "0.23089", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00077", "scoring_system": "epss", "scoring_elements": "0.23104", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-21835" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21618", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21618" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21619", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21619" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21624", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21624" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21626", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21626" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21628", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21628" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39399", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39399" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21835", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21835" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21843", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21843" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2160421", "reference_id": "2160421", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2160421" }, { "reference_url": "https://security.gentoo.org/glsa/202409-26", "reference_id": "GLSA-202409-26", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202409-26" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0190", "reference_id": "RHSA-2023:0190", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0190" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0191", "reference_id": "RHSA-2023:0191", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0191" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0192", "reference_id": "RHSA-2023:0192", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0192" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0193", "reference_id": "RHSA-2023:0193", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0193" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0194", "reference_id": "RHSA-2023:0194", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0194" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0195", "reference_id": "RHSA-2023:0195", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0195" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0196", "reference_id": "RHSA-2023:0196", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0196" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0197", "reference_id": "RHSA-2023:0197", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0197" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0198", "reference_id": "RHSA-2023:0198", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0198" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0199", "reference_id": "RHSA-2023:0199", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0199" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0200", "reference_id": "RHSA-2023:0200", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0200" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0201", "reference_id": "RHSA-2023:0201", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0201" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0202", "reference_id": "RHSA-2023:0202", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0202" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0352", "reference_id": "RHSA-2023:0352", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0352" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0353", "reference_id": "RHSA-2023:0353", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0353" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0388", "reference_id": "RHSA-2023:0388", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0388" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0389", "reference_id": "RHSA-2023:0389", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0389" }, { "reference_url": "https://usn.ubuntu.com/5897-1/", "reference_id": "USN-5897-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5897-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/933616?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.6%2B10-1~deb11u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.6%252B10-1~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933617?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.6%2B10-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.6%252B10-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933604?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.12%2B7-2~deb11u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.12%252B7-2~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933602?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.17%252B10-1~deb12u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933605?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.19~6ea-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~6ea-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1062446?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.19~9ea-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-1%3Fdistro=sid" } ], "aliases": [ "CVE-2023-21835" ], "risk_score": 2.4, "exploitability": "0.5", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-a3xk-3wya-s3gm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31962?format=api", "vulnerability_id": "VCID-a59u-h67v-yygm", "summary": "Multiple vulnerabilities have been discovered in OpenJDK, the worst of which could lead to remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-22041.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-22041.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-22041", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00073", "scoring_system": "epss", "scoring_elements": "0.22241", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00073", "scoring_system": "epss", "scoring_elements": "0.22289", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00073", "scoring_system": "epss", "scoring_elements": "0.22073", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00073", "scoring_system": "epss", "scoring_elements": "0.22154", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00073", "scoring_system": "epss", "scoring_elements": "0.22208", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00073", "scoring_system": "epss", "scoring_elements": "0.22229", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00073", "scoring_system": "epss", "scoring_elements": "0.22188", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00073", "scoring_system": "epss", "scoring_elements": "0.22128", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00073", "scoring_system": "epss", "scoring_elements": "0.22127", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-22041" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21930", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21930" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21937", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21937" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21938", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21938" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21939", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21939" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21954", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21954" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21967", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21967" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21968", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21968" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22006", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22006" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22036", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22036" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22041", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22041" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22045", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22045" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22049", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22049" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2223207", "reference_id": "2223207", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2223207" }, { "reference_url": "https://security.gentoo.org/glsa/202407-24", "reference_id": "GLSA-202407-24", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202407-24" }, { "reference_url": "https://security.gentoo.org/glsa/202412-07", "reference_id": "GLSA-202412-07", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-07" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4157", "reference_id": "RHSA-2023:4157", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4157" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4158", "reference_id": "RHSA-2023:4158", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4158" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4159", "reference_id": "RHSA-2023:4159", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4159" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4161", "reference_id": "RHSA-2023:4161", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4161" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4162", "reference_id": "RHSA-2023:4162", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4162" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4163", "reference_id": "RHSA-2023:4163", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4163" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4164", "reference_id": "RHSA-2023:4164", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4164" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4165", "reference_id": "RHSA-2023:4165", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4165" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4169", "reference_id": "RHSA-2023:4169", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4169" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4170", "reference_id": "RHSA-2023:4170", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4170" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4171", "reference_id": "RHSA-2023:4171", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4171" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4175", "reference_id": "RHSA-2023:4175", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4175" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4177", "reference_id": "RHSA-2023:4177", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4177" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4208", "reference_id": "RHSA-2023:4208", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4208" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4210", "reference_id": "RHSA-2023:4210", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4210" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4211", "reference_id": "RHSA-2023:4211", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4211" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4233", "reference_id": "RHSA-2023:4233", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4233" }, { "reference_url": "https://usn.ubuntu.com/6263-1/", "reference_id": "USN-6263-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6263-1/" }, { "reference_url": "https://usn.ubuntu.com/6272-1/", "reference_id": "USN-6272-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6272-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/933621?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.8%2B7-1~deb12u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.8%252B7-1~deb12u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933622?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.8%2B7-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.8%252B7-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933604?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.12%2B7-2~deb11u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.12%252B7-2~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933602?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.17%252B10-1~deb12u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933605?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.19~6ea-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~6ea-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1062446?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.19~9ea-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-1%3Fdistro=sid" } ], "aliases": [ "CVE-2023-22041" ], "risk_score": 2.3, "exploitability": "0.5", "weighted_severity": "4.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-a59u-h67v-yygm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/79488?format=api", "vulnerability_id": "VCID-a95g-84vs-xbav", "summary": "OpenJDK: Defective secure validation in Apache Santuario (Libraries, 8278008)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21476.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21476.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-21476", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00184", "scoring_system": "epss", "scoring_elements": "0.40218", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00184", "scoring_system": "epss", "scoring_elements": "0.40224", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00184", "scoring_system": "epss", "scoring_elements": "0.40186", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00184", "scoring_system": "epss", "scoring_elements": "0.40168", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0019", "scoring_system": "epss", "scoring_elements": "0.40815", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0019", "scoring_system": "epss", "scoring_elements": "0.40842", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0019", "scoring_system": "epss", "scoring_elements": "0.40767", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0019", "scoring_system": "epss", "scoring_elements": "0.40817", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0019", "scoring_system": "epss", "scoring_elements": "0.40824", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-21476" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21426", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21426" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21434", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21434" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21443", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21443" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21449", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21449" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21476", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21476" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21496", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21496" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1010597", "reference_id": "1010597", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1010597" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2075842", "reference_id": "2075842", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2075842" }, { "reference_url": "https://security.archlinux.org/AVG-2687", "reference_id": "AVG-2687", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2687" }, { "reference_url": "https://security.archlinux.org/AVG-2688", "reference_id": "AVG-2688", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2688" }, { "reference_url": "https://security.archlinux.org/AVG-2689", "reference_id": "AVG-2689", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2689" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1435", "reference_id": "RHSA-2022:1435", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1435" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1436", "reference_id": "RHSA-2022:1436", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1436" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1437", "reference_id": "RHSA-2022:1437", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1437" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1438", "reference_id": "RHSA-2022:1438", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1438" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1439", "reference_id": "RHSA-2022:1439", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1439" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1440", "reference_id": "RHSA-2022:1440", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1440" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1441", "reference_id": "RHSA-2022:1441", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1441" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1442", "reference_id": "RHSA-2022:1442", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1442" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1443", "reference_id": "RHSA-2022:1443", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1443" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1444", "reference_id": "RHSA-2022:1444", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1444" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1445", "reference_id": "RHSA-2022:1445", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1445" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1487", "reference_id": "RHSA-2022:1487", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1487" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1488", "reference_id": "RHSA-2022:1488", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1488" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1489", "reference_id": "RHSA-2022:1489", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1489" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1490", "reference_id": "RHSA-2022:1490", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1490" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1491", "reference_id": "RHSA-2022:1491", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1491" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1492", "reference_id": "RHSA-2022:1492", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1492" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1728", "reference_id": "RHSA-2022:1728", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1728" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1729", "reference_id": "RHSA-2022:1729", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1729" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:2137", "reference_id": "RHSA-2022:2137", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:2137" }, { "reference_url": "https://usn.ubuntu.com/5388-1/", "reference_id": "USN-5388-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5388-1/" }, { "reference_url": "https://usn.ubuntu.com/5388-2/", "reference_id": "USN-5388-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5388-2/" }, { "reference_url": "https://usn.ubuntu.com/5546-1/", "reference_id": "USN-5546-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5546-1/" }, { "reference_url": "https://usn.ubuntu.com/5546-2/", "reference_id": "USN-5546-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5546-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/933612?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.3%2B7-1~deb11u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.3%252B7-1~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933611?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.3%2B7-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.3%252B7-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933604?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.12%2B7-2~deb11u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.12%252B7-2~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933602?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.17%252B10-1~deb12u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933605?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.19~6ea-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~6ea-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1062446?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.19~9ea-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-1%3Fdistro=sid" } ], "aliases": [ "CVE-2022-21476" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-a95g-84vs-xbav" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/64944?format=api", "vulnerability_id": "VCID-apsn-z1br-3bdy", "summary": "openjdk: Enhance Certificate Checking (Oracle CPU 2026-01)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-21945.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-21945.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-21945", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00053", "scoring_system": "epss", "scoring_elements": "0.16874", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00053", "scoring_system": "epss", "scoring_elements": "0.16664", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00053", "scoring_system": "epss", "scoring_elements": "0.16832", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00053", "scoring_system": "epss", "scoring_elements": "0.16786", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00053", "scoring_system": "epss", "scoring_elements": "0.16728", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00053", "scoring_system": "epss", "scoring_elements": "0.1693", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00053", "scoring_system": "epss", "scoring_elements": "0.16714", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00053", "scoring_system": "epss", "scoring_elements": "0.16799", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00053", "scoring_system": "epss", "scoring_elements": "0.16854", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-21945" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-21945", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-21945" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1126119", "reference_id": "1126119", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1126119" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2429927", "reference_id": "2429927", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2429927" }, { "reference_url": "https://www.oracle.com/security-alerts/cpujan2026.html", "reference_id": "cpujan2026.html", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-01-21T15:04:39Z/" } ], "url": "https://www.oracle.com/security-alerts/cpujan2026.html" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0847", "reference_id": "RHSA-2026:0847", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0847" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0848", "reference_id": "RHSA-2026:0848", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0848" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0849", "reference_id": "RHSA-2026:0849", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0849" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0895", "reference_id": "RHSA-2026:0895", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0895" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0896", "reference_id": "RHSA-2026:0896", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0896" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0897", "reference_id": "RHSA-2026:0897", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0897" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0898", "reference_id": "RHSA-2026:0898", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0898" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0899", "reference_id": "RHSA-2026:0899", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0899" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0900", "reference_id": "RHSA-2026:0900", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0900" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0901", "reference_id": "RHSA-2026:0901", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0901" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0927", "reference_id": "RHSA-2026:0927", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0927" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0928", "reference_id": "RHSA-2026:0928", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0928" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0931", "reference_id": "RHSA-2026:0931", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0931" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0932", "reference_id": "RHSA-2026:0932", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0932" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0933", "reference_id": "RHSA-2026:0933", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0933" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1606", "reference_id": "RHSA-2026:1606", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1606" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4832", "reference_id": "RHSA-2026:4832", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4832" }, { "reference_url": "https://usn.ubuntu.com/7995-1/", "reference_id": "USN-7995-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7995-1/" }, { "reference_url": "https://usn.ubuntu.com/7996-1/", "reference_id": "USN-7996-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7996-1/" }, { "reference_url": "https://usn.ubuntu.com/7997-1/", "reference_id": "USN-7997-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7997-1/" }, { "reference_url": "https://usn.ubuntu.com/7998-1/", "reference_id": "USN-7998-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7998-1/" }, { "reference_url": "https://usn.ubuntu.com/8000-1/", "reference_id": "USN-8000-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8000-1/" }, { "reference_url": "https://usn.ubuntu.com/8001-1/", "reference_id": "USN-8001-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8001-1/" }, { "reference_url": "https://usn.ubuntu.com/8002-1/", "reference_id": "USN-8002-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8002-1/" }, { "reference_url": "https://usn.ubuntu.com/8003-1/", "reference_id": "USN-8003-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8003-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/933604?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.12%2B7-2~deb11u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.12%252B7-2~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933602?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.17%252B10-1~deb12u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933649?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.18%2B8-1~deb11u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.18%252B8-1~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933648?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.18%2B8-1~deb12u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.18%252B8-1~deb12u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933650?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.18%2B8-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.18%252B8-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933605?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.19~6ea-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~6ea-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1062446?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.19~9ea-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-1%3Fdistro=sid" } ], "aliases": [ "CVE-2026-21945" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-apsn-z1br-3bdy" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/68623?format=api", "vulnerability_id": "VCID-b32x-4pu4-jkh4", "summary": "openjdk: Better Glyph drawing (Oracle CPU 2025-07)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-30749.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-30749.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-30749", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00508", "scoring_system": "epss", "scoring_elements": "0.6625", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00508", "scoring_system": "epss", "scoring_elements": "0.66247", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00508", "scoring_system": "epss", "scoring_elements": "0.66277", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00508", "scoring_system": "epss", "scoring_elements": "0.66294", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00508", "scoring_system": "epss", "scoring_elements": "0.66307", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00672", "scoring_system": "epss", "scoring_elements": "0.71388", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00672", "scoring_system": "epss", "scoring_elements": "0.71355", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00672", "scoring_system": "epss", "scoring_elements": "0.71401", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00672", "scoring_system": "epss", "scoring_elements": "0.71372", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-30749" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-30749", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-30749" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2376783", "reference_id": "2376783", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2376783" }, { "reference_url": "https://www.oracle.com/security-alerts/cpujul2025.html", "reference_id": "cpujul2025.html", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-07-15T20:23:21Z/" } ], "url": "https://www.oracle.com/security-alerts/cpujul2025.html" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10861", "reference_id": "RHSA-2025:10861", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10861" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10862", "reference_id": "RHSA-2025:10862", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10862" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10863", "reference_id": "RHSA-2025:10863", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10863" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10864", "reference_id": "RHSA-2025:10864", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10864" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10865", "reference_id": "RHSA-2025:10865", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10865" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10866", "reference_id": "RHSA-2025:10866", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10866" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10867", "reference_id": "RHSA-2025:10867", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10867" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10868", "reference_id": "RHSA-2025:10868", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10868" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10869", "reference_id": "RHSA-2025:10869", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10869" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10870", "reference_id": "RHSA-2025:10870", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10870" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10873", "reference_id": "RHSA-2025:10873", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10873" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10874", "reference_id": "RHSA-2025:10874", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10874" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10875", "reference_id": "RHSA-2025:10875", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10875" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:13656", "reference_id": "RHSA-2025:13656", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:13656" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:13675", "reference_id": "RHSA-2025:13675", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:13675" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0934", "reference_id": "RHSA-2026:0934", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0934" }, { "reference_url": "https://usn.ubuntu.com/7667-1/", "reference_id": "USN-7667-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7667-1/" }, { "reference_url": "https://usn.ubuntu.com/7668-1/", "reference_id": "USN-7668-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7668-1/" }, { "reference_url": "https://usn.ubuntu.com/7669-1/", "reference_id": "USN-7669-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7669-1/" }, { "reference_url": "https://usn.ubuntu.com/7672-1/", "reference_id": "USN-7672-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7672-1/" }, { "reference_url": "https://usn.ubuntu.com/7673-1/", "reference_id": "USN-7673-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7673-1/" }, { "reference_url": "https://usn.ubuntu.com/7674-1/", "reference_id": "USN-7674-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7674-1/" }, { "reference_url": "https://usn.ubuntu.com/7690-1/", "reference_id": "USN-7690-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7690-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/933604?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.12%2B7-2~deb11u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.12%252B7-2~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933644?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.16%2B8-1~deb11u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.16%252B8-1~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933643?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.16%2B8-1~deb12u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.16%252B8-1~deb12u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933645?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.16%2B8-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.16%252B8-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933602?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.17%252B10-1~deb12u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933605?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.19~6ea-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~6ea-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1062446?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.19~9ea-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-1%3Fdistro=sid" } ], "aliases": [ "CVE-2025-30749" ], "risk_score": 3.6, "exploitability": "0.5", "weighted_severity": "7.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-b32x-4pu4-jkh4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/34330?format=api", "vulnerability_id": "VCID-bqav-d2f9-x7d1", "summary": "Multiple vulnerabilities have been found in OpenJDK, the worst of which could result in denial of service.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-2161.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-2161.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-2161", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01404", "scoring_system": "epss", "scoring_elements": "0.80398", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01404", "scoring_system": "epss", "scoring_elements": "0.8048", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01404", "scoring_system": "epss", "scoring_elements": "0.80452", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01404", "scoring_system": "epss", "scoring_elements": "0.80458", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01404", "scoring_system": "epss", "scoring_elements": "0.80404", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01404", "scoring_system": "epss", "scoring_elements": "0.80473", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01404", "scoring_system": "epss", "scoring_elements": "0.80454", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01404", "scoring_system": "epss", "scoring_elements": "0.80444", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01404", "scoring_system": "epss", "scoring_elements": "0.80425", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01404", "scoring_system": "epss", "scoring_elements": "0.80414", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-2161" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1951231", "reference_id": "1951231", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1951231" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5ACX4JEVYH6H4PSMGMYWTGABPOFPH3TS/", "reference_id": "5ACX4JEVYH6H4PSMGMYWTGABPOFPH3TS", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T14:44:10Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5ACX4JEVYH6H4PSMGMYWTGABPOFPH3TS/" }, { "reference_url": "https://docs.azul.com/core/zulu-openjdk/release-notes/april-2021.html#fixed-common-vulnerabilities-and-exposures", "reference_id": "april-2021.html#fixed-common-vulnerabilities-and-exposures", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T14:44:10Z/" } ], "url": "https://docs.azul.com/core/zulu-openjdk/release-notes/april-2021.html#fixed-common-vulnerabilities-and-exposures" }, { "reference_url": "https://security.archlinux.org/AVG-1865", "reference_id": "AVG-1865", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1865" }, { "reference_url": "https://security.archlinux.org/AVG-1866", "reference_id": "AVG-1866", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1866" }, { "reference_url": "https://security.archlinux.org/AVG-1867", "reference_id": "AVG-1867", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1867" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CFXOKM2233JVGYDOWW77BN54X3GZTIBK/", "reference_id": "CFXOKM2233JVGYDOWW77BN54X3GZTIBK", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T14:44:10Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CFXOKM2233JVGYDOWW77BN54X3GZTIBK/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CG7EWXSO6JUCVHP7R3SOZQ7WPNBOISJH/", "reference_id": "CG7EWXSO6JUCVHP7R3SOZQ7WPNBOISJH", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T14:44:10Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CG7EWXSO6JUCVHP7R3SOZQ7WPNBOISJH/" }, { "reference_url": "https://www.debian.org/security/2021/dsa-4899", "reference_id": "dsa-4899", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T14:44:10Z/" } ], "url": "https://www.debian.org/security/2021/dsa-4899" }, { "reference_url": "https://security.gentoo.org/glsa/202209-05", "reference_id": "GLSA-202209-05", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T14:44:10Z/" } ], "url": "https://security.gentoo.org/glsa/202209-05" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MAULPCQFLAMBJIS27YLNNX6IHRFJMVP4/", "reference_id": "MAULPCQFLAMBJIS27YLNNX6IHRFJMVP4", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T14:44:10Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MAULPCQFLAMBJIS27YLNNX6IHRFJMVP4/" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2021/04/msg00021.html", "reference_id": "msg00021.html", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T14:44:10Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2021/04/msg00021.html" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MVDY4T5XMSYDQT6RRKPMRCV4MVGS7KXF/", "reference_id": "MVDY4T5XMSYDQT6RRKPMRCV4MVGS7KXF", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T14:44:10Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MVDY4T5XMSYDQT6RRKPMRCV4MVGS7KXF/" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20210513-0001/", "reference_id": "ntap-20210513-0001", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T14:44:10Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20210513-0001/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1445", "reference_id": "RHSA-2021:1445", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1445" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1447", "reference_id": "RHSA-2021:1447", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1447" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UD3JEP4HPLK7MNZHVUMKIJPBP74M3A2V/", "reference_id": "UD3JEP4HPLK7MNZHVUMKIJPBP74M3A2V", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T14:44:10Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UD3JEP4HPLK7MNZHVUMKIJPBP74M3A2V/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/933603?format=api", "purl": "pkg:deb/debian/openjdk-17@0?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@0%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933604?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.12%2B7-2~deb11u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.12%252B7-2~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933602?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.17%252B10-1~deb12u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933605?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.19~6ea-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~6ea-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1062446?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.19~9ea-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-1%3Fdistro=sid" } ], "aliases": [ "CVE-2021-2161" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-bqav-d2f9-x7d1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31975?format=api", "vulnerability_id": "VCID-d6gm-thtx-bqb7", "summary": "Multiple vulnerabilities have been discovered in OpenJDK, the worst of which could lead to remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-20932.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-20932.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-20932", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00172", "scoring_system": "epss", "scoring_elements": "0.38506", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00172", "scoring_system": "epss", "scoring_elements": "0.38498", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00172", "scoring_system": "epss", "scoring_elements": "0.38507", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00172", "scoring_system": "epss", "scoring_elements": "0.38522", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00172", "scoring_system": "epss", "scoring_elements": "0.38484", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00172", "scoring_system": "epss", "scoring_elements": "0.38459", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00172", "scoring_system": "epss", "scoring_elements": "0.3856", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00172", "scoring_system": "epss", "scoring_elements": "0.38584", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00172", "scoring_system": "epss", "scoring_elements": "0.38447", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-20932" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20918", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20918" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20919", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20919" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20921", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20921" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20926", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20926" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20932", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20932" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20945", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20945" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20952", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20952" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2257720", "reference_id": "2257720", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2257720" }, { "reference_url": "https://security.gentoo.org/glsa/202412-07", "reference_id": "GLSA-202412-07", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-07" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20240201-0002/", "reference_id": "ntap-20240201-0002", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-30T15:51:25Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20240201-0002/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0240", "reference_id": "RHSA-2024:0240", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0240" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0241", "reference_id": "RHSA-2024:0241", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0241" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0242", "reference_id": "RHSA-2024:0242", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0242" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0244", "reference_id": "RHSA-2024:0244", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0244" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0246", "reference_id": "RHSA-2024:0246", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0246" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0267", "reference_id": "RHSA-2024:0267", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0267" }, { "reference_url": "https://usn.ubuntu.com/6661-1/", "reference_id": "USN-6661-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6661-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/933627?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.10%2B7-1~deb11u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.10%252B7-1~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933626?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.10%2B7-1~deb12u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.10%252B7-1~deb12u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933628?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.10%2B7-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.10%252B7-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933604?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.12%2B7-2~deb11u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.12%252B7-2~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933602?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.17%252B10-1~deb12u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933605?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.19~6ea-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~6ea-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1062446?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.19~9ea-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-1%3Fdistro=sid" } ], "aliases": [ "CVE-2024-20932" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-d6gm-thtx-bqb7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/64942?format=api", "vulnerability_id": "VCID-duy9-6f1p-vqah", "summary": "openjdk: Enhance Handling of URIs (Oracle CPU 2026-01)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-21932.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-21932.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-21932", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00032", "scoring_system": "epss", "scoring_elements": "0.09259", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00032", "scoring_system": "epss", "scoring_elements": "0.09205", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00032", "scoring_system": "epss", "scoring_elements": "0.09356", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00032", "scoring_system": "epss", "scoring_elements": "0.09328", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00032", "scoring_system": "epss", "scoring_elements": "0.09314", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00032", "scoring_system": "epss", "scoring_elements": "0.0931", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00032", "scoring_system": "epss", "scoring_elements": "0.09227", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00032", "scoring_system": "epss", "scoring_elements": "0.09302", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00032", "scoring_system": "epss", "scoring_elements": "0.09346", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-21932" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-21932", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-21932" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1126119", "reference_id": "1126119", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1126119" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2429925", "reference_id": "2429925", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2429925" }, { "reference_url": "https://www.oracle.com/security-alerts/cpujan2026.html", "reference_id": "cpujan2026.html", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-21T20:55:36Z/" } ], "url": "https://www.oracle.com/security-alerts/cpujan2026.html" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0849", "reference_id": "RHSA-2026:0849", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0849" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0896", "reference_id": "RHSA-2026:0896", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0896" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0898", "reference_id": "RHSA-2026:0898", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0898" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0900", "reference_id": "RHSA-2026:0900", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0900" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1606", "reference_id": "RHSA-2026:1606", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1606" }, { "reference_url": "https://usn.ubuntu.com/7995-1/", "reference_id": "USN-7995-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7995-1/" }, { "reference_url": "https://usn.ubuntu.com/7996-1/", "reference_id": "USN-7996-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7996-1/" }, { "reference_url": "https://usn.ubuntu.com/7997-1/", "reference_id": "USN-7997-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7997-1/" }, { "reference_url": "https://usn.ubuntu.com/7998-1/", "reference_id": "USN-7998-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7998-1/" }, { "reference_url": "https://usn.ubuntu.com/8000-1/", "reference_id": "USN-8000-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8000-1/" }, { "reference_url": "https://usn.ubuntu.com/8001-1/", "reference_id": "USN-8001-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8001-1/" }, { "reference_url": "https://usn.ubuntu.com/8002-1/", "reference_id": "USN-8002-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8002-1/" }, { "reference_url": "https://usn.ubuntu.com/8003-1/", "reference_id": "USN-8003-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8003-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/933604?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.12%2B7-2~deb11u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.12%252B7-2~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933602?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.17%252B10-1~deb12u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933649?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.18%2B8-1~deb11u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.18%252B8-1~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933648?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.18%2B8-1~deb12u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.18%252B8-1~deb12u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933650?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.18%2B8-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.18%252B8-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933605?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.19~6ea-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~6ea-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1062446?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.19~9ea-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-1%3Fdistro=sid" } ], "aliases": [ "CVE-2026-21932" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.7", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-duy9-6f1p-vqah" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/78479?format=api", "vulnerability_id": "VCID-dwh6-xw5k-mqg8", "summary": "OpenJDK: missing string checks for NULL characters (8296622)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-21937.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-21937.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-21937", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00087", "scoring_system": "epss", "scoring_elements": "0.25149", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00087", "scoring_system": "epss", "scoring_elements": "0.25005", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00087", "scoring_system": "epss", "scoring_elements": "0.25188", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00087", "scoring_system": "epss", "scoring_elements": "0.2496", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00087", "scoring_system": "epss", "scoring_elements": "0.25029", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00087", "scoring_system": "epss", "scoring_elements": "0.25073", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00087", "scoring_system": "epss", "scoring_elements": "0.25087", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00087", "scoring_system": "epss", "scoring_elements": "0.25047", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00087", "scoring_system": "epss", "scoring_elements": "0.24993", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-21937" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21930", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21930" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21937", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21937" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21938", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21938" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21939", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21939" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21954", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21954" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21967", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21967" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21968", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21968" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22006", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22006" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22036", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22036" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22041", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22041" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22045", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22045" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22049", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22049" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1035957", "reference_id": "1035957", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1035957" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036280", "reference_id": "1036280", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036280" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2187790", "reference_id": "2187790", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2187790" }, { "reference_url": "https://www.debian.org/security/2023/dsa-5430", "reference_id": "dsa-5430", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-17T13:34:57Z/" } ], "url": "https://www.debian.org/security/2023/dsa-5430" }, { "reference_url": "https://www.debian.org/security/2023/dsa-5478", "reference_id": "dsa-5478", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-17T13:34:57Z/" } ], "url": "https://www.debian.org/security/2023/dsa-5478" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00018.html", "reference_id": "msg00018.html", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-17T13:34:57Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00018.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20230427-0008/", "reference_id": "ntap-20230427-0008", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-17T13:34:57Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20230427-0008/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1875", "reference_id": "RHSA-2023:1875", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1875" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1877", "reference_id": "RHSA-2023:1877", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1877" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1878", "reference_id": "RHSA-2023:1878", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1878" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1879", "reference_id": "RHSA-2023:1879", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1879" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1880", "reference_id": "RHSA-2023:1880", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1880" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1882", "reference_id": "RHSA-2023:1882", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1882" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1883", "reference_id": "RHSA-2023:1883", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1883" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1884", "reference_id": "RHSA-2023:1884", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1884" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1885", "reference_id": "RHSA-2023:1885", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1885" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1889", "reference_id": "RHSA-2023:1889", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1889" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1890", "reference_id": "RHSA-2023:1890", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1890" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1891", "reference_id": "RHSA-2023:1891", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1891" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1892", "reference_id": "RHSA-2023:1892", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1892" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1895", "reference_id": "RHSA-2023:1895", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1895" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1898", "reference_id": "RHSA-2023:1898", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1898" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1899", "reference_id": "RHSA-2023:1899", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1899" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1900", "reference_id": "RHSA-2023:1900", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1900" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1903", "reference_id": "RHSA-2023:1903", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1903" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1904", "reference_id": "RHSA-2023:1904", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1904" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1905", "reference_id": "RHSA-2023:1905", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1905" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1906", "reference_id": "RHSA-2023:1906", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1906" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1907", "reference_id": "RHSA-2023:1907", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1907" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1908", "reference_id": "RHSA-2023:1908", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1908" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1909", "reference_id": "RHSA-2023:1909", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1909" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1910", "reference_id": "RHSA-2023:1910", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1910" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1911", "reference_id": "RHSA-2023:1911", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1911" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1912", "reference_id": "RHSA-2023:1912", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1912" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4103", "reference_id": "RHSA-2023:4103", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4103" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4160", "reference_id": "RHSA-2023:4160", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4160" }, { "reference_url": "https://usn.ubuntu.com/6077-1/", "reference_id": "USN-6077-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6077-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/933619?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.7%2B7-1~deb11u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.7%252B7-1~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933618?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.7%2B7-1~deb12u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.7%252B7-1~deb12u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933620?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.7%2B7-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.7%252B7-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933604?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.12%2B7-2~deb11u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.12%252B7-2~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933602?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.17%252B10-1~deb12u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933605?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.19~6ea-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~6ea-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1062446?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.19~9ea-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-1%3Fdistro=sid" } ], "aliases": [ "CVE-2023-21937" ], "risk_score": 1.6, "exploitability": "0.5", "weighted_severity": "3.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-dwh6-xw5k-mqg8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31965?format=api", "vulnerability_id": "VCID-dyg2-udwy-cud7", "summary": "Multiple vulnerabilities have been discovered in OpenJDK, the worst of which could lead to remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-22045.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-22045.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-22045", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00153", "scoring_system": "epss", "scoring_elements": "0.3604", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00153", "scoring_system": "epss", "scoring_elements": "0.36098", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00153", "scoring_system": "epss", "scoring_elements": "0.36104", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00153", "scoring_system": "epss", "scoring_elements": "0.36066", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00153", "scoring_system": "epss", "scoring_elements": "0.3603", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00153", "scoring_system": "epss", "scoring_elements": "0.3608", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00201", "scoring_system": "epss", "scoring_elements": "0.42145", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00201", "scoring_system": "epss", "scoring_elements": "0.42172", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-22045" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21930", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21930" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21937", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21937" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21938", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21938" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21939", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21939" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21954", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21954" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21967", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21967" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21968", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21968" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22006", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22006" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22036", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22036" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22041", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22041" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22045", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22045" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22049", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22049" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2221645", "reference_id": "2221645", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2221645" }, { "reference_url": "https://security.gentoo.org/glsa/202407-24", "reference_id": "GLSA-202407-24", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202407-24" }, { "reference_url": "https://security.gentoo.org/glsa/202412-07", "reference_id": "GLSA-202412-07", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-07" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4157", "reference_id": "RHSA-2023:4157", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4157" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4158", "reference_id": "RHSA-2023:4158", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4158" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4159", "reference_id": "RHSA-2023:4159", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4159" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4161", "reference_id": "RHSA-2023:4161", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4161" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4162", "reference_id": "RHSA-2023:4162", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4162" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4163", "reference_id": "RHSA-2023:4163", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4163" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4164", "reference_id": "RHSA-2023:4164", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4164" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4165", "reference_id": "RHSA-2023:4165", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4165" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4166", "reference_id": "RHSA-2023:4166", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4166" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4167", "reference_id": "RHSA-2023:4167", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4167" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4168", "reference_id": "RHSA-2023:4168", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4168" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4169", "reference_id": "RHSA-2023:4169", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4169" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4170", "reference_id": "RHSA-2023:4170", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4170" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4171", "reference_id": "RHSA-2023:4171", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4171" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4172", "reference_id": "RHSA-2023:4172", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4172" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4173", "reference_id": "RHSA-2023:4173", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4173" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4174", "reference_id": "RHSA-2023:4174", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4174" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4175", "reference_id": "RHSA-2023:4175", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4175" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4176", "reference_id": "RHSA-2023:4176", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4176" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4177", "reference_id": "RHSA-2023:4177", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4177" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4178", "reference_id": "RHSA-2023:4178", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4178" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4208", "reference_id": "RHSA-2023:4208", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4208" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4209", "reference_id": "RHSA-2023:4209", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4209" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4210", "reference_id": "RHSA-2023:4210", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4210" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4211", "reference_id": "RHSA-2023:4211", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4211" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4212", "reference_id": "RHSA-2023:4212", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4212" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4233", "reference_id": "RHSA-2023:4233", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4233" }, { "reference_url": "https://usn.ubuntu.com/6263-1/", "reference_id": "USN-6263-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6263-1/" }, { "reference_url": "https://usn.ubuntu.com/6272-1/", "reference_id": "USN-6272-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6272-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/933621?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.8%2B7-1~deb12u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.8%252B7-1~deb12u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933622?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.8%2B7-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.8%252B7-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933604?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.12%2B7-2~deb11u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.12%252B7-2~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933602?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.17%252B10-1~deb12u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933605?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.19~6ea-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~6ea-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1062446?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.19~9ea-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-1%3Fdistro=sid" } ], "aliases": [ "CVE-2023-22045" ], "risk_score": 1.6, "exploitability": "0.5", "weighted_severity": "3.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-dyg2-udwy-cud7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/68625?format=api", "vulnerability_id": "VCID-e6dm-6767-9kdk", "summary": "openjdk: Improve HTTP client header handling (Oracle CPU 2025-07)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-50059.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.6", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-50059.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-50059", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00128", "scoring_system": "epss", "scoring_elements": "0.32274", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00128", "scoring_system": "epss", "scoring_elements": "0.32136", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00128", "scoring_system": "epss", "scoring_elements": "0.32311", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00128", "scoring_system": "epss", "scoring_elements": "0.32185", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00128", "scoring_system": "epss", "scoring_elements": "0.32212", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00131", "scoring_system": "epss", "scoring_elements": "0.32669", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00131", "scoring_system": "epss", "scoring_elements": "0.32603", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00131", "scoring_system": "epss", "scoring_elements": "0.32641", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00131", "scoring_system": "epss", "scoring_elements": "0.32631", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-50059" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-50059", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-50059" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2376785", "reference_id": "2376785", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2376785" }, { "reference_url": "https://www.oracle.com/security-alerts/cpujul2025.html", "reference_id": "cpujul2025.html", "reference_type": "", "scores": [ { "value": "8.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-07-16T14:42:42Z/" } ], "url": "https://www.oracle.com/security-alerts/cpujul2025.html" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10865", "reference_id": "RHSA-2025:10865", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10865" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10866", "reference_id": "RHSA-2025:10866", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10866" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10867", "reference_id": "RHSA-2025:10867", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10867" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10868", "reference_id": "RHSA-2025:10868", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10868" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10869", "reference_id": "RHSA-2025:10869", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10869" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10870", "reference_id": "RHSA-2025:10870", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10870" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10873", "reference_id": "RHSA-2025:10873", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10873" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10874", "reference_id": "RHSA-2025:10874", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10874" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10875", "reference_id": "RHSA-2025:10875", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10875" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:13656", "reference_id": "RHSA-2025:13656", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:13656" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0934", "reference_id": "RHSA-2026:0934", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0934" }, { "reference_url": "https://usn.ubuntu.com/7668-1/", "reference_id": "USN-7668-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7668-1/" }, { "reference_url": "https://usn.ubuntu.com/7669-1/", "reference_id": "USN-7669-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7669-1/" }, { "reference_url": "https://usn.ubuntu.com/7672-1/", "reference_id": "USN-7672-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7672-1/" }, { "reference_url": "https://usn.ubuntu.com/7673-1/", "reference_id": "USN-7673-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7673-1/" }, { "reference_url": "https://usn.ubuntu.com/7674-1/", "reference_id": "USN-7674-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7674-1/" }, { "reference_url": "https://usn.ubuntu.com/7690-1/", "reference_id": "USN-7690-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7690-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/933604?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.12%2B7-2~deb11u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.12%252B7-2~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933644?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.16%2B8-1~deb11u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.16%252B8-1~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933643?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.16%2B8-1~deb12u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.16%252B8-1~deb12u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933645?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.16%2B8-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.16%252B8-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933602?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.17%252B10-1~deb12u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933605?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.19~6ea-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~6ea-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1062446?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.19~9ea-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-1%3Fdistro=sid" } ], "aliases": [ "CVE-2025-50059" ], "risk_score": 3.9, "exploitability": "0.5", "weighted_severity": "7.7", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-e6dm-6767-9kdk" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31971?format=api", "vulnerability_id": "VCID-fau4-ajny-nfbd", "summary": "Multiple vulnerabilities have been discovered in OpenJDK, the worst of which could lead to remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-20921.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-20921.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-20921", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00187", "scoring_system": "epss", "scoring_elements": "0.40584", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00187", "scoring_system": "epss", "scoring_elements": "0.40574", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00187", "scoring_system": "epss", "scoring_elements": "0.40556", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00187", "scoring_system": "epss", "scoring_elements": "0.40536", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00187", "scoring_system": "epss", "scoring_elements": "0.40564", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00187", "scoring_system": "epss", "scoring_elements": "0.40592", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00187", "scoring_system": "epss", "scoring_elements": "0.40513", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00187", "scoring_system": "epss", "scoring_elements": "0.40563", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-20921" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20918", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20918" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20919", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20919" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20921", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20921" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20926", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20926" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20932", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20932" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20945", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20945" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20952", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20952" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2257859", "reference_id": "2257859", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2257859" }, { "reference_url": "https://security.gentoo.org/glsa/202412-07", "reference_id": "GLSA-202412-07", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-07" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0222", "reference_id": "RHSA-2024:0222", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0222" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0223", "reference_id": "RHSA-2024:0223", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0223" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0224", "reference_id": "RHSA-2024:0224", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0224" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0225", "reference_id": "RHSA-2024:0225", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0225" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0226", "reference_id": "RHSA-2024:0226", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0226" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0228", "reference_id": "RHSA-2024:0228", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0228" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0230", "reference_id": "RHSA-2024:0230", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0230" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0231", "reference_id": "RHSA-2024:0231", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0231" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0232", "reference_id": "RHSA-2024:0232", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0232" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0233", "reference_id": "RHSA-2024:0233", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0233" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0234", "reference_id": "RHSA-2024:0234", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0234" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0235", "reference_id": "RHSA-2024:0235", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0235" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0237", "reference_id": "RHSA-2024:0237", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0237" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0239", "reference_id": "RHSA-2024:0239", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0239" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0240", "reference_id": "RHSA-2024:0240", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0240" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0241", "reference_id": "RHSA-2024:0241", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0241" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0242", "reference_id": "RHSA-2024:0242", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0242" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0244", "reference_id": "RHSA-2024:0244", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0244" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0246", "reference_id": "RHSA-2024:0246", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0246" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0247", "reference_id": "RHSA-2024:0247", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0247" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0248", "reference_id": "RHSA-2024:0248", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0248" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0249", "reference_id": "RHSA-2024:0249", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0249" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0250", "reference_id": "RHSA-2024:0250", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0250" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0265", "reference_id": "RHSA-2024:0265", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0265" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0266", "reference_id": "RHSA-2024:0266", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0266" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0267", "reference_id": "RHSA-2024:0267", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0267" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1481", "reference_id": "RHSA-2024:1481", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1481" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1482", "reference_id": "RHSA-2024:1482", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1482" }, { "reference_url": "https://usn.ubuntu.com/6660-1/", "reference_id": "USN-6660-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6660-1/" }, { "reference_url": "https://usn.ubuntu.com/6661-1/", "reference_id": "USN-6661-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6661-1/" }, { "reference_url": "https://usn.ubuntu.com/6662-1/", "reference_id": "USN-6662-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6662-1/" }, { "reference_url": "https://usn.ubuntu.com/6696-1/", "reference_id": "USN-6696-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6696-1/" }, { "reference_url": "https://usn.ubuntu.com/7096-1/", "reference_id": "USN-7096-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7096-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/933627?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.10%2B7-1~deb11u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.10%252B7-1~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933626?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.10%2B7-1~deb12u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.10%252B7-1~deb12u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933628?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.10%2B7-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.10%252B7-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933604?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.12%2B7-2~deb11u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.12%252B7-2~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933602?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.17%252B10-1~deb12u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933605?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.19~6ea-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~6ea-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1062446?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.19~9ea-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-1%3Fdistro=sid" } ], "aliases": [ "CVE-2024-20921" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fau4-ajny-nfbd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/78475?format=api", "vulnerability_id": "VCID-fhj9-p1gx-c7hp", "summary": "OpenJDK: incorrect enqueue of references in garbage collector (8298191)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-21954.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-21954.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-21954", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00049", "scoring_system": "epss", "scoring_elements": "0.15081", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00049", "scoring_system": "epss", "scoring_elements": "0.15288", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00049", "scoring_system": "epss", "scoring_elements": "0.15357", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00049", "scoring_system": "epss", "scoring_elements": "0.15161", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00049", "scoring_system": "epss", "scoring_elements": "0.15249", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00049", "scoring_system": "epss", "scoring_elements": "0.15301", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00049", "scoring_system": "epss", "scoring_elements": "0.1527", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00049", "scoring_system": "epss", "scoring_elements": "0.15232", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00049", "scoring_system": "epss", "scoring_elements": "0.15167", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-21954" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21930", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21930" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21937", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21937" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21938", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21938" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21939", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21939" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21954", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21954" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21967", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21967" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21968", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21968" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22006", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22006" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22036", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22036" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22041", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22041" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22045", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22045" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22049", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22049" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1035957", "reference_id": "1035957", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1035957" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036280", "reference_id": "1036280", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036280" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2187441", "reference_id": "2187441", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2187441" }, { "reference_url": "https://www.debian.org/security/2023/dsa-5430", "reference_id": "dsa-5430", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-16T14:39:04Z/" } ], "url": "https://www.debian.org/security/2023/dsa-5430" }, { "reference_url": "https://www.debian.org/security/2023/dsa-5478", "reference_id": "dsa-5478", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-16T14:39:04Z/" } ], "url": "https://www.debian.org/security/2023/dsa-5478" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00018.html", "reference_id": "msg00018.html", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-16T14:39:04Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00018.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20230427-0008/", "reference_id": "ntap-20230427-0008", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-16T14:39:04Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20230427-0008/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1875", "reference_id": "RHSA-2023:1875", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1875" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1877", "reference_id": "RHSA-2023:1877", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1877" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1878", "reference_id": "RHSA-2023:1878", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1878" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1879", "reference_id": "RHSA-2023:1879", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1879" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1880", "reference_id": "RHSA-2023:1880", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1880" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1882", "reference_id": "RHSA-2023:1882", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1882" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1883", "reference_id": "RHSA-2023:1883", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1883" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1884", "reference_id": "RHSA-2023:1884", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1884" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1885", "reference_id": "RHSA-2023:1885", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1885" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1889", "reference_id": "RHSA-2023:1889", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1889" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1890", "reference_id": "RHSA-2023:1890", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1890" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1891", "reference_id": "RHSA-2023:1891", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1891" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1892", "reference_id": "RHSA-2023:1892", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1892" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1895", "reference_id": "RHSA-2023:1895", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1895" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1898", "reference_id": "RHSA-2023:1898", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1898" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1899", "reference_id": "RHSA-2023:1899", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1899" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1900", "reference_id": "RHSA-2023:1900", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1900" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1903", "reference_id": "RHSA-2023:1903", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1903" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1904", "reference_id": "RHSA-2023:1904", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1904" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1905", "reference_id": "RHSA-2023:1905", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1905" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1906", "reference_id": "RHSA-2023:1906", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1906" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1907", "reference_id": "RHSA-2023:1907", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1907" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1908", "reference_id": "RHSA-2023:1908", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1908" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1909", "reference_id": "RHSA-2023:1909", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1909" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1910", "reference_id": "RHSA-2023:1910", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1910" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1911", "reference_id": "RHSA-2023:1911", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1911" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1912", "reference_id": "RHSA-2023:1912", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1912" }, { "reference_url": "https://usn.ubuntu.com/6077-1/", "reference_id": "USN-6077-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6077-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/933619?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.7%2B7-1~deb11u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.7%252B7-1~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933618?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.7%2B7-1~deb12u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.7%252B7-1~deb12u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933620?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.7%2B7-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.7%252B7-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933604?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.12%2B7-2~deb11u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.12%252B7-2~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933602?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.17%252B10-1~deb12u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933605?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.19~6ea-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~6ea-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1062446?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.19~9ea-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-1%3Fdistro=sid" } ], "aliases": [ "CVE-2023-21954" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fhj9-p1gx-c7hp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31974?format=api", "vulnerability_id": "VCID-fwk5-wqvn-4qaz", "summary": "Multiple vulnerabilities have been discovered in OpenJDK, the worst of which could lead to remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-20926.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-20926.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-20926", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00211", "scoring_system": "epss", "scoring_elements": "0.43714", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00211", "scoring_system": "epss", "scoring_elements": "0.4369", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00211", "scoring_system": "epss", "scoring_elements": "0.43625", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00211", "scoring_system": "epss", "scoring_elements": "0.43676", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00211", "scoring_system": "epss", "scoring_elements": "0.4368", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00211", "scoring_system": "epss", "scoring_elements": "0.437", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00211", "scoring_system": "epss", "scoring_elements": "0.43668", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00211", "scoring_system": "epss", "scoring_elements": "0.43651", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00211", "scoring_system": "epss", "scoring_elements": "0.43665", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-20926" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20918", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20918" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20919", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20919" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20921", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20921" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20926", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20926" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20932", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20932" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20945", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20945" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20952", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20952" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2257850", "reference_id": "2257850", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2257850" }, { "reference_url": "https://security.gentoo.org/glsa/202412-07", "reference_id": "GLSA-202412-07", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-07" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2024/01/msg00023.html", "reference_id": "msg00023.html", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-15T16:03:46Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2024/01/msg00023.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20240201-0002/", "reference_id": "ntap-20240201-0002", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-15T16:03:46Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20240201-0002/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0222", "reference_id": "RHSA-2024:0222", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0222" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0223", "reference_id": "RHSA-2024:0223", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0223" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0224", "reference_id": "RHSA-2024:0224", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0224" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0225", "reference_id": "RHSA-2024:0225", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0225" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0226", "reference_id": "RHSA-2024:0226", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0226" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0228", "reference_id": "RHSA-2024:0228", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0228" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0230", "reference_id": "RHSA-2024:0230", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0230" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0231", "reference_id": "RHSA-2024:0231", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0231" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0232", "reference_id": "RHSA-2024:0232", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0232" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0233", "reference_id": "RHSA-2024:0233", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0233" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0234", "reference_id": "RHSA-2024:0234", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0234" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0235", "reference_id": "RHSA-2024:0235", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0235" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0237", "reference_id": "RHSA-2024:0237", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0237" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0239", "reference_id": "RHSA-2024:0239", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0239" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0265", "reference_id": "RHSA-2024:0265", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0265" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0266", "reference_id": "RHSA-2024:0266", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0266" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1481", "reference_id": "RHSA-2024:1481", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1481" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1482", "reference_id": "RHSA-2024:1482", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1482" }, { "reference_url": "https://usn.ubuntu.com/6660-1/", "reference_id": "USN-6660-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6660-1/" }, { "reference_url": "https://usn.ubuntu.com/6696-1/", "reference_id": "USN-6696-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6696-1/" }, { "reference_url": "https://usn.ubuntu.com/7096-1/", "reference_id": "USN-7096-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7096-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/933627?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.10%2B7-1~deb11u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.10%252B7-1~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933626?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.10%2B7-1~deb12u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.10%252B7-1~deb12u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933628?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.10%2B7-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.10%252B7-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933604?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.12%2B7-2~deb11u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.12%252B7-2~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933602?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.17%252B10-1~deb12u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933605?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.19~6ea-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~6ea-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1062446?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.19~9ea-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-1%3Fdistro=sid" } ], "aliases": [ "CVE-2024-20926" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fwk5-wqvn-4qaz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/34425?format=api", "vulnerability_id": "VCID-fwv1-sj5y-xygd", "summary": "Multiple vulnerabilities have been found in IcedTea, the worst of which could result in arbitrary code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21619.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21619.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-21619", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00262", "scoring_system": "epss", "scoring_elements": "0.49517", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00262", "scoring_system": "epss", "scoring_elements": "0.49544", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00262", "scoring_system": "epss", "scoring_elements": "0.49496", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00262", "scoring_system": "epss", "scoring_elements": "0.49551", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00262", "scoring_system": "epss", "scoring_elements": "0.49546", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00262", "scoring_system": "epss", "scoring_elements": "0.49563", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00262", "scoring_system": "epss", "scoring_elements": "0.49535", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00262", "scoring_system": "epss", "scoring_elements": "0.49537", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00262", "scoring_system": "epss", "scoring_elements": "0.49583", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-21619" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21618", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21618" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21619", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21619" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21624", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21624" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21626", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21626" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21628", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21628" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39399", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39399" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21835", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21835" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21843", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21843" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2133745", "reference_id": "2133745", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2133745" }, { "reference_url": "https://security.gentoo.org/glsa/202409-26", "reference_id": "GLSA-202409-26", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202409-26" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:6999", "reference_id": "RHSA-2022:6999", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:6999" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7000", "reference_id": "RHSA-2022:7000", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7000" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7001", "reference_id": "RHSA-2022:7001", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7001" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7002", "reference_id": "RHSA-2022:7002", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7002" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7003", "reference_id": "RHSA-2022:7003", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7003" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7004", "reference_id": "RHSA-2022:7004", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7004" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7005", "reference_id": "RHSA-2022:7005", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7005" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7006", "reference_id": "RHSA-2022:7006", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7006" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7007", "reference_id": "RHSA-2022:7007", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7007" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7008", "reference_id": "RHSA-2022:7008", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7008" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7009", "reference_id": "RHSA-2022:7009", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7009" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7010", "reference_id": "RHSA-2022:7010", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7010" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7011", "reference_id": "RHSA-2022:7011", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7011" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7012", "reference_id": "RHSA-2022:7012", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7012" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7013", "reference_id": "RHSA-2022:7013", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7013" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7049", "reference_id": "RHSA-2022:7049", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7049" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7050", "reference_id": "RHSA-2022:7050", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7050" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7051", "reference_id": "RHSA-2022:7051", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7051" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7052", "reference_id": "RHSA-2022:7052", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7052" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7053", "reference_id": "RHSA-2022:7053", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7053" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7054", "reference_id": "RHSA-2022:7054", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7054" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:8880", "reference_id": "RHSA-2022:8880", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:8880" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0128", "reference_id": "RHSA-2023:0128", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0128" }, { "reference_url": "https://usn.ubuntu.com/5719-1/", "reference_id": "USN-5719-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5719-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/933615?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.5%2B8-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.5%252B8-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933616?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.6%2B10-1~deb11u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.6%252B10-1~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933604?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.12%2B7-2~deb11u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.12%252B7-2~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933602?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.17%252B10-1~deb12u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933605?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.19~6ea-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~6ea-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1062446?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.19~9ea-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-1%3Fdistro=sid" } ], "aliases": [ "CVE-2022-21619" ], "risk_score": 1.6, "exploitability": "0.5", "weighted_severity": "3.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fwv1-sj5y-xygd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/34356?format=api", "vulnerability_id": "VCID-g2fj-4mgh-23fs", "summary": "Multiple vulnerabilities have been found in OpenJDK, the worst of which could result in denial of service.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21283.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21283.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-21283", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00118", "scoring_system": "epss", "scoring_elements": "0.30847", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00118", "scoring_system": "epss", "scoring_elements": "0.30894", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00133", "scoring_system": "epss", "scoring_elements": "0.32867", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00133", "scoring_system": "epss", "scoring_elements": "0.32868", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00133", "scoring_system": "epss", "scoring_elements": "0.32829", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00133", "scoring_system": "epss", "scoring_elements": "0.32803", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00133", "scoring_system": "epss", "scoring_elements": "0.32846", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00133", "scoring_system": "epss", "scoring_elements": "0.3279", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00133", "scoring_system": "epss", "scoring_elements": "0.32838", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-21283" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21248", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21248" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21277", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21277" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21282", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21282" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21283", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21283" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21291", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21291" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21293", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21293" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21294", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21294" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21296", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21296" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21299", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21299" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21305", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21305" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21340", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21340" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21341", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21341" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21360", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21360" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21365", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21365" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21366", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21366" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2041400", "reference_id": "2041400", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2041400" }, { "reference_url": "https://security.gentoo.org/glsa/202209-05", "reference_id": "GLSA-202209-05", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202209-05" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0161", "reference_id": "RHSA-2022:0161", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0161" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0165", "reference_id": "RHSA-2022:0165", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0165" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0166", "reference_id": "RHSA-2022:0166", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0166" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0185", "reference_id": "RHSA-2022:0185", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0185" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0204", "reference_id": "RHSA-2022:0204", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0204" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0209", "reference_id": "RHSA-2022:0209", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0209" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0211", "reference_id": "RHSA-2022:0211", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0211" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0228", "reference_id": "RHSA-2022:0228", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0228" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0229", "reference_id": "RHSA-2022:0229", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0229" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0233", "reference_id": "RHSA-2022:0233", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0233" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0304", "reference_id": "RHSA-2022:0304", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0304" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0305", "reference_id": "RHSA-2022:0305", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0305" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0306", "reference_id": "RHSA-2022:0306", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0306" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0307", "reference_id": "RHSA-2022:0307", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0307" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0312", "reference_id": "RHSA-2022:0312", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0312" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0317", "reference_id": "RHSA-2022:0317", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0317" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0321", "reference_id": "RHSA-2022:0321", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0321" }, { "reference_url": "https://usn.ubuntu.com/5313-1/", "reference_id": "USN-5313-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5313-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/933610?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.2%2B8-1~deb11u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.2%252B8-1~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933609?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.2%2B8-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.2%252B8-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933604?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.12%2B7-2~deb11u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.12%252B7-2~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933602?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.17%252B10-1~deb12u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933605?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.19~6ea-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~6ea-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1062446?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.19~9ea-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-1%3Fdistro=sid" } ], "aliases": [ "CVE-2022-21283" ], "risk_score": 2.4, "exploitability": "0.5", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-g2fj-4mgh-23fs" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31966?format=api", "vulnerability_id": "VCID-gjgy-dfq7-zfb2", "summary": "Multiple vulnerabilities have been discovered in OpenJDK, the worst of which could lead to remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-22049.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-22049.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-22049", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.20277", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.20392", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.20347", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.20289", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.20223", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.20303", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.20363", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.24864", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.24903", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-22049" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21930", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21930" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21937", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21937" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21938", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21938" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21939", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21939" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21954", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21954" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21967", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21967" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21968", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21968" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22006", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22006" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22036", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22036" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22041", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22041" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22045", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22045" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22049", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22049" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2221647", "reference_id": "2221647", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2221647" }, { "reference_url": "https://security.gentoo.org/glsa/202407-24", "reference_id": "GLSA-202407-24", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202407-24" }, { "reference_url": "https://security.gentoo.org/glsa/202412-07", "reference_id": "GLSA-202412-07", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-07" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4157", "reference_id": "RHSA-2023:4157", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4157" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4158", "reference_id": "RHSA-2023:4158", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4158" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4159", "reference_id": "RHSA-2023:4159", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4159" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4161", "reference_id": "RHSA-2023:4161", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4161" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4162", "reference_id": "RHSA-2023:4162", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4162" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4163", "reference_id": "RHSA-2023:4163", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4163" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4164", "reference_id": "RHSA-2023:4164", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4164" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4165", "reference_id": "RHSA-2023:4165", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4165" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4166", "reference_id": "RHSA-2023:4166", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4166" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4167", "reference_id": "RHSA-2023:4167", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4167" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4168", "reference_id": "RHSA-2023:4168", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4168" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4169", "reference_id": "RHSA-2023:4169", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4169" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4170", "reference_id": "RHSA-2023:4170", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4170" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4171", "reference_id": "RHSA-2023:4171", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4171" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4172", "reference_id": "RHSA-2023:4172", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4172" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4173", "reference_id": "RHSA-2023:4173", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4173" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4174", "reference_id": "RHSA-2023:4174", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4174" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4175", "reference_id": "RHSA-2023:4175", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4175" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4176", "reference_id": "RHSA-2023:4176", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4176" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4177", "reference_id": "RHSA-2023:4177", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4177" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4178", "reference_id": "RHSA-2023:4178", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4178" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4208", "reference_id": "RHSA-2023:4208", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4208" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4209", "reference_id": "RHSA-2023:4209", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4209" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4210", "reference_id": "RHSA-2023:4210", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4210" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4211", "reference_id": "RHSA-2023:4211", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4211" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4212", "reference_id": "RHSA-2023:4212", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4212" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4233", "reference_id": "RHSA-2023:4233", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4233" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4876", "reference_id": "RHSA-2023:4876", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4876" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4877", "reference_id": "RHSA-2023:4877", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4877" }, { "reference_url": "https://usn.ubuntu.com/6263-1/", "reference_id": "USN-6263-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6263-1/" }, { "reference_url": "https://usn.ubuntu.com/6272-1/", "reference_id": "USN-6272-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6272-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/933621?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.8%2B7-1~deb12u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.8%252B7-1~deb12u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933622?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.8%2B7-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.8%252B7-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933604?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.12%2B7-2~deb11u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.12%252B7-2~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933602?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.17%252B10-1~deb12u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933605?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.19~6ea-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~6ea-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1062446?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.19~9ea-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-1%3Fdistro=sid" } ], "aliases": [ "CVE-2023-22049" ], "risk_score": 1.6, "exploitability": "0.5", "weighted_severity": "3.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-gjgy-dfq7-zfb2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/34339?format=api", "vulnerability_id": "VCID-gksn-mb6g-rue5", "summary": "Multiple vulnerabilities have been found in OpenJDK, the worst of which could result in denial of service.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-35556.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-35556.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-35556", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00137", "scoring_system": "epss", "scoring_elements": "0.33383", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00137", "scoring_system": "epss", "scoring_elements": "0.33446", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00137", "scoring_system": "epss", "scoring_elements": "0.33471", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00137", "scoring_system": "epss", "scoring_elements": "0.33474", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00137", "scoring_system": "epss", "scoring_elements": "0.33433", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00137", "scoring_system": "epss", "scoring_elements": "0.3341", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00137", "scoring_system": "epss", "scoring_elements": "0.33519", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00137", "scoring_system": "epss", "scoring_elements": "0.33552", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00137", "scoring_system": "epss", "scoring_elements": "0.33392", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00137", "scoring_system": "epss", "scoring_elements": "0.33437", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-35556" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35550", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35550" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35556", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35556" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35559", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35559" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35561", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35561" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35564", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35564" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35565", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35565" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35567", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35567" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35578", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35578" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35586", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35586" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35603", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35603" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2014515", "reference_id": "2014515", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2014515" }, { "reference_url": "https://security.archlinux.org/AVG-2477", "reference_id": "AVG-2477", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2477" }, { "reference_url": "https://security.archlinux.org/AVG-2478", "reference_id": "AVG-2478", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2478" }, { "reference_url": "https://security.archlinux.org/AVG-2479", "reference_id": "AVG-2479", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2479" }, { "reference_url": "https://security.gentoo.org/glsa/202209-05", "reference_id": "GLSA-202209-05", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202209-05" }, { "reference_url": "https://security.gentoo.org/glsa/202409-26", "reference_id": "GLSA-202409-26", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202409-26" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3884", "reference_id": "RHSA-2021:3884", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3884" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3885", "reference_id": "RHSA-2021:3885", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3885" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3886", "reference_id": "RHSA-2021:3886", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3886" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3887", "reference_id": "RHSA-2021:3887", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3887" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3889", "reference_id": "RHSA-2021:3889", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3889" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3891", "reference_id": "RHSA-2021:3891", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3891" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3892", "reference_id": "RHSA-2021:3892", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3892" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3893", "reference_id": "RHSA-2021:3893", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3893" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3960", "reference_id": "RHSA-2021:3960", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3960" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3961", "reference_id": "RHSA-2021:3961", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3961" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3967", "reference_id": "RHSA-2021:3967", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3967" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3968", "reference_id": "RHSA-2021:3968", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3968" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4135", "reference_id": "RHSA-2021:4135", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4135" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4531", "reference_id": "RHSA-2021:4531", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4531" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4532", "reference_id": "RHSA-2021:4532", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4532" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:5030", "reference_id": "RHSA-2021:5030", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:5030" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0310", "reference_id": "RHSA-2022:0310", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0310" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0345", "reference_id": "RHSA-2022:0345", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0345" }, { "reference_url": "https://usn.ubuntu.com/5202-1/", "reference_id": "USN-5202-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5202-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/933607?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.1%2B12-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.1%252B12-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933608?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.1%2B12-1%2Bdeb11u2?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.1%252B12-1%252Bdeb11u2%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933604?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.12%2B7-2~deb11u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.12%252B7-2~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933602?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.17%252B10-1~deb12u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933605?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.19~6ea-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~6ea-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1062446?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.19~9ea-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-1%3Fdistro=sid" } ], "aliases": [ "CVE-2021-35556" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-gksn-mb6g-rue5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/34426?format=api", "vulnerability_id": "VCID-h2w2-8e43-j3g6", "summary": "Multiple vulnerabilities have been found in IcedTea, the worst of which could result in arbitrary code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21624.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21624.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-21624", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00201", "scoring_system": "epss", "scoring_elements": "0.42206", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00201", "scoring_system": "epss", "scoring_elements": "0.42234", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00201", "scoring_system": "epss", "scoring_elements": "0.42175", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00201", "scoring_system": "epss", "scoring_elements": "0.42226", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00201", "scoring_system": "epss", "scoring_elements": "0.4222", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00201", "scoring_system": "epss", "scoring_elements": "0.42192", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00201", "scoring_system": "epss", "scoring_elements": "0.42257", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00267", "scoring_system": "epss", "scoring_elements": "0.50242", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-21624" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21618", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21618" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21619", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21619" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21624", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21624" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21626", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21626" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21628", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21628" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39399", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39399" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21835", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21835" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21843", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21843" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2133765", "reference_id": "2133765", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2133765" }, { "reference_url": "https://security.gentoo.org/glsa/202409-26", "reference_id": "GLSA-202409-26", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202409-26" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:6999", "reference_id": "RHSA-2022:6999", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:6999" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7000", "reference_id": "RHSA-2022:7000", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7000" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7001", "reference_id": "RHSA-2022:7001", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7001" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7002", "reference_id": "RHSA-2022:7002", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7002" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7003", "reference_id": "RHSA-2022:7003", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7003" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7004", "reference_id": "RHSA-2022:7004", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7004" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7005", "reference_id": "RHSA-2022:7005", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7005" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7006", "reference_id": "RHSA-2022:7006", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7006" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7007", "reference_id": "RHSA-2022:7007", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7007" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7008", "reference_id": "RHSA-2022:7008", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7008" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7009", "reference_id": "RHSA-2022:7009", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7009" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7010", "reference_id": "RHSA-2022:7010", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7010" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7011", "reference_id": "RHSA-2022:7011", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7011" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7012", "reference_id": "RHSA-2022:7012", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7012" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7013", "reference_id": "RHSA-2022:7013", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7013" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7049", "reference_id": "RHSA-2022:7049", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7049" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7050", "reference_id": "RHSA-2022:7050", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7050" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7051", "reference_id": "RHSA-2022:7051", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7051" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7052", "reference_id": "RHSA-2022:7052", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7052" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7053", "reference_id": "RHSA-2022:7053", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7053" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7054", "reference_id": "RHSA-2022:7054", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7054" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:8880", "reference_id": "RHSA-2022:8880", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:8880" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0128", "reference_id": "RHSA-2023:0128", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0128" }, { "reference_url": "https://usn.ubuntu.com/5719-1/", "reference_id": "USN-5719-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5719-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/933615?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.5%2B8-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.5%252B8-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933616?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.6%2B10-1~deb11u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.6%252B10-1~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933604?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.12%2B7-2~deb11u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.12%252B7-2~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933602?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.17%252B10-1~deb12u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933605?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.19~6ea-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~6ea-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1062446?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.19~9ea-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-1%3Fdistro=sid" } ], "aliases": [ "CVE-2022-21624" ], "risk_score": 1.6, "exploitability": "0.5", "weighted_severity": "3.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-h2w2-8e43-j3g6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/76840?format=api", "vulnerability_id": "VCID-h7n1-qfs3-v3fw", "summary": "OpenJDK: HTTP/2 client improper reverse DNS lookup (8315708)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21012.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21012.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-21012", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00146", "scoring_system": "epss", "scoring_elements": "0.3502", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00146", "scoring_system": "epss", "scoring_elements": "0.35082", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00146", "scoring_system": "epss", "scoring_elements": "0.34962", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00146", "scoring_system": "epss", "scoring_elements": "0.35007", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00146", "scoring_system": "epss", "scoring_elements": "0.35036", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00146", "scoring_system": "epss", "scoring_elements": "0.3504", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00146", "scoring_system": "epss", "scoring_elements": "0.35004", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00146", "scoring_system": "epss", "scoring_elements": "0.3498", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00146", "scoring_system": "epss", "scoring_elements": "0.35055", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-21012" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21011", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21011" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21012", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21012" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21068", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21068" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21085", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21085" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21094", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21094" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2274975", "reference_id": "2274975", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2274975" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm:20.3.13:*:*:*:enterprise:*:*:*", "reference_id": "cpe:2.3:a:oracle:graalvm:20.3.13:*:*:*:enterprise:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm:20.3.13:*:*:*:enterprise:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm:21.3.9:*:*:*:enterprise:*:*:*", "reference_id": "cpe:2.3:a:oracle:graalvm:21.3.9:*:*:*:enterprise:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm:21.3.9:*:*:*:enterprise:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:17.0.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:graalvm_for_jdk:17.0.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:17.0.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:21.0.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:graalvm_for_jdk:21.0.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:21.0.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:22:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:graalvm_for_jdk:22:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:22:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:11.0.22:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:java_se:11.0.22:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:11.0.22:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:17.0.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:java_se:17.0.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:17.0.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:21.0.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:java_se:21.0.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:21.0.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:22:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:java_se:22:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:22:*:*:*:*:*:*:*" }, { "reference_url": "https://www.oracle.com/security-alerts/cpuapr2024.html", "reference_id": "cpuapr2024.html", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-26T15:15:43Z/" } ], "url": "https://www.oracle.com/security-alerts/cpuapr2024.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00014.html", "reference_id": "msg00014.html", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-26T15:15:43Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00014.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20240426-0004/", "reference_id": "ntap-20240426-0004", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-26T15:15:43Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20240426-0004/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1819", "reference_id": "RHSA-2024:1819", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1819" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1820", "reference_id": "RHSA-2024:1820", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1820" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1821", "reference_id": "RHSA-2024:1821", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1821" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1822", "reference_id": "RHSA-2024:1822", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1822" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1823", "reference_id": "RHSA-2024:1823", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1823" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1824", "reference_id": "RHSA-2024:1824", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1824" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1825", "reference_id": "RHSA-2024:1825", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1825" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1826", "reference_id": "RHSA-2024:1826", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1826" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1827", "reference_id": "RHSA-2024:1827", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1827" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1828", "reference_id": "RHSA-2024:1828", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1828" }, { "reference_url": "https://usn.ubuntu.com/6811-1/", "reference_id": "USN-6811-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6811-1/" }, { "reference_url": "https://usn.ubuntu.com/6812-1/", "reference_id": "USN-6812-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6812-1/" }, { "reference_url": "https://usn.ubuntu.com/6813-1/", "reference_id": "USN-6813-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6813-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/933630?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.11%2B9-1~deb11u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.11%252B9-1~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933629?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.11%2B9-1~deb12u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.11%252B9-1~deb12u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933631?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.11%2B9-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.11%252B9-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933604?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.12%2B7-2~deb11u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.12%252B7-2~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933602?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.17%252B10-1~deb12u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933605?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.19~6ea-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~6ea-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1062446?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.19~9ea-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-1%3Fdistro=sid" } ], "aliases": [ "CVE-2024-21012" ], "risk_score": 1.6, "exploitability": "0.5", "weighted_severity": "3.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-h7n1-qfs3-v3fw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/34343?format=api", "vulnerability_id": "VCID-hdz7-kcy9-juah", "summary": "Multiple vulnerabilities have been found in OpenJDK, the worst of which could result in denial of service.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-35564.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-35564.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-35564", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00106", "scoring_system": "epss", "scoring_elements": "0.28817", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00106", "scoring_system": "epss", "scoring_elements": "0.28793", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00106", "scoring_system": "epss", "scoring_elements": "0.28773", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00106", "scoring_system": "epss", "scoring_elements": "0.28867", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00106", "scoring_system": "epss", "scoring_elements": "0.28755", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00106", "scoring_system": "epss", "scoring_elements": "0.28948", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00106", "scoring_system": "epss", "scoring_elements": "0.28898", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00106", "scoring_system": "epss", "scoring_elements": "0.28862", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00106", "scoring_system": "epss", "scoring_elements": "0.28822", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-35564" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35550", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35550" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35556", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35556" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35559", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35559" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35561", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35561" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35564", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35564" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35565", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35565" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35567", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35567" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35578", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35578" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35586", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35586" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35603", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35603" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2015061", "reference_id": "2015061", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2015061" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6EUURAQOIJYFZHQ7DFZCO6IKDPIAWTNK/", "reference_id": "6EUURAQOIJYFZHQ7DFZCO6IKDPIAWTNK", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-19T18:55:09Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6EUURAQOIJYFZHQ7DFZCO6IKDPIAWTNK/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7WTVCIVHTX3XONYOEGUMLKCM4QEC6INT/", "reference_id": "7WTVCIVHTX3XONYOEGUMLKCM4QEC6INT", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-19T18:55:09Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7WTVCIVHTX3XONYOEGUMLKCM4QEC6INT/" }, { "reference_url": "https://security.archlinux.org/AVG-2477", "reference_id": "AVG-2477", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2477" }, { "reference_url": "https://security.archlinux.org/AVG-2478", "reference_id": "AVG-2478", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2478" }, { "reference_url": "https://security.archlinux.org/AVG-2479", "reference_id": "AVG-2479", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2479" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DJILEHYV2U37HKMGFEQ7CAVOV4DUWW2O/", "reference_id": "DJILEHYV2U37HKMGFEQ7CAVOV4DUWW2O", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-19T18:55:09Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DJILEHYV2U37HKMGFEQ7CAVOV4DUWW2O/" }, { "reference_url": "https://www.debian.org/security/2021/dsa-5000", "reference_id": "dsa-5000", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-19T18:55:09Z/" } ], "url": "https://www.debian.org/security/2021/dsa-5000" }, { "reference_url": "https://www.debian.org/security/2021/dsa-5012", "reference_id": "dsa-5012", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-19T18:55:09Z/" } ], "url": "https://www.debian.org/security/2021/dsa-5012" }, { "reference_url": "https://security.gentoo.org/glsa/202209-05", "reference_id": "GLSA-202209-05", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-19T18:55:09Z/" } ], "url": "https://security.gentoo.org/glsa/202209-05" }, { "reference_url": "https://security.gentoo.org/glsa/202409-26", "reference_id": "GLSA-202409-26", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202409-26" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GTYZWIXDFUV2H57YQZJWPOD3BC3I3EIQ/", "reference_id": "GTYZWIXDFUV2H57YQZJWPOD3BC3I3EIQ", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-19T18:55:09Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GTYZWIXDFUV2H57YQZJWPOD3BC3I3EIQ/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GXTUWAWXVU37GRNIG4TPMA47THO6VAE6/", "reference_id": "GXTUWAWXVU37GRNIG4TPMA47THO6VAE6", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-19T18:55:09Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GXTUWAWXVU37GRNIG4TPMA47THO6VAE6/" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2021/11/msg00008.html", "reference_id": "msg00008.html", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-19T18:55:09Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2021/11/msg00008.html" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3884", "reference_id": "RHSA-2021:3884", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3884" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3885", "reference_id": "RHSA-2021:3885", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3885" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3886", "reference_id": "RHSA-2021:3886", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3886" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3887", "reference_id": "RHSA-2021:3887", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3887" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3889", "reference_id": "RHSA-2021:3889", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3889" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3891", "reference_id": "RHSA-2021:3891", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3891" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3892", "reference_id": "RHSA-2021:3892", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3892" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3893", "reference_id": "RHSA-2021:3893", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3893" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3960", "reference_id": "RHSA-2021:3960", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3960" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3961", "reference_id": "RHSA-2021:3961", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3961" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3967", "reference_id": "RHSA-2021:3967", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3967" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3968", "reference_id": "RHSA-2021:3968", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3968" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4135", "reference_id": "RHSA-2021:4135", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4135" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4531", "reference_id": "RHSA-2021:4531", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4531" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4532", "reference_id": "RHSA-2021:4532", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4532" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:5030", "reference_id": "RHSA-2021:5030", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:5030" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0310", "reference_id": "RHSA-2022:0310", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0310" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0345", "reference_id": "RHSA-2022:0345", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0345" }, { "reference_url": "https://usn.ubuntu.com/5202-1/", "reference_id": "USN-5202-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5202-1/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/V362B2BWTH5IJDL45QPQGMBKIQOG7JX5/", "reference_id": "V362B2BWTH5IJDL45QPQGMBKIQOG7JX5", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-19T18:55:09Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/V362B2BWTH5IJDL45QPQGMBKIQOG7JX5/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/933607?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.1%2B12-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.1%252B12-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933608?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.1%2B12-1%2Bdeb11u2?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.1%252B12-1%252Bdeb11u2%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933604?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.12%2B7-2~deb11u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.12%252B7-2~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933602?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.17%252B10-1~deb12u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933605?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.19~6ea-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~6ea-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1062446?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.19~9ea-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-1%3Fdistro=sid" } ], "aliases": [ "CVE-2021-35564" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-hdz7-kcy9-juah" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/34342?format=api", "vulnerability_id": "VCID-he8f-erpk-sqh8", "summary": "Multiple vulnerabilities have been found in OpenJDK, the worst of which could result in denial of service.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-35561.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-35561.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-35561", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00176", "scoring_system": "epss", "scoring_elements": "0.38981", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00176", "scoring_system": "epss", "scoring_elements": "0.39136", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00176", "scoring_system": "epss", "scoring_elements": "0.39168", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00176", "scoring_system": "epss", "scoring_elements": "0.3919", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00176", "scoring_system": "epss", "scoring_elements": "0.39189", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00176", "scoring_system": "epss", "scoring_elements": "0.39109", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00176", "scoring_system": "epss", "scoring_elements": "0.39163", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00176", "scoring_system": "epss", "scoring_elements": "0.3918", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00176", "scoring_system": "epss", "scoring_elements": "0.39192", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00176", "scoring_system": "epss", "scoring_elements": "0.39155", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-35561" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35550", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35550" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35556", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35556" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35559", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35559" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35561", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35561" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35564", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35564" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35565", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35565" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35567", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35567" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35578", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35578" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35586", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35586" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35603", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35603" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2014524", "reference_id": "2014524", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2014524" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6EUURAQOIJYFZHQ7DFZCO6IKDPIAWTNK/", "reference_id": "6EUURAQOIJYFZHQ7DFZCO6IKDPIAWTNK", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-25T19:32:13Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6EUURAQOIJYFZHQ7DFZCO6IKDPIAWTNK/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7WTVCIVHTX3XONYOEGUMLKCM4QEC6INT/", "reference_id": "7WTVCIVHTX3XONYOEGUMLKCM4QEC6INT", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-25T19:32:13Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7WTVCIVHTX3XONYOEGUMLKCM4QEC6INT/" }, { "reference_url": "https://security.archlinux.org/AVG-2477", "reference_id": "AVG-2477", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2477" }, { "reference_url": "https://security.archlinux.org/AVG-2478", "reference_id": "AVG-2478", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2478" }, { "reference_url": "https://security.archlinux.org/AVG-2479", "reference_id": "AVG-2479", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2479" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DJILEHYV2U37HKMGFEQ7CAVOV4DUWW2O/", "reference_id": "DJILEHYV2U37HKMGFEQ7CAVOV4DUWW2O", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-25T19:32:13Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DJILEHYV2U37HKMGFEQ7CAVOV4DUWW2O/" }, { "reference_url": "https://www.debian.org/security/2021/dsa-5000", "reference_id": "dsa-5000", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-25T19:32:13Z/" } ], "url": "https://www.debian.org/security/2021/dsa-5000" }, { "reference_url": "https://www.debian.org/security/2021/dsa-5012", "reference_id": "dsa-5012", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-25T19:32:13Z/" } ], "url": "https://www.debian.org/security/2021/dsa-5012" }, { "reference_url": "https://security.gentoo.org/glsa/202209-05", "reference_id": "GLSA-202209-05", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-25T19:32:13Z/" } ], "url": "https://security.gentoo.org/glsa/202209-05" }, { "reference_url": "https://security.gentoo.org/glsa/202409-26", "reference_id": "GLSA-202409-26", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202409-26" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GTYZWIXDFUV2H57YQZJWPOD3BC3I3EIQ/", "reference_id": "GTYZWIXDFUV2H57YQZJWPOD3BC3I3EIQ", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-25T19:32:13Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GTYZWIXDFUV2H57YQZJWPOD3BC3I3EIQ/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GXTUWAWXVU37GRNIG4TPMA47THO6VAE6/", "reference_id": "GXTUWAWXVU37GRNIG4TPMA47THO6VAE6", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-25T19:32:13Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GXTUWAWXVU37GRNIG4TPMA47THO6VAE6/" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2021/11/msg00008.html", "reference_id": "msg00008.html", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-25T19:32:13Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2021/11/msg00008.html" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3884", "reference_id": "RHSA-2021:3884", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3884" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3885", "reference_id": "RHSA-2021:3885", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3885" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3886", "reference_id": "RHSA-2021:3886", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3886" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3887", "reference_id": "RHSA-2021:3887", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3887" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3889", "reference_id": "RHSA-2021:3889", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3889" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3891", "reference_id": "RHSA-2021:3891", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3891" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3892", "reference_id": "RHSA-2021:3892", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3892" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3893", "reference_id": "RHSA-2021:3893", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3893" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3960", "reference_id": "RHSA-2021:3960", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3960" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3961", "reference_id": "RHSA-2021:3961", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3961" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3967", "reference_id": "RHSA-2021:3967", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3967" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3968", "reference_id": "RHSA-2021:3968", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3968" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4135", "reference_id": "RHSA-2021:4135", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4135" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4531", "reference_id": "RHSA-2021:4531", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4531" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4532", "reference_id": "RHSA-2021:4532", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4532" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4957", "reference_id": "RHSA-2022:4957", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4957" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4959", "reference_id": "RHSA-2022:4959", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4959" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5837", "reference_id": "RHSA-2022:5837", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5837" }, { "reference_url": "https://usn.ubuntu.com/5202-1/", "reference_id": "USN-5202-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5202-1/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/V362B2BWTH5IJDL45QPQGMBKIQOG7JX5/", "reference_id": "V362B2BWTH5IJDL45QPQGMBKIQOG7JX5", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-25T19:32:13Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/V362B2BWTH5IJDL45QPQGMBKIQOG7JX5/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/933607?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.1%2B12-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.1%252B12-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933608?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.1%2B12-1%2Bdeb11u2?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.1%252B12-1%252Bdeb11u2%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933604?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.12%2B7-2~deb11u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.12%252B7-2~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933602?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.17%252B10-1~deb12u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933605?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.19~6ea-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~6ea-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1062446?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.19~9ea-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-1%3Fdistro=sid" } ], "aliases": [ "CVE-2021-35561" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-he8f-erpk-sqh8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/79484?format=api", "vulnerability_id": "VCID-hx4c-96gx-2fbq", "summary": "OpenJDK: Unbounded memory allocation when compiling crafted XPath expressions (JAXP, 8270504)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21426.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21426.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-21426", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00062", "scoring_system": "epss", "scoring_elements": "0.19371", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00062", "scoring_system": "epss", "scoring_elements": "0.19476", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00062", "scoring_system": "epss", "scoring_elements": "0.19231", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00062", "scoring_system": "epss", "scoring_elements": "0.19268", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00062", "scoring_system": "epss", "scoring_elements": "0.19326", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00062", "scoring_system": "epss", "scoring_elements": "0.19374", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00062", "scoring_system": "epss", "scoring_elements": "0.19524", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00062", "scoring_system": "epss", "scoring_elements": "0.1924", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00062", "scoring_system": "epss", "scoring_elements": "0.19319", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-21426" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21426", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21426" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21434", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21434" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21443", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21443" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21449", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21449" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21476", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21476" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21496", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21496" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2075788", "reference_id": "2075788", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2075788" }, { "reference_url": "https://security.archlinux.org/AVG-2686", "reference_id": "AVG-2686", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2686" }, { "reference_url": "https://security.archlinux.org/AVG-2687", "reference_id": "AVG-2687", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2687" }, { "reference_url": "https://security.archlinux.org/AVG-2688", "reference_id": "AVG-2688", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2688" }, { "reference_url": "https://security.archlinux.org/AVG-2689", "reference_id": "AVG-2689", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2689" }, { "reference_url": "https://www.debian.org/security/2022/dsa-5128", "reference_id": "dsa-5128", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-24T17:35:39Z/" } ], "url": "https://www.debian.org/security/2022/dsa-5128" }, { "reference_url": "https://www.debian.org/security/2022/dsa-5131", "reference_id": "dsa-5131", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-24T17:35:39Z/" } ], "url": "https://www.debian.org/security/2022/dsa-5131" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2022/05/msg00017.html", "reference_id": "msg00017.html", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-24T17:35:39Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2022/05/msg00017.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20220429-0006/", "reference_id": "ntap-20220429-0006", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-24T17:35:39Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20220429-0006/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1435", "reference_id": "RHSA-2022:1435", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1435" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1436", "reference_id": "RHSA-2022:1436", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1436" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1437", "reference_id": "RHSA-2022:1437", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1437" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1438", "reference_id": "RHSA-2022:1438", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1438" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1439", "reference_id": "RHSA-2022:1439", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1439" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1440", "reference_id": "RHSA-2022:1440", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1440" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1441", "reference_id": "RHSA-2022:1441", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1441" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1442", "reference_id": "RHSA-2022:1442", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1442" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1443", "reference_id": "RHSA-2022:1443", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1443" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1444", "reference_id": "RHSA-2022:1444", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1444" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1445", "reference_id": "RHSA-2022:1445", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1445" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1487", "reference_id": "RHSA-2022:1487", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1487" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1488", "reference_id": "RHSA-2022:1488", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1488" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1489", "reference_id": "RHSA-2022:1489", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1489" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1490", "reference_id": "RHSA-2022:1490", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1490" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1491", "reference_id": "RHSA-2022:1491", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1491" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1492", "reference_id": "RHSA-2022:1492", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1492" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1728", "reference_id": "RHSA-2022:1728", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1728" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1729", "reference_id": "RHSA-2022:1729", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1729" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:2137", "reference_id": "RHSA-2022:2137", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:2137" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3136", "reference_id": "RHSA-2023:3136", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3136" }, { "reference_url": "https://usn.ubuntu.com/5388-1/", "reference_id": "USN-5388-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5388-1/" }, { "reference_url": "https://usn.ubuntu.com/5388-2/", "reference_id": "USN-5388-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5388-2/" }, { "reference_url": "https://usn.ubuntu.com/5546-1/", "reference_id": "USN-5546-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5546-1/" }, { "reference_url": "https://usn.ubuntu.com/5546-2/", "reference_id": "USN-5546-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5546-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/933612?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.3%2B7-1~deb11u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.3%252B7-1~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933611?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.3%2B7-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.3%252B7-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933604?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.12%2B7-2~deb11u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.12%252B7-2~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933602?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.17%252B10-1~deb12u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933605?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.19~6ea-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~6ea-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1062446?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.19~9ea-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-1%3Fdistro=sid" } ], "aliases": [ "CVE-2022-21426" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-hx4c-96gx-2fbq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/34429?format=api", "vulnerability_id": "VCID-jm9f-9y4b-qye7", "summary": "Multiple vulnerabilities have been found in IcedTea, the worst of which could result in arbitrary code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-39399.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-39399.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-39399", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00286", "scoring_system": "epss", "scoring_elements": "0.52035", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00286", "scoring_system": "epss", "scoring_elements": "0.52061", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00286", "scoring_system": "epss", "scoring_elements": "0.52027", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00286", "scoring_system": "epss", "scoring_elements": "0.52081", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00286", "scoring_system": "epss", "scoring_elements": "0.52077", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00286", "scoring_system": "epss", "scoring_elements": "0.52129", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00286", "scoring_system": "epss", "scoring_elements": "0.52113", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00286", "scoring_system": "epss", "scoring_elements": "0.52098", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00286", "scoring_system": "epss", "scoring_elements": "0.52138", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-39399" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21618", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21618" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21619", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21619" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21624", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21624" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21626", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21626" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21628", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21628" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39399", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39399" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21835", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21835" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21843", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21843" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2133776", "reference_id": "2133776", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2133776" }, { "reference_url": "https://security.gentoo.org/glsa/202409-26", "reference_id": "GLSA-202409-26", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202409-26" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:6999", "reference_id": "RHSA-2022:6999", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:6999" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7000", "reference_id": "RHSA-2022:7000", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7000" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7001", "reference_id": "RHSA-2022:7001", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7001" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7008", "reference_id": "RHSA-2022:7008", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7008" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7009", "reference_id": "RHSA-2022:7009", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7009" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7010", "reference_id": "RHSA-2022:7010", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7010" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7011", "reference_id": "RHSA-2022:7011", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7011" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7012", "reference_id": "RHSA-2022:7012", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7012" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7013", "reference_id": "RHSA-2022:7013", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7013" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7051", "reference_id": "RHSA-2022:7051", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7051" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7052", "reference_id": "RHSA-2022:7052", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7052" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7053", "reference_id": "RHSA-2022:7053", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7053" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7054", "reference_id": "RHSA-2022:7054", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7054" }, { "reference_url": "https://usn.ubuntu.com/5719-1/", "reference_id": "USN-5719-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5719-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/933615?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.5%2B8-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.5%252B8-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933616?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.6%2B10-1~deb11u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.6%252B10-1~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933604?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.12%2B7-2~deb11u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.12%252B7-2~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933602?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.17%252B10-1~deb12u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933605?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.19~6ea-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~6ea-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1062446?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.19~9ea-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-1%3Fdistro=sid" } ], "aliases": [ "CVE-2022-39399" ], "risk_score": 1.6, "exploitability": "0.5", "weighted_severity": "3.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jm9f-9y4b-qye7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31960?format=api", "vulnerability_id": "VCID-jw6x-cntu-nfht", "summary": "Multiple vulnerabilities have been discovered in OpenJDK, the worst of which could lead to remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-22036.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-22036.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-22036", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00097", "scoring_system": "epss", "scoring_elements": "0.26986", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00097", "scoring_system": "epss", "scoring_elements": "0.27022", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00097", "scoring_system": "epss", "scoring_elements": "0.26812", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00097", "scoring_system": "epss", "scoring_elements": "0.26881", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00097", "scoring_system": "epss", "scoring_elements": "0.26928", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00097", "scoring_system": "epss", "scoring_elements": "0.26932", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00097", "scoring_system": "epss", "scoring_elements": "0.26888", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00097", "scoring_system": "epss", "scoring_elements": "0.26831", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00097", "scoring_system": "epss", "scoring_elements": "0.26838", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-22036" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21930", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21930" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21937", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21937" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21938", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21938" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21939", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21939" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21954", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21954" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21967", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21967" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21968", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21968" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22006", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22006" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22036", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22036" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22041", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22041" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22045", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22045" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22049", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22049" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2221634", "reference_id": "2221634", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2221634" }, { "reference_url": "https://security.gentoo.org/glsa/202407-24", "reference_id": "GLSA-202407-24", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202407-24" }, { "reference_url": "https://security.gentoo.org/glsa/202412-07", "reference_id": "GLSA-202412-07", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-07" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4157", "reference_id": "RHSA-2023:4157", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4157" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4158", "reference_id": "RHSA-2023:4158", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4158" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4159", "reference_id": "RHSA-2023:4159", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4159" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4161", "reference_id": "RHSA-2023:4161", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4161" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4162", "reference_id": "RHSA-2023:4162", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4162" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4163", "reference_id": "RHSA-2023:4163", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4163" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4164", "reference_id": "RHSA-2023:4164", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4164" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4165", "reference_id": "RHSA-2023:4165", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4165" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4169", "reference_id": "RHSA-2023:4169", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4169" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4170", "reference_id": "RHSA-2023:4170", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4170" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4171", "reference_id": "RHSA-2023:4171", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4171" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4175", "reference_id": "RHSA-2023:4175", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4175" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4177", "reference_id": "RHSA-2023:4177", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4177" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4208", "reference_id": "RHSA-2023:4208", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4208" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4210", "reference_id": "RHSA-2023:4210", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4210" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4211", "reference_id": "RHSA-2023:4211", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4211" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4233", "reference_id": "RHSA-2023:4233", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4233" }, { "reference_url": "https://usn.ubuntu.com/6263-1/", "reference_id": "USN-6263-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6263-1/" }, { "reference_url": "https://usn.ubuntu.com/6272-1/", "reference_id": "USN-6272-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6272-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/933621?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.8%2B7-1~deb12u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.8%252B7-1~deb12u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933622?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.8%2B7-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.8%252B7-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933604?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.12%2B7-2~deb11u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.12%252B7-2~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933602?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.17%252B10-1~deb12u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933605?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.19~6ea-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~6ea-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1062446?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.19~9ea-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-1%3Fdistro=sid" } ], "aliases": [ "CVE-2023-22036" ], "risk_score": 1.6, "exploitability": "0.5", "weighted_severity": "3.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jw6x-cntu-nfht" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31976?format=api", "vulnerability_id": "VCID-jztz-7cuw-t7ep", "summary": "Multiple vulnerabilities have been discovered in OpenJDK, the worst of which could lead to remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-20945.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-20945.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-20945", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0004", "scoring_system": "epss", "scoring_elements": "0.1208", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0004", "scoring_system": "epss", "scoring_elements": "0.12267", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0004", "scoring_system": "epss", "scoring_elements": "0.12229", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0004", "scoring_system": "epss", "scoring_elements": "0.12193", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0004", "scoring_system": "epss", "scoring_elements": "0.12285", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0004", "scoring_system": "epss", "scoring_elements": "0.12331", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0004", "scoring_system": "epss", "scoring_elements": "0.1213", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0004", "scoring_system": "epss", "scoring_elements": "0.12211", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0004", "scoring_system": "epss", "scoring_elements": "0.1226", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-20945" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20918", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20918" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20919", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20919" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20921", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20921" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20926", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20926" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20932", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20932" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20945", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20945" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20952", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20952" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2257874", "reference_id": "2257874", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2257874" }, { "reference_url": "https://security.gentoo.org/glsa/202412-07", "reference_id": "GLSA-202412-07", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-07" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0222", "reference_id": "RHSA-2024:0222", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0222" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0223", "reference_id": "RHSA-2024:0223", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0223" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0224", "reference_id": "RHSA-2024:0224", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0224" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0225", "reference_id": "RHSA-2024:0225", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0225" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0226", "reference_id": "RHSA-2024:0226", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0226" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0228", "reference_id": "RHSA-2024:0228", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0228" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0230", "reference_id": "RHSA-2024:0230", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0230" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0231", "reference_id": "RHSA-2024:0231", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0231" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0232", "reference_id": "RHSA-2024:0232", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0232" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0233", "reference_id": "RHSA-2024:0233", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0233" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0234", "reference_id": "RHSA-2024:0234", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0234" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0235", "reference_id": "RHSA-2024:0235", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0235" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0237", "reference_id": "RHSA-2024:0237", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0237" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0239", "reference_id": "RHSA-2024:0239", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0239" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0240", "reference_id": "RHSA-2024:0240", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0240" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0241", "reference_id": "RHSA-2024:0241", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0241" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0242", "reference_id": "RHSA-2024:0242", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0242" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0244", "reference_id": "RHSA-2024:0244", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0244" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0246", "reference_id": "RHSA-2024:0246", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0246" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0247", "reference_id": "RHSA-2024:0247", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0247" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0248", "reference_id": "RHSA-2024:0248", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0248" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0249", "reference_id": "RHSA-2024:0249", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0249" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0250", "reference_id": "RHSA-2024:0250", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0250" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0265", "reference_id": "RHSA-2024:0265", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0265" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0266", "reference_id": "RHSA-2024:0266", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0266" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0267", "reference_id": "RHSA-2024:0267", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0267" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1481", "reference_id": "RHSA-2024:1481", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1481" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1482", "reference_id": "RHSA-2024:1482", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1482" }, { "reference_url": "https://usn.ubuntu.com/6660-1/", "reference_id": "USN-6660-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6660-1/" }, { "reference_url": "https://usn.ubuntu.com/6661-1/", "reference_id": "USN-6661-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6661-1/" }, { "reference_url": "https://usn.ubuntu.com/6662-1/", "reference_id": "USN-6662-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6662-1/" }, { "reference_url": "https://usn.ubuntu.com/6696-1/", "reference_id": "USN-6696-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6696-1/" }, { "reference_url": "https://usn.ubuntu.com/7096-1/", "reference_id": "USN-7096-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7096-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/933627?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.10%2B7-1~deb11u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.10%252B7-1~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933626?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.10%2B7-1~deb12u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.10%252B7-1~deb12u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933628?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.10%2B7-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.10%252B7-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933604?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.12%2B7-2~deb11u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.12%252B7-2~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933602?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.17%252B10-1~deb12u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933605?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.19~6ea-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~6ea-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1062446?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.19~9ea-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-1%3Fdistro=sid" } ], "aliases": [ "CVE-2024-20945" ], "risk_score": 2.1, "exploitability": "0.5", "weighted_severity": "4.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jztz-7cuw-t7ep" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/79486?format=api", "vulnerability_id": "VCID-kngz-x6mk-fqer", "summary": "OpenJDK: Improper ECDSA signature verification (Libraries, 8277233)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21449.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21449.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-21449", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.34335", "scoring_system": "epss", "scoring_elements": "0.96995", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.34335", "scoring_system": "epss", "scoring_elements": "0.96984", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.34335", "scoring_system": "epss", "scoring_elements": "0.96986", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.34898", "scoring_system": "epss", "scoring_elements": "0.97016", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.34898", "scoring_system": "epss", "scoring_elements": "0.97001", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.34898", "scoring_system": "epss", "scoring_elements": "0.97005", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.34898", "scoring_system": "epss", "scoring_elements": "0.97017", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.34898", "scoring_system": "epss", "scoring_elements": "0.97006", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-21449" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21426", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21426" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21434", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21434" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21443", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21443" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21449", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21449" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21476", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21476" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21496", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21496" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2022/04/29/1", "reference_id": "1", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-24T13:53:54Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2022/04/29/1" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2022/04/30/1", "reference_id": "1", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-24T13:53:54Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2022/04/30/1" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2022/05/01/1", "reference_id": "1", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-24T13:53:54Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2022/05/01/1" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2022/05/02/1", "reference_id": "1", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-24T13:53:54Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2022/05/02/1" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2022/04/28/2", "reference_id": "2", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-24T13:53:54Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2022/04/28/2" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2022/04/30/2", "reference_id": "2", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-24T13:53:54Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2022/04/30/2" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2022/05/01/2", "reference_id": "2", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-24T13:53:54Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2022/05/01/2" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2075821", "reference_id": "2075821", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2075821" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2022/04/28/3", "reference_id": "3", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-24T13:53:54Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2022/04/28/3" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2022/04/30/3", "reference_id": "3", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-24T13:53:54Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2022/04/30/3" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2022/04/28/4", "reference_id": "4", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-24T13:53:54Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2022/04/28/4" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2022/04/30/4", "reference_id": "4", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-24T13:53:54Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2022/04/30/4" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2022/04/28/5", "reference_id": "5", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-24T13:53:54Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2022/04/28/5" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2022/04/28/6", "reference_id": "6", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-24T13:53:54Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2022/04/28/6" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2022/04/28/7", "reference_id": "7", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-24T13:53:54Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2022/04/28/7" }, { "reference_url": "https://security.archlinux.org/AVG-2686", "reference_id": "AVG-2686", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2686" }, { "reference_url": "https://security.archlinux.org/AVG-2687", "reference_id": "AVG-2687", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2687" }, { "reference_url": "https://www.debian.org/security/2022/dsa-5128", "reference_id": "dsa-5128", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-24T13:53:54Z/" } ], "url": "https://www.debian.org/security/2022/dsa-5128" }, { "reference_url": "https://www.debian.org/security/2022/dsa-5131", "reference_id": "dsa-5131", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-24T13:53:54Z/" } ], "url": "https://www.debian.org/security/2022/dsa-5131" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20220429-0006/", "reference_id": "ntap-20220429-0006", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-24T13:53:54Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20220429-0006/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1436", "reference_id": "RHSA-2022:1436", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1436" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1437", "reference_id": "RHSA-2022:1437", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1437" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1445", "reference_id": "RHSA-2022:1445", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1445" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1729", "reference_id": "RHSA-2022:1729", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1729" }, { "reference_url": "https://usn.ubuntu.com/5388-2/", "reference_id": "USN-5388-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5388-2/" }, { "reference_url": "https://usn.ubuntu.com/5546-1/", "reference_id": "USN-5546-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5546-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/933612?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.3%2B7-1~deb11u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.3%252B7-1~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933611?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.3%2B7-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.3%252B7-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933604?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.12%2B7-2~deb11u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.12%252B7-2~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933602?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.17%252B10-1~deb12u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933605?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.19~6ea-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~6ea-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1062446?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.19~9ea-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-1%3Fdistro=sid" } ], "aliases": [ "CVE-2022-21449" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-kngz-x6mk-fqer" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/78474?format=api", "vulnerability_id": "VCID-kq78-adbv-67a7", "summary": "OpenJDK: improper connection handling during TLS handshake (8294474)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-21930.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-21930.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-21930", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00155", "scoring_system": "epss", "scoring_elements": "0.36258", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00155", "scoring_system": "epss", "scoring_elements": "0.36276", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00155", "scoring_system": "epss", "scoring_elements": "0.36239", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00155", "scoring_system": "epss", "scoring_elements": "0.36214", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00159", "scoring_system": "epss", "scoring_elements": "0.36941", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00159", "scoring_system": "epss", "scoring_elements": "0.36908", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00159", "scoring_system": "epss", "scoring_elements": "0.36839", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00159", "scoring_system": "epss", "scoring_elements": "0.36824", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00159", "scoring_system": "epss", "scoring_elements": "0.36774", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-21930" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21930", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21930" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21937", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21937" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21938", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21938" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21939", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21939" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21954", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21954" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21967", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21967" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21968", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21968" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22006", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22006" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22036", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22036" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22041", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22041" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22045", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22045" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22049", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22049" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1035957", "reference_id": "1035957", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1035957" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036280", "reference_id": "1036280", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036280" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2187435", "reference_id": "2187435", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2187435" }, { "reference_url": "https://www.debian.org/security/2023/dsa-5430", "reference_id": "dsa-5430", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-22T19:44:31Z/" } ], "url": "https://www.debian.org/security/2023/dsa-5430" }, { "reference_url": "https://www.debian.org/security/2023/dsa-5478", "reference_id": "dsa-5478", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-22T19:44:31Z/" } ], "url": "https://www.debian.org/security/2023/dsa-5478" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00018.html", "reference_id": "msg00018.html", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-22T19:44:31Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00018.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20230427-0008/", "reference_id": "ntap-20230427-0008", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-22T19:44:31Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20230427-0008/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1875", "reference_id": "RHSA-2023:1875", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1875" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1877", "reference_id": "RHSA-2023:1877", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1877" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1878", "reference_id": "RHSA-2023:1878", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1878" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1879", "reference_id": "RHSA-2023:1879", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1879" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1880", "reference_id": "RHSA-2023:1880", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1880" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1882", "reference_id": "RHSA-2023:1882", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1882" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1883", "reference_id": "RHSA-2023:1883", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1883" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1884", "reference_id": "RHSA-2023:1884", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1884" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1885", "reference_id": "RHSA-2023:1885", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1885" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1889", "reference_id": "RHSA-2023:1889", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1889" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1890", "reference_id": "RHSA-2023:1890", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1890" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1891", "reference_id": "RHSA-2023:1891", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1891" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1892", "reference_id": "RHSA-2023:1892", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1892" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1895", "reference_id": "RHSA-2023:1895", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1895" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1898", "reference_id": "RHSA-2023:1898", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1898" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1899", "reference_id": "RHSA-2023:1899", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1899" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1900", "reference_id": "RHSA-2023:1900", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1900" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1903", "reference_id": "RHSA-2023:1903", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1903" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1904", "reference_id": "RHSA-2023:1904", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1904" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1905", "reference_id": "RHSA-2023:1905", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1905" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1906", "reference_id": "RHSA-2023:1906", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1906" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1907", "reference_id": "RHSA-2023:1907", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1907" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1908", "reference_id": "RHSA-2023:1908", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1908" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1909", "reference_id": "RHSA-2023:1909", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1909" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1910", "reference_id": "RHSA-2023:1910", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1910" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1911", "reference_id": "RHSA-2023:1911", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1911" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1912", "reference_id": "RHSA-2023:1912", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1912" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4103", "reference_id": "RHSA-2023:4103", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4103" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4160", "reference_id": "RHSA-2023:4160", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4160" }, { "reference_url": "https://usn.ubuntu.com/6077-1/", "reference_id": "USN-6077-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6077-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/933619?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.7%2B7-1~deb11u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.7%252B7-1~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933618?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.7%2B7-1~deb12u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.7%252B7-1~deb12u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933620?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.7%2B7-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.7%252B7-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933604?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.12%2B7-2~deb11u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.12%252B7-2~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933602?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.17%252B10-1~deb12u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933605?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.19~6ea-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~6ea-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1062446?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.19~9ea-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-1%3Fdistro=sid" } ], "aliases": [ "CVE-2023-21930" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.7", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-kq78-adbv-67a7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/34424?format=api", "vulnerability_id": "VCID-m3e1-5tfw-uyhv", "summary": "Multiple vulnerabilities have been found in IcedTea, the worst of which could result in arbitrary code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21618.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21618.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-21618", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00292", "scoring_system": "epss", "scoring_elements": "0.52551", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00292", "scoring_system": "epss", "scoring_elements": "0.52577", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00292", "scoring_system": "epss", "scoring_elements": "0.52544", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00292", "scoring_system": "epss", "scoring_elements": "0.52595", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00292", "scoring_system": "epss", "scoring_elements": "0.52589", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00292", "scoring_system": "epss", "scoring_elements": "0.52639", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00292", "scoring_system": "epss", "scoring_elements": "0.52623", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00292", "scoring_system": "epss", "scoring_elements": "0.52609", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00292", "scoring_system": "epss", "scoring_elements": "0.52648", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-21618" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21618", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21618" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21619", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21619" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21624", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21624" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21628", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21628" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39399", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39399" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21835", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21835" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21843", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21843" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2133817", "reference_id": "2133817", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2133817" }, { "reference_url": "https://security.gentoo.org/glsa/202409-26", "reference_id": "GLSA-202409-26", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202409-26" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:6999", "reference_id": "RHSA-2022:6999", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:6999" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7000", "reference_id": "RHSA-2022:7000", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7000" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7001", "reference_id": "RHSA-2022:7001", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7001" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7008", "reference_id": "RHSA-2022:7008", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7008" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7009", "reference_id": "RHSA-2022:7009", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7009" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7010", "reference_id": "RHSA-2022:7010", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7010" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7011", "reference_id": "RHSA-2022:7011", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7011" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7012", "reference_id": "RHSA-2022:7012", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7012" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7013", "reference_id": "RHSA-2022:7013", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7013" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7051", "reference_id": "RHSA-2022:7051", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7051" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7052", "reference_id": "RHSA-2022:7052", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7052" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7053", "reference_id": "RHSA-2022:7053", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7053" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7054", "reference_id": "RHSA-2022:7054", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7054" }, { "reference_url": "https://usn.ubuntu.com/5719-1/", "reference_id": "USN-5719-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5719-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/933615?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.5%2B8-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.5%252B8-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933616?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.6%2B10-1~deb11u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.6%252B10-1~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933604?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.12%2B7-2~deb11u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.12%252B7-2~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933602?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.17%252B10-1~deb12u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933605?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.19~6ea-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~6ea-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1062446?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.19~9ea-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-1%3Fdistro=sid" } ], "aliases": [ "CVE-2022-21618" ], "risk_score": 2.4, "exploitability": "0.5", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-m3e1-5tfw-uyhv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/64941?format=api", "vulnerability_id": "VCID-mt9c-tby1-wqe9", "summary": "openjdk: Improve JMX connections (Oracle CPU 2026-01)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-21925.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-21925.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-21925", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00035", "scoring_system": "epss", "scoring_elements": "0.10163", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00035", "scoring_system": "epss", "scoring_elements": "0.10104", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00035", "scoring_system": "epss", "scoring_elements": "0.10292", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00035", "scoring_system": "epss", "scoring_elements": "0.10251", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00035", "scoring_system": "epss", "scoring_elements": "0.10232", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00035", "scoring_system": "epss", "scoring_elements": "0.10229", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00035", "scoring_system": "epss", "scoring_elements": "0.10125", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00035", "scoring_system": "epss", "scoring_elements": "0.102", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00035", "scoring_system": "epss", "scoring_elements": "0.1026", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-21925" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-21925", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-21925" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1126119", "reference_id": "1126119", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1126119" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2429924", "reference_id": "2429924", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2429924" }, { "reference_url": "https://www.oracle.com/security-alerts/cpujan2026.html", "reference_id": "cpujan2026.html", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-21T20:50:27Z/" } ], "url": "https://www.oracle.com/security-alerts/cpujan2026.html" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0847", "reference_id": "RHSA-2026:0847", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0847" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0848", "reference_id": "RHSA-2026:0848", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0848" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0849", "reference_id": "RHSA-2026:0849", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0849" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0895", "reference_id": "RHSA-2026:0895", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0895" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0896", "reference_id": "RHSA-2026:0896", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0896" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0897", "reference_id": "RHSA-2026:0897", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0897" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0898", "reference_id": "RHSA-2026:0898", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0898" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0899", "reference_id": "RHSA-2026:0899", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0899" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0900", "reference_id": "RHSA-2026:0900", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0900" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0901", "reference_id": "RHSA-2026:0901", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0901" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0927", "reference_id": "RHSA-2026:0927", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0927" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0928", "reference_id": "RHSA-2026:0928", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0928" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0931", "reference_id": "RHSA-2026:0931", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0931" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0932", "reference_id": "RHSA-2026:0932", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0932" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0933", "reference_id": "RHSA-2026:0933", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0933" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1606", "reference_id": "RHSA-2026:1606", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1606" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4832", "reference_id": "RHSA-2026:4832", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4832" }, { "reference_url": "https://usn.ubuntu.com/7995-1/", "reference_id": "USN-7995-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7995-1/" }, { "reference_url": "https://usn.ubuntu.com/7996-1/", "reference_id": "USN-7996-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7996-1/" }, { "reference_url": "https://usn.ubuntu.com/7997-1/", "reference_id": "USN-7997-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7997-1/" }, { "reference_url": "https://usn.ubuntu.com/7998-1/", "reference_id": "USN-7998-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7998-1/" }, { "reference_url": "https://usn.ubuntu.com/8000-1/", "reference_id": "USN-8000-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8000-1/" }, { "reference_url": "https://usn.ubuntu.com/8001-1/", "reference_id": "USN-8001-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8001-1/" }, { "reference_url": "https://usn.ubuntu.com/8002-1/", "reference_id": "USN-8002-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8002-1/" }, { "reference_url": "https://usn.ubuntu.com/8003-1/", "reference_id": "USN-8003-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8003-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/933604?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.12%2B7-2~deb11u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.12%252B7-2~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933602?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.17%252B10-1~deb12u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933649?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.18%2B8-1~deb11u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.18%252B8-1~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933648?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.18%2B8-1~deb12u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.18%252B8-1~deb12u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933650?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.18%2B8-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.18%252B8-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933605?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.19~6ea-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~6ea-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1062446?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.19~9ea-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-1%3Fdistro=sid" } ], "aliases": [ "CVE-2026-21925" ], "risk_score": 2.1, "exploitability": "0.5", "weighted_severity": "4.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-mt9c-tby1-wqe9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/34373?format=api", "vulnerability_id": "VCID-mumk-x95v-bfc8", "summary": "Multiple vulnerabilities have been found in OpenJDK, the worst of which could result in denial of service.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21366.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21366.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-21366", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00164", "scoring_system": "epss", "scoring_elements": "0.37445", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00164", "scoring_system": "epss", "scoring_elements": "0.3747", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00882", "scoring_system": "epss", "scoring_elements": "0.75391", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00882", "scoring_system": "epss", "scoring_elements": "0.75412", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00882", "scoring_system": "epss", "scoring_elements": "0.7539", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00882", "scoring_system": "epss", "scoring_elements": "0.75378", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00882", "scoring_system": "epss", "scoring_elements": "0.7542", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00882", "scoring_system": "epss", "scoring_elements": "0.75338", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00882", "scoring_system": "epss", "scoring_elements": "0.75382", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-21366" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21248", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21248" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21277", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21277" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21282", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21282" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21283", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21283" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21291", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21291" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21293", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21293" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21294", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21294" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21296", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21296" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21299", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21299" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21305", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21305" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21340", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21340" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21341", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21341" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21360", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21360" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21365", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21365" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21366", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21366" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2041789", "reference_id": "2041789", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2041789" }, { "reference_url": "https://security.gentoo.org/glsa/202209-05", "reference_id": "GLSA-202209-05", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202209-05" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0161", "reference_id": "RHSA-2022:0161", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0161" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0165", "reference_id": "RHSA-2022:0165", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0165" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0166", "reference_id": "RHSA-2022:0166", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0166" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0185", "reference_id": "RHSA-2022:0185", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0185" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0204", "reference_id": "RHSA-2022:0204", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0204" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0209", "reference_id": "RHSA-2022:0209", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0209" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0211", "reference_id": "RHSA-2022:0211", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0211" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0228", "reference_id": "RHSA-2022:0228", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0228" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0229", "reference_id": "RHSA-2022:0229", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0229" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0233", "reference_id": "RHSA-2022:0233", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0233" }, { "reference_url": "https://usn.ubuntu.com/5313-1/", "reference_id": "USN-5313-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5313-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/933610?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.2%2B8-1~deb11u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.2%252B8-1~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933609?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.2%2B8-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.2%252B8-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933604?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.12%2B7-2~deb11u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.12%252B7-2~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933602?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.17%252B10-1~deb12u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933605?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.19~6ea-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~6ea-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1062446?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.19~9ea-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-1%3Fdistro=sid" } ], "aliases": [ "CVE-2022-21366" ], "risk_score": 2.4, "exploitability": "0.5", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-mumk-x95v-bfc8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/74710?format=api", "vulnerability_id": "VCID-n71d-tx76-vbbd", "summary": "OpenJDK: Out-of-bounds access in 2D image handling (8324559)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21145.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21145.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-21145", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0045", "scoring_system": "epss", "scoring_elements": "0.63666", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0045", "scoring_system": "epss", "scoring_elements": "0.63595", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0045", "scoring_system": "epss", "scoring_elements": "0.63647", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0045", "scoring_system": "epss", "scoring_elements": "0.63663", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0045", "scoring_system": "epss", "scoring_elements": "0.63678", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0045", "scoring_system": "epss", "scoring_elements": "0.6363", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0045", "scoring_system": "epss", "scoring_elements": "0.63609", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0045", "scoring_system": "epss", "scoring_elements": "0.63636", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-21145" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21131", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21131" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21138", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21138" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21140", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21140" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21144", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21144" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21145", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21145" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21147", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21147" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2297976", "reference_id": "2297976", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2297976" }, { "reference_url": "https://www.oracle.com/security-alerts/cpujul2024.html", "reference_id": "cpujul2024.html", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-17T13:58:12Z/" } ], "url": "https://www.oracle.com/security-alerts/cpujul2024.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20240719-0008/", "reference_id": "ntap-20240719-0008", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-17T13:58:12Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20240719-0008/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4560", "reference_id": "RHSA-2024:4560", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4560" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4561", "reference_id": "RHSA-2024:4561", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4561" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4562", "reference_id": "RHSA-2024:4562", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4562" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4563", "reference_id": "RHSA-2024:4563", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4563" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4564", "reference_id": "RHSA-2024:4564", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4564" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4565", "reference_id": "RHSA-2024:4565", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4565" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4566", "reference_id": "RHSA-2024:4566", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4566" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4567", "reference_id": "RHSA-2024:4567", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4567" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4568", "reference_id": "RHSA-2024:4568", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4568" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4569", "reference_id": "RHSA-2024:4569", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4569" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4570", "reference_id": "RHSA-2024:4570", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4570" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4571", "reference_id": "RHSA-2024:4571", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4571" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4572", "reference_id": "RHSA-2024:4572", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4572" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4573", "reference_id": "RHSA-2024:4573", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4573" }, { "reference_url": "https://usn.ubuntu.com/6929-1/", "reference_id": "USN-6929-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6929-1/" }, { "reference_url": "https://usn.ubuntu.com/6930-1/", "reference_id": "USN-6930-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6930-1/" }, { "reference_url": "https://usn.ubuntu.com/6931-1/", "reference_id": "USN-6931-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6931-1/" }, { "reference_url": "https://usn.ubuntu.com/6932-1/", "reference_id": "USN-6932-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6932-1/" }, { "reference_url": "https://usn.ubuntu.com/7096-1/", "reference_id": "USN-7096-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7096-1/" }, { "reference_url": "https://usn.ubuntu.com/7097-1/", "reference_id": "USN-7097-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7097-1/" }, { "reference_url": "https://usn.ubuntu.com/7098-1/", "reference_id": "USN-7098-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7098-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/933633?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.12%2B7-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.12%252B7-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933604?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.12%2B7-2~deb11u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.12%252B7-2~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933632?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.12%2B7-2~deb12u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.12%252B7-2~deb12u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933602?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.17%252B10-1~deb12u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933605?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.19~6ea-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~6ea-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1062446?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.19~9ea-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-1%3Fdistro=sid" } ], "aliases": [ "CVE-2024-21145" ], "risk_score": 2.1, "exploitability": "0.5", "weighted_severity": "4.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-n71d-tx76-vbbd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/34354?format=api", "vulnerability_id": "VCID-ne6z-gg9f-qkcy", "summary": "Multiple vulnerabilities have been found in OpenJDK, the worst of which could result in denial of service.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21282.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21282.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-21282", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00133", "scoring_system": "epss", "scoring_elements": "0.33007", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00133", "scoring_system": "epss", "scoring_elements": "0.33041", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00133", "scoring_system": "epss", "scoring_elements": "0.32871", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00133", "scoring_system": "epss", "scoring_elements": "0.32918", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00133", "scoring_system": "epss", "scoring_elements": "0.32948", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00133", "scoring_system": "epss", "scoring_elements": "0.3295", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00133", "scoring_system": "epss", "scoring_elements": "0.32912", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00133", "scoring_system": "epss", "scoring_elements": "0.32887", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00133", "scoring_system": "epss", "scoring_elements": "0.32926", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-21282" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21248", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21248" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21277", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21277" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21282", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21282" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21283", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21283" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21291", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21291" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21293", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21293" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21294", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21294" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21296", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21296" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21299", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21299" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21305", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21305" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21340", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21340" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21341", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21341" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21360", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21360" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21365", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21365" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21366", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21366" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2041435", "reference_id": "2041435", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2041435" }, { "reference_url": "https://security.gentoo.org/glsa/202209-05", "reference_id": "GLSA-202209-05", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202209-05" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0161", "reference_id": "RHSA-2022:0161", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0161" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0165", "reference_id": "RHSA-2022:0165", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0165" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0166", "reference_id": "RHSA-2022:0166", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0166" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0185", "reference_id": "RHSA-2022:0185", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0185" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0204", "reference_id": "RHSA-2022:0204", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0204" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0209", "reference_id": "RHSA-2022:0209", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0209" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0211", "reference_id": "RHSA-2022:0211", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0211" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0228", "reference_id": "RHSA-2022:0228", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0228" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0229", "reference_id": "RHSA-2022:0229", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0229" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0233", "reference_id": "RHSA-2022:0233", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0233" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0304", "reference_id": "RHSA-2022:0304", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0304" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0305", "reference_id": "RHSA-2022:0305", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0305" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0306", "reference_id": "RHSA-2022:0306", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0306" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0307", "reference_id": "RHSA-2022:0307", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0307" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0312", "reference_id": "RHSA-2022:0312", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0312" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0317", "reference_id": "RHSA-2022:0317", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0317" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0321", "reference_id": "RHSA-2022:0321", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0321" }, { "reference_url": "https://usn.ubuntu.com/5313-1/", "reference_id": "USN-5313-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5313-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/933610?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.2%2B8-1~deb11u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.2%252B8-1~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933609?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.2%2B8-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.2%252B8-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933604?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.12%2B7-2~deb11u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.12%252B7-2~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933602?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.17%252B10-1~deb12u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933605?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.19~6ea-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~6ea-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1062446?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.19~9ea-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-1%3Fdistro=sid" } ], "aliases": [ "CVE-2022-21282" ], "risk_score": 2.4, "exploitability": "0.5", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ne6z-gg9f-qkcy" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31970?format=api", "vulnerability_id": "VCID-nr6u-aysf-7kgk", "summary": "Multiple vulnerabilities have been discovered in OpenJDK, the worst of which could lead to remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-20919.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-20919.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-20919", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0017", "scoring_system": "epss", "scoring_elements": "0.38242", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0017", "scoring_system": "epss", "scoring_elements": "0.38255", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0017", "scoring_system": "epss", "scoring_elements": "0.3822", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0017", "scoring_system": "epss", "scoring_elements": "0.38196", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0017", "scoring_system": "epss", "scoring_elements": "0.38286", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0017", "scoring_system": "epss", "scoring_elements": "0.38309", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0017", "scoring_system": "epss", "scoring_elements": "0.38178", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0017", "scoring_system": "epss", "scoring_elements": "0.38228", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0017", "scoring_system": "epss", "scoring_elements": "0.38237", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-20919" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20918", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20918" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20919", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20919" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20921", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20921" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20926", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20926" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20932", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20932" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20945", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20945" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20952", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20952" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2257853", "reference_id": "2257853", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2257853" }, { "reference_url": "https://security.gentoo.org/glsa/202412-07", "reference_id": "GLSA-202412-07", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-07" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0222", "reference_id": "RHSA-2024:0222", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0222" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0223", "reference_id": "RHSA-2024:0223", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0223" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0224", "reference_id": "RHSA-2024:0224", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0224" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0225", "reference_id": "RHSA-2024:0225", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0225" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0226", "reference_id": "RHSA-2024:0226", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0226" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0228", "reference_id": "RHSA-2024:0228", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0228" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0230", "reference_id": "RHSA-2024:0230", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0230" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0231", "reference_id": "RHSA-2024:0231", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0231" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0232", "reference_id": "RHSA-2024:0232", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0232" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0233", "reference_id": "RHSA-2024:0233", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0233" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0234", "reference_id": "RHSA-2024:0234", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0234" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0235", "reference_id": "RHSA-2024:0235", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0235" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0237", "reference_id": "RHSA-2024:0237", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0237" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0239", "reference_id": "RHSA-2024:0239", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0239" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0240", "reference_id": "RHSA-2024:0240", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0240" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0241", "reference_id": "RHSA-2024:0241", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0241" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0242", "reference_id": "RHSA-2024:0242", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0242" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0244", "reference_id": "RHSA-2024:0244", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0244" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0246", "reference_id": "RHSA-2024:0246", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0246" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0247", "reference_id": "RHSA-2024:0247", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0247" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0248", "reference_id": "RHSA-2024:0248", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0248" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0249", "reference_id": "RHSA-2024:0249", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0249" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0250", "reference_id": "RHSA-2024:0250", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0250" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0265", "reference_id": "RHSA-2024:0265", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0265" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0266", "reference_id": "RHSA-2024:0266", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0266" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0267", "reference_id": "RHSA-2024:0267", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0267" }, { "reference_url": "https://usn.ubuntu.com/6660-1/", "reference_id": "USN-6660-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6660-1/" }, { "reference_url": "https://usn.ubuntu.com/6661-1/", "reference_id": "USN-6661-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6661-1/" }, { "reference_url": "https://usn.ubuntu.com/6662-1/", "reference_id": "USN-6662-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6662-1/" }, { "reference_url": "https://usn.ubuntu.com/6696-1/", "reference_id": "USN-6696-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6696-1/" }, { "reference_url": "https://usn.ubuntu.com/7096-1/", "reference_id": "USN-7096-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7096-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/933627?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.10%2B7-1~deb11u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.10%252B7-1~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933626?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.10%2B7-1~deb12u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.10%252B7-1~deb12u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933628?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.10%2B7-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.10%252B7-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933604?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.12%2B7-2~deb11u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.12%252B7-2~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933602?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.17%252B10-1~deb12u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933605?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.19~6ea-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~6ea-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1062446?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.19~9ea-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-1%3Fdistro=sid" } ], "aliases": [ "CVE-2024-20919" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-nr6u-aysf-7kgk" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/71990?format=api", "vulnerability_id": "VCID-ntga-y6cv-a3df", "summary": "openjdk: Enhance array handling (Oracle CPU 2025-01)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-21502.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-21502.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-21502", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.002", "scoring_system": "epss", "scoring_elements": "0.42064", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.002", "scoring_system": "epss", "scoring_elements": "0.42104", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.002", "scoring_system": "epss", "scoring_elements": "0.42116", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.002", "scoring_system": "epss", "scoring_elements": "0.42079", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.002", "scoring_system": "epss", "scoring_elements": "0.42054", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.002", "scoring_system": "epss", "scoring_elements": "0.42092", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.002", "scoring_system": "epss", "scoring_elements": "0.42029", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.002", "scoring_system": "epss", "scoring_elements": "0.42081", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.002", "scoring_system": "epss", "scoring_elements": "0.42094", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-21502" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21502", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21502" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2338992", "reference_id": "2338992", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2338992" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm:20.3.16:*:*:*:enterprise:*:*:*", "reference_id": "cpe:2.3:a:oracle:graalvm:20.3.16:*:*:*:enterprise:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm:20.3.16:*:*:*:enterprise:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm:21.3.12:*:*:*:enterprise:*:*:*", "reference_id": "cpe:2.3:a:oracle:graalvm:21.3.12:*:*:*:enterprise:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm:21.3.12:*:*:*:enterprise:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:17.0.13:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:graalvm_for_jdk:17.0.13:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:17.0.13:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:21.0.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:graalvm_for_jdk:21.0.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:21.0.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:23.0.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:graalvm_for_jdk:23.0.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:23.0.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:11.0.25:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:java_se:11.0.25:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:11.0.25:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:17.0.13:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:java_se:17.0.13:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:17.0.13:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:21.0.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:java_se:21.0.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:21.0.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:23.0.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:java_se:23.0.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:23.0.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:8u431:*:*:*:enterprise_performance:*:*:*", "reference_id": "cpe:2.3:a:oracle:java_se:8u431:*:*:*:enterprise_performance:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:8u431:*:*:*:enterprise_performance:*:*:*" }, { "reference_url": "https://www.oracle.com/security-alerts/cpujan2025.html", "reference_id": "cpujan2025.html", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T16:29:12Z/" } ], "url": "https://www.oracle.com/security-alerts/cpujan2025.html" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0421", "reference_id": "RHSA-2025:0421", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0421" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0422", "reference_id": "RHSA-2025:0422", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0422" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0423", "reference_id": "RHSA-2025:0423", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0423" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0424", "reference_id": "RHSA-2025:0424", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0424" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0425", "reference_id": "RHSA-2025:0425", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0425" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0426", "reference_id": "RHSA-2025:0426", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0426" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0427", "reference_id": "RHSA-2025:0427", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0427" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0428", "reference_id": "RHSA-2025:0428", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0428" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0429", "reference_id": "RHSA-2025:0429", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0429" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1154", "reference_id": "RHSA-2025:1154", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1154" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2615", "reference_id": "RHSA-2025:2615", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:2615" }, { "reference_url": "https://usn.ubuntu.com/7252-1/", "reference_id": "USN-7252-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7252-1/" }, { "reference_url": "https://usn.ubuntu.com/7253-1/", "reference_id": "USN-7253-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7253-1/" }, { "reference_url": "https://usn.ubuntu.com/7254-1/", "reference_id": "USN-7254-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7254-1/" }, { "reference_url": "https://usn.ubuntu.com/7255-1/", "reference_id": "USN-7255-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7255-1/" }, { "reference_url": "https://usn.ubuntu.com/7338-1/", "reference_id": "USN-7338-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7338-1/" }, { "reference_url": "https://usn.ubuntu.com/7339-1/", "reference_id": "USN-7339-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7339-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/933604?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.12%2B7-2~deb11u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.12%252B7-2~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933638?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.14%2B7-1~deb11u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.14%252B7-1~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933637?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.14%2B7-1~deb12u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.14%252B7-1~deb12u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933639?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.14%2B7-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.14%252B7-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933602?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.17%252B10-1~deb12u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933605?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.19~6ea-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~6ea-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1062446?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.19~9ea-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-1%3Fdistro=sid" } ], "aliases": [ "CVE-2025-21502" ], "risk_score": 2.1, "exploitability": "0.5", "weighted_severity": "4.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ntga-y6cv-a3df" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/66831?format=api", "vulnerability_id": "VCID-nxx8-nehy-qyhg", "summary": "openjdk: Enhance Path Factories (Oracle CPU 2025-10)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-53066.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-53066.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-53066", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00055", "scoring_system": "epss", "scoring_elements": "0.17286", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00055", "scoring_system": "epss", "scoring_elements": "0.17073", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00055", "scoring_system": "epss", "scoring_elements": "0.17241", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00055", "scoring_system": "epss", "scoring_elements": "0.17193", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00055", "scoring_system": "epss", "scoring_elements": "0.17132", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00055", "scoring_system": "epss", "scoring_elements": "0.17335", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00055", "scoring_system": "epss", "scoring_elements": "0.17115", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00055", "scoring_system": "epss", "scoring_elements": "0.17207", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00055", "scoring_system": "epss", "scoring_elements": "0.17263", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-53066" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-53066", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-53066" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1118944", "reference_id": "1118944", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1118944" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2403063", "reference_id": "2403063", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2403063" }, { "reference_url": "https://www.oracle.com/security-alerts/cpuoct2025.html", "reference_id": "cpuoct2025.html", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-22T19:44:34Z/" } ], "url": "https://www.oracle.com/security-alerts/cpuoct2025.html" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:18814", "reference_id": "RHSA-2025:18814", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:18814" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:18815", "reference_id": "RHSA-2025:18815", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:18815" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:18816", "reference_id": "RHSA-2025:18816", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:18816" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:18817", "reference_id": "RHSA-2025:18817", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:18817" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:18818", "reference_id": "RHSA-2025:18818", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:18818" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:18819", "reference_id": "RHSA-2025:18819", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:18819" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:18820", "reference_id": "RHSA-2025:18820", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:18820" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:18821", "reference_id": "RHSA-2025:18821", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:18821" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:18822", "reference_id": "RHSA-2025:18822", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:18822" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:18823", "reference_id": "RHSA-2025:18823", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:18823" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:18824", "reference_id": "RHSA-2025:18824", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:18824" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:18825", "reference_id": "RHSA-2025:18825", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:18825" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:18826", "reference_id": "RHSA-2025:18826", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:18826" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21485", "reference_id": "RHSA-2025:21485", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21485" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22370", "reference_id": "RHSA-2025:22370", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22370" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22672", "reference_id": "RHSA-2025:22672", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22672" }, { "reference_url": "https://usn.ubuntu.com/7881-1/", "reference_id": "USN-7881-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7881-1/" }, { "reference_url": "https://usn.ubuntu.com/7882-1/", "reference_id": "USN-7882-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7882-1/" }, { "reference_url": "https://usn.ubuntu.com/7883-1/", "reference_id": "USN-7883-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7883-1/" }, { "reference_url": "https://usn.ubuntu.com/7884-1/", "reference_id": "USN-7884-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7884-1/" }, { "reference_url": "https://usn.ubuntu.com/7885-1/", "reference_id": "USN-7885-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7885-1/" }, { "reference_url": "https://usn.ubuntu.com/7900-1/", "reference_id": "USN-7900-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7900-1/" }, { "reference_url": "https://usn.ubuntu.com/7901-1/", "reference_id": "USN-7901-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7901-1/" }, { "reference_url": "https://usn.ubuntu.com/7902-1/", "reference_id": "USN-7902-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7902-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/933604?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.12%2B7-2~deb11u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.12%252B7-2~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933646?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb11u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.17%252B10-1~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933602?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.17%252B10-1~deb12u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933647?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.17%2B10-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.17%252B10-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933605?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.19~6ea-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~6ea-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1062446?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.19~9ea-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-1%3Fdistro=sid" } ], "aliases": [ "CVE-2025-53066" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-nxx8-nehy-qyhg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/34350?format=api", "vulnerability_id": "VCID-p5ye-19wy-ayb8", "summary": "Multiple vulnerabilities have been found in OpenJDK, the worst of which could result in denial of service.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-35603.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-35603.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-35603", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00123", "scoring_system": "epss", "scoring_elements": "0.31435", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00123", "scoring_system": "epss", "scoring_elements": "0.31485", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00123", "scoring_system": "epss", "scoring_elements": "0.3157", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00123", "scoring_system": "epss", "scoring_elements": "0.31474", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00123", "scoring_system": "epss", "scoring_elements": "0.3144", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00123", "scoring_system": "epss", "scoring_elements": "0.31477", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00123", "scoring_system": "epss", "scoring_elements": "0.31519", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00123", "scoring_system": "epss", "scoring_elements": "0.31514", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00123", "scoring_system": "epss", "scoring_elements": "0.31613", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00123", "scoring_system": "epss", "scoring_elements": "0.31432", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-35603" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35550", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35550" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35556", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35556" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35559", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35559" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35561", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35561" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35564", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35564" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35565", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35565" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35567", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35567" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35578", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35578" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35586", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35586" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35603", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35603" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2015311", "reference_id": "2015311", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2015311" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6EUURAQOIJYFZHQ7DFZCO6IKDPIAWTNK/", "reference_id": "6EUURAQOIJYFZHQ7DFZCO6IKDPIAWTNK", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-18T17:52:57Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6EUURAQOIJYFZHQ7DFZCO6IKDPIAWTNK/" }, { "reference_url": "https://security.archlinux.org/AVG-2477", "reference_id": "AVG-2477", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2477" }, { "reference_url": "https://security.archlinux.org/AVG-2478", "reference_id": "AVG-2478", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2478" }, { "reference_url": "https://security.archlinux.org/AVG-2479", "reference_id": "AVG-2479", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2479" }, { "reference_url": "https://www.debian.org/security/2021/dsa-5000", "reference_id": "dsa-5000", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-18T17:52:57Z/" } ], "url": "https://www.debian.org/security/2021/dsa-5000" }, { "reference_url": "https://www.debian.org/security/2021/dsa-5012", "reference_id": "dsa-5012", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-18T17:52:57Z/" } ], "url": "https://www.debian.org/security/2021/dsa-5012" }, { "reference_url": "https://security.gentoo.org/glsa/202209-05", "reference_id": "GLSA-202209-05", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-18T17:52:57Z/" } ], "url": "https://security.gentoo.org/glsa/202209-05" }, { "reference_url": "https://security.gentoo.org/glsa/202409-26", "reference_id": "GLSA-202409-26", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202409-26" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GTYZWIXDFUV2H57YQZJWPOD3BC3I3EIQ/", "reference_id": "GTYZWIXDFUV2H57YQZJWPOD3BC3I3EIQ", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-18T17:52:57Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GTYZWIXDFUV2H57YQZJWPOD3BC3I3EIQ/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GXTUWAWXVU37GRNIG4TPMA47THO6VAE6/", "reference_id": "GXTUWAWXVU37GRNIG4TPMA47THO6VAE6", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-18T17:52:57Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GXTUWAWXVU37GRNIG4TPMA47THO6VAE6/" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2021/11/msg00008.html", "reference_id": "msg00008.html", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-18T17:52:57Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2021/11/msg00008.html" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3884", "reference_id": "RHSA-2021:3884", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3884" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3885", "reference_id": "RHSA-2021:3885", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3885" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3886", "reference_id": "RHSA-2021:3886", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3886" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3887", "reference_id": "RHSA-2021:3887", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3887" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3889", "reference_id": "RHSA-2021:3889", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3889" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3891", "reference_id": "RHSA-2021:3891", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3891" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3892", "reference_id": "RHSA-2021:3892", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3892" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3893", "reference_id": "RHSA-2021:3893", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3893" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3960", "reference_id": "RHSA-2021:3960", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3960" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3961", "reference_id": "RHSA-2021:3961", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3961" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3967", "reference_id": "RHSA-2021:3967", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3967" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3968", "reference_id": "RHSA-2021:3968", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3968" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4135", "reference_id": "RHSA-2021:4135", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4135" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4531", "reference_id": "RHSA-2021:4531", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4531" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4532", "reference_id": "RHSA-2021:4532", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4532" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0968", "reference_id": "RHSA-2022:0968", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0968" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0969", "reference_id": "RHSA-2022:0969", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0969" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0970", "reference_id": "RHSA-2022:0970", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0970" }, { "reference_url": "https://usn.ubuntu.com/5202-1/", "reference_id": "USN-5202-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5202-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/933607?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.1%2B12-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.1%252B12-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933608?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.1%2B12-1%2Bdeb11u2?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.1%252B12-1%252Bdeb11u2%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933604?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.12%2B7-2~deb11u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.12%252B7-2~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933602?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.17%252B10-1~deb12u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933605?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.19~6ea-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~6ea-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1062446?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.19~9ea-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-1%3Fdistro=sid" } ], "aliases": [ "CVE-2021-35603" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-p5ye-19wy-ayb8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/68624?format=api", "vulnerability_id": "VCID-p9na-7jta-9yg4", "summary": "openjdk: Enhance TLS protocol support (Oracle CPU 2025-07)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-30754.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-30754.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-30754", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00114", "scoring_system": "epss", "scoring_elements": "0.3003", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00114", "scoring_system": "epss", "scoring_elements": "0.29891", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00114", "scoring_system": "epss", "scoring_elements": "0.30077", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00114", "scoring_system": "epss", "scoring_elements": "0.29952", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00114", "scoring_system": "epss", "scoring_elements": "0.29988", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00116", "scoring_system": "epss", "scoring_elements": "0.30396", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00116", "scoring_system": "epss", "scoring_elements": "0.30305", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00116", "scoring_system": "epss", "scoring_elements": "0.30321", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00116", "scoring_system": "epss", "scoring_elements": "0.30352", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-30754" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-30754", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-30754" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2376784", "reference_id": "2376784", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2376784" }, { "reference_url": "https://www.oracle.com/security-alerts/cpujul2025.html", "reference_id": "cpujul2025.html", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-16T15:31:20Z/" } ], "url": "https://www.oracle.com/security-alerts/cpujul2025.html" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10861", "reference_id": "RHSA-2025:10861", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10861" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10862", "reference_id": "RHSA-2025:10862", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10862" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10863", "reference_id": "RHSA-2025:10863", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10863" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10864", "reference_id": "RHSA-2025:10864", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10864" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10865", "reference_id": "RHSA-2025:10865", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10865" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10866", "reference_id": "RHSA-2025:10866", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10866" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10867", "reference_id": "RHSA-2025:10867", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10867" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10868", "reference_id": "RHSA-2025:10868", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10868" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10869", "reference_id": "RHSA-2025:10869", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10869" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10870", "reference_id": "RHSA-2025:10870", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10870" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10873", "reference_id": "RHSA-2025:10873", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10873" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10874", "reference_id": "RHSA-2025:10874", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10874" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10875", "reference_id": "RHSA-2025:10875", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10875" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:13656", "reference_id": "RHSA-2025:13656", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:13656" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:13675", "reference_id": "RHSA-2025:13675", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:13675" }, { "reference_url": "https://usn.ubuntu.com/7667-1/", "reference_id": "USN-7667-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7667-1/" }, { "reference_url": "https://usn.ubuntu.com/7668-1/", "reference_id": "USN-7668-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7668-1/" }, { "reference_url": "https://usn.ubuntu.com/7669-1/", "reference_id": "USN-7669-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7669-1/" }, { "reference_url": "https://usn.ubuntu.com/7672-1/", "reference_id": "USN-7672-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7672-1/" }, { "reference_url": "https://usn.ubuntu.com/7673-1/", "reference_id": "USN-7673-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7673-1/" }, { "reference_url": "https://usn.ubuntu.com/7674-1/", "reference_id": "USN-7674-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7674-1/" }, { "reference_url": "https://usn.ubuntu.com/7690-1/", "reference_id": "USN-7690-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7690-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/933604?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.12%2B7-2~deb11u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.12%252B7-2~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933644?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.16%2B8-1~deb11u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.16%252B8-1~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933643?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.16%2B8-1~deb12u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.16%252B8-1~deb12u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933645?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.16%2B8-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.16%252B8-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933602?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.17%252B10-1~deb12u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933605?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.19~6ea-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~6ea-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1062446?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.19~9ea-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-1%3Fdistro=sid" } ], "aliases": [ "CVE-2025-30754" ], "risk_score": 2.1, "exploitability": "0.5", "weighted_severity": "4.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-p9na-7jta-9yg4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/78478?format=api", "vulnerability_id": "VCID-q5gr-6u92-6ybk", "summary": "OpenJDK: incorrect handling of NULL characters in ProcessBuilder (8295304)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-21938.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-21938.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-21938", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00087", "scoring_system": "epss", "scoring_elements": "0.25149", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00087", "scoring_system": "epss", "scoring_elements": "0.25005", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00087", "scoring_system": "epss", "scoring_elements": "0.25188", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00087", "scoring_system": "epss", "scoring_elements": "0.2496", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00087", "scoring_system": "epss", "scoring_elements": "0.25029", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00087", "scoring_system": "epss", "scoring_elements": "0.25073", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00087", "scoring_system": "epss", "scoring_elements": "0.25087", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00087", "scoring_system": "epss", "scoring_elements": "0.25047", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00087", "scoring_system": "epss", "scoring_elements": "0.24993", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-21938" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21930", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21930" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21937", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21937" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21938", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21938" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21939", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21939" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21954", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21954" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21967", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21967" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21968", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21968" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22006", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22006" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22036", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22036" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22041", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22041" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22045", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22045" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22049", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22049" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1035957", "reference_id": "1035957", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1035957" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036280", "reference_id": "1036280", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036280" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2187758", "reference_id": "2187758", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2187758" }, { "reference_url": "https://www.debian.org/security/2023/dsa-5430", "reference_id": "dsa-5430", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-16T14:39:35Z/" } ], "url": "https://www.debian.org/security/2023/dsa-5430" }, { "reference_url": "https://www.debian.org/security/2023/dsa-5478", "reference_id": "dsa-5478", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-16T14:39:35Z/" } ], "url": "https://www.debian.org/security/2023/dsa-5478" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00018.html", "reference_id": "msg00018.html", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-16T14:39:35Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00018.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20230427-0008/", "reference_id": "ntap-20230427-0008", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-16T14:39:35Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20230427-0008/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1875", "reference_id": "RHSA-2023:1875", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1875" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1877", "reference_id": "RHSA-2023:1877", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1877" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1878", "reference_id": "RHSA-2023:1878", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1878" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1879", "reference_id": "RHSA-2023:1879", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1879" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1880", "reference_id": "RHSA-2023:1880", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1880" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1882", "reference_id": "RHSA-2023:1882", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1882" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1883", "reference_id": "RHSA-2023:1883", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1883" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1884", "reference_id": "RHSA-2023:1884", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1884" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1885", "reference_id": "RHSA-2023:1885", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1885" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1889", "reference_id": "RHSA-2023:1889", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1889" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1890", "reference_id": "RHSA-2023:1890", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1890" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1891", "reference_id": "RHSA-2023:1891", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1891" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1892", "reference_id": "RHSA-2023:1892", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1892" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1895", "reference_id": "RHSA-2023:1895", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1895" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1898", "reference_id": "RHSA-2023:1898", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1898" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1899", "reference_id": "RHSA-2023:1899", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1899" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1900", "reference_id": "RHSA-2023:1900", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1900" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1903", "reference_id": "RHSA-2023:1903", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1903" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1904", "reference_id": "RHSA-2023:1904", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1904" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1905", "reference_id": "RHSA-2023:1905", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1905" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1906", "reference_id": "RHSA-2023:1906", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1906" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1907", "reference_id": "RHSA-2023:1907", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1907" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1908", "reference_id": "RHSA-2023:1908", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1908" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1909", "reference_id": "RHSA-2023:1909", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1909" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1910", "reference_id": "RHSA-2023:1910", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1910" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1911", "reference_id": "RHSA-2023:1911", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1911" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1912", "reference_id": "RHSA-2023:1912", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1912" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4103", "reference_id": "RHSA-2023:4103", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4103" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4160", "reference_id": "RHSA-2023:4160", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4160" }, { "reference_url": "https://usn.ubuntu.com/6077-1/", "reference_id": "USN-6077-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6077-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/933619?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.7%2B7-1~deb11u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.7%252B7-1~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933618?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.7%2B7-1~deb12u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.7%252B7-1~deb12u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933620?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.7%2B7-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.7%252B7-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933604?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.12%2B7-2~deb11u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.12%252B7-2~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933602?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.17%252B10-1~deb12u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933605?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.19~6ea-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~6ea-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1062446?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.19~9ea-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-1%3Fdistro=sid" } ], "aliases": [ "CVE-2023-21938" ], "risk_score": 1.6, "exploitability": "0.5", "weighted_severity": "3.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-q5gr-6u92-6ybk" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/53969?format=api", "vulnerability_id": "VCID-rfs8-njaq-qkc8", "summary": "Apache Xalan Java XSLT library integer truncation issue when processing malicious XSLT stylesheets\nThe Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets. This can be used to corrupt Java class files generated by the internal XSLTC compiler and execute arbitrary Java bytecode.\n\nA fix for this issue was published in September 2022 as part of an anticipated 2.7.3 release.", "references": [ { "reference_url": "http://packetstormsecurity.com/files/168186/Xalan-J-XSLTC-Integer-Truncation.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://packetstormsecurity.com/files/168186/Xalan-J-XSLTC-Integer-Truncation.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-34169.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-34169.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-34169", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.06658", "scoring_system": "epss", "scoring_elements": "0.91216", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.06658", "scoring_system": "epss", "scoring_elements": "0.91212", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.06658", "scoring_system": "epss", "scoring_elements": "0.91206", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.06658", "scoring_system": "epss", "scoring_elements": "0.91199", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.06658", "scoring_system": "epss", "scoring_elements": "0.91186", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.06658", "scoring_system": "epss", "scoring_elements": "0.91215", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.06658", "scoring_system": "epss", "scoring_elements": "0.91239", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.08992", "scoring_system": "epss", "scoring_elements": "0.92592", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.08992", "scoring_system": "epss", "scoring_elements": "0.92585", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-34169" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21540", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21540" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21541", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21541" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21549", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21549" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34169", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34169" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://gitbox.apache.org/repos/asf?p=xalan-java.git", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://gitbox.apache.org/repos/asf?p=xalan-java.git" }, { "reference_url": "https://gitbox.apache.org/repos/asf?p=xalan-java.git;a=commit;h=2e60d0a9a5b822c4abf9051857973b1c6babfe81", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://gitbox.apache.org/repos/asf?p=xalan-java.git;a=commit;h=2e60d0a9a5b822c4abf9051857973b1c6babfe81" }, { "reference_url": "https://gitbox.apache.org/repos/asf?p=xalan-java.git;a=commit;h=ab57211e5d2e97cbed06786f919fa9b749c83573", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://gitbox.apache.org/repos/asf?p=xalan-java.git;a=commit;h=ab57211e5d2e97cbed06786f919fa9b749c83573" }, { "reference_url": "https://gitbox.apache.org/repos/asf?p=xalan-java.git;a=commit;h=da3e0d06b467247643ce04e88d3346739d119f21", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://gitbox.apache.org/repos/asf?p=xalan-java.git;a=commit;h=da3e0d06b467247643ce04e88d3346739d119f21" }, { "reference_url": "https://lists.apache.org/thread/12pxy4phsry6c34x2ol4fft6xlho4kyw", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread/12pxy4phsry6c34x2ol4fft6xlho4kyw" }, { "reference_url": "https://lists.apache.org/thread/2qvl7r43wb4t8p9dd9om1bnkssk07sn8", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread/2qvl7r43wb4t8p9dd9om1bnkssk07sn8" }, { "reference_url": "https://lists.apache.org/thread/x3f7xv3p1g32qj2hlg8wd57pwcpld471", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.apache.org/thread/x3f7xv3p1g32qj2hlg8wd57pwcpld471" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2022/10/msg00024.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.debian.org/debian-lts-announce/2022/10/msg00024.html" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/H4YNJSJ64NPCNKFPNBYITNZU5H3L4D6L", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/H4YNJSJ64NPCNKFPNBYITNZU5H3L4D6L" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I5OZNAZJ4YHLOKRRRZSWRT5OJ25E4XLM", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I5OZNAZJ4YHLOKRRRZSWRT5OJ25E4XLM" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JN3EVGR7FD3ZLV5SBTJXUIDCMSK4QUE2", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JN3EVGR7FD3ZLV5SBTJXUIDCMSK4QUE2" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KO3DXNKZ4EU3UZBT6AAR4XRKCD73KLMO", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KO3DXNKZ4EU3UZBT6AAR4XRKCD73KLMO" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L3XPOTPPBZIPFBZHQE5E7OW6PDACUMCJ", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L3XPOTPPBZIPFBZHQE5E7OW6PDACUMCJ" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YULPNO3PAWMEQQZV2C54I3H3ZOXFZUTB", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YULPNO3PAWMEQQZV2C54I3H3ZOXFZUTB" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/H4YNJSJ64NPCNKFPNBYITNZU5H3L4D6L", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/H4YNJSJ64NPCNKFPNBYITNZU5H3L4D6L" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I5OZNAZJ4YHLOKRRRZSWRT5OJ25E4XLM", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I5OZNAZJ4YHLOKRRRZSWRT5OJ25E4XLM" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JN3EVGR7FD3ZLV5SBTJXUIDCMSK4QUE2", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JN3EVGR7FD3ZLV5SBTJXUIDCMSK4QUE2" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KO3DXNKZ4EU3UZBT6AAR4XRKCD73KLMO", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KO3DXNKZ4EU3UZBT6AAR4XRKCD73KLMO" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L3XPOTPPBZIPFBZHQE5E7OW6PDACUMCJ", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L3XPOTPPBZIPFBZHQE5E7OW6PDACUMCJ" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YULPNO3PAWMEQQZV2C54I3H3ZOXFZUTB", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YULPNO3PAWMEQQZV2C54I3H3ZOXFZUTB" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-34169", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-34169" }, { "reference_url": "https://security.gentoo.org/glsa/202401-25", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.gentoo.org/glsa/202401-25" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20220729-0009", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.netapp.com/advisory/ntap-20220729-0009" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20240621-0006", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.netapp.com/advisory/ntap-20240621-0006" }, { "reference_url": "https://www.debian.org/security/2022/dsa-5188", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.debian.org/security/2022/dsa-5188" }, { "reference_url": "https://www.debian.org/security/2022/dsa-5192", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.debian.org/security/2022/dsa-5192" }, { "reference_url": "https://www.debian.org/security/2022/dsa-5256", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.debian.org/security/2022/dsa-5256" }, { "reference_url": "https://www.oracle.com/security-alerts/cpujul2022.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.oracle.com/security-alerts/cpujul2022.html" }, { "reference_url": "https://xalan.apache.org", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://xalan.apache.org" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2022/07/19/5", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.openwall.com/lists/oss-security/2022/07/19/5" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2022/07/19/6", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.openwall.com/lists/oss-security/2022/07/19/6" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2022/07/20/2", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.openwall.com/lists/oss-security/2022/07/20/2" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2022/07/20/3", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.openwall.com/lists/oss-security/2022/07/20/3" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2022/10/18/2", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.openwall.com/lists/oss-security/2022/10/18/2" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2022/11/04/8", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.openwall.com/lists/oss-security/2022/11/04/8" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2022/11/07/2", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.openwall.com/lists/oss-security/2022/11/07/2" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1015860", "reference_id": "1015860", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1015860" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2108554", "reference_id": "2108554", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2108554" }, { "reference_url": "https://github.com/advisories/GHSA-9339-86wc-4qgf", "reference_id": "GHSA-9339-86wc-4qgf", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-9339-86wc-4qgf" }, { "reference_url": "https://security.gentoo.org/glsa/202405-16", "reference_id": "GLSA-202405-16", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202405-16" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5681", "reference_id": "RHSA-2022:5681", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5681" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5683", "reference_id": "RHSA-2022:5683", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5683" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5684", "reference_id": "RHSA-2022:5684", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5684" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5685", "reference_id": "RHSA-2022:5685", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5685" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5687", "reference_id": "RHSA-2022:5687", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5687" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5695", "reference_id": "RHSA-2022:5695", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5695" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5696", "reference_id": "RHSA-2022:5696", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5696" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5697", "reference_id": "RHSA-2022:5697", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5697" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5698", "reference_id": "RHSA-2022:5698", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5698" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5700", "reference_id": "RHSA-2022:5700", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5700" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5701", "reference_id": "RHSA-2022:5701", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5701" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5709", "reference_id": "RHSA-2022:5709", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5709" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5726", "reference_id": "RHSA-2022:5726", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5726" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5736", "reference_id": "RHSA-2022:5736", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5736" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5753", "reference_id": "RHSA-2022:5753", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5753" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5754", "reference_id": "RHSA-2022:5754", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5754" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5755", "reference_id": "RHSA-2022:5755", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5755" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5756", "reference_id": "RHSA-2022:5756", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5756" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5757", "reference_id": "RHSA-2022:5757", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5757" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5758", "reference_id": "RHSA-2022:5758", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5758" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:3708", "reference_id": "RHSA-2024:3708", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:3708" }, { "reference_url": "https://usn.ubuntu.com/5546-1/", "reference_id": "USN-5546-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5546-1/" }, { "reference_url": "https://usn.ubuntu.com/5546-2/", "reference_id": "USN-5546-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5546-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/933614?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.4%2B8-1~deb11u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.4%252B8-1~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933613?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.4%2B8-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.4%252B8-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933604?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.12%2B7-2~deb11u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.12%252B7-2~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933602?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.17%252B10-1~deb12u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933605?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.19~6ea-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~6ea-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1062446?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.19~9ea-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-1%3Fdistro=sid" } ], "aliases": [ "CVE-2022-34169", "GHSA-9339-86wc-4qgf" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-rfs8-njaq-qkc8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/34362?format=api", "vulnerability_id": "VCID-rgbz-akft-f7e6", "summary": "Multiple vulnerabilities have been found in OpenJDK, the worst of which could result in denial of service.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21296.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21296.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-21296", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00133", "scoring_system": "epss", "scoring_elements": "0.33007", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00133", "scoring_system": "epss", "scoring_elements": "0.33041", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00133", "scoring_system": "epss", "scoring_elements": "0.32871", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00133", "scoring_system": "epss", "scoring_elements": "0.32918", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00133", "scoring_system": "epss", "scoring_elements": "0.32948", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00133", "scoring_system": "epss", "scoring_elements": "0.3295", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00133", "scoring_system": "epss", "scoring_elements": "0.32912", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00133", "scoring_system": "epss", "scoring_elements": "0.32887", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00133", "scoring_system": "epss", "scoring_elements": "0.32926", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-21296" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21248", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21248" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21277", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21277" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21282", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21282" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21283", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21283" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21291", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21291" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21293", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21293" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21294", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21294" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21296", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21296" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21299", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21299" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21305", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21305" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21340", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21340" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21341", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21341" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21360", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21360" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21365", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21365" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21366", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21366" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2041439", "reference_id": "2041439", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2041439" }, { "reference_url": "https://security.gentoo.org/glsa/202209-05", "reference_id": "GLSA-202209-05", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202209-05" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0161", "reference_id": "RHSA-2022:0161", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0161" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0165", "reference_id": "RHSA-2022:0165", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0165" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0166", "reference_id": "RHSA-2022:0166", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0166" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0185", "reference_id": "RHSA-2022:0185", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0185" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0204", "reference_id": "RHSA-2022:0204", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0204" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0209", "reference_id": "RHSA-2022:0209", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0209" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0211", "reference_id": "RHSA-2022:0211", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0211" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0228", "reference_id": "RHSA-2022:0228", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0228" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0229", "reference_id": "RHSA-2022:0229", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0229" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0233", "reference_id": "RHSA-2022:0233", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0233" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0304", "reference_id": "RHSA-2022:0304", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0304" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0305", "reference_id": "RHSA-2022:0305", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0305" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0306", "reference_id": "RHSA-2022:0306", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0306" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0307", "reference_id": "RHSA-2022:0307", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0307" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0312", "reference_id": "RHSA-2022:0312", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0312" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0317", "reference_id": "RHSA-2022:0317", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0317" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0321", "reference_id": "RHSA-2022:0321", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0321" }, { "reference_url": "https://usn.ubuntu.com/5313-1/", "reference_id": "USN-5313-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5313-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/933610?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.2%2B8-1~deb11u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.2%252B8-1~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933609?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.2%2B8-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.2%252B8-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933604?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.12%2B7-2~deb11u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.12%252B7-2~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933602?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.17%252B10-1~deb12u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933605?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.19~6ea-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~6ea-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1062446?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.19~9ea-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-1%3Fdistro=sid" } ], "aliases": [ "CVE-2022-21296" ], "risk_score": 2.4, "exploitability": "0.5", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-rgbz-akft-f7e6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/74713?format=api", "vulnerability_id": "VCID-rggy-f3va-mfay", "summary": "OpenJDK: RangeCheckElimination array index overflow (8323231)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21147.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21147.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-21147", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00721", "scoring_system": "epss", "scoring_elements": "0.72522", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00721", "scoring_system": "epss", "scoring_elements": "0.72472", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00721", "scoring_system": "epss", "scoring_elements": "0.72485", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00721", "scoring_system": "epss", "scoring_elements": "0.72508", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00721", "scoring_system": "epss", "scoring_elements": "0.7249", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00721", "scoring_system": "epss", "scoring_elements": "0.7248", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00721", "scoring_system": "epss", "scoring_elements": "0.7244", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00721", "scoring_system": "epss", "scoring_elements": "0.72458", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00721", "scoring_system": "epss", "scoring_elements": "0.72434", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-21147" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21131", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21131" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21138", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21138" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21140", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21140" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21144", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21144" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21145", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21145" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21147", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21147" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2297977", "reference_id": "2297977", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2297977" }, { "reference_url": "https://www.oracle.com/security-alerts/cpujul2024.html", "reference_id": "cpujul2024.html", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-17T13:58:31Z/" } ], "url": "https://www.oracle.com/security-alerts/cpujul2024.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20240719-0008/", "reference_id": "ntap-20240719-0008", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-17T13:58:31Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20240719-0008/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4560", "reference_id": "RHSA-2024:4560", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4560" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4561", "reference_id": "RHSA-2024:4561", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4561" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4562", "reference_id": "RHSA-2024:4562", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4562" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4563", "reference_id": "RHSA-2024:4563", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4563" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4564", "reference_id": "RHSA-2024:4564", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4564" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4565", "reference_id": "RHSA-2024:4565", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4565" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4566", "reference_id": "RHSA-2024:4566", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4566" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4567", "reference_id": "RHSA-2024:4567", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4567" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4568", "reference_id": "RHSA-2024:4568", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4568" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4569", "reference_id": "RHSA-2024:4569", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4569" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4570", "reference_id": "RHSA-2024:4570", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4570" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4571", "reference_id": "RHSA-2024:4571", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4571" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4572", "reference_id": "RHSA-2024:4572", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4572" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4573", "reference_id": "RHSA-2024:4573", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4573" }, { "reference_url": "https://usn.ubuntu.com/6929-1/", "reference_id": "USN-6929-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6929-1/" }, { "reference_url": "https://usn.ubuntu.com/6930-1/", "reference_id": "USN-6930-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6930-1/" }, { "reference_url": "https://usn.ubuntu.com/6931-1/", "reference_id": "USN-6931-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6931-1/" }, { "reference_url": "https://usn.ubuntu.com/6932-1/", "reference_id": "USN-6932-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6932-1/" }, { "reference_url": "https://usn.ubuntu.com/7096-1/", "reference_id": "USN-7096-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7096-1/" }, { "reference_url": "https://usn.ubuntu.com/7097-1/", "reference_id": "USN-7097-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7097-1/" }, { "reference_url": "https://usn.ubuntu.com/7098-1/", "reference_id": "USN-7098-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7098-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/933633?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.12%2B7-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.12%252B7-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933604?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.12%2B7-2~deb11u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.12%252B7-2~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933632?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.12%2B7-2~deb12u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.12%252B7-2~deb12u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933602?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.17%252B10-1~deb12u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933605?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.19~6ea-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~6ea-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1062446?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.19~9ea-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-1%3Fdistro=sid" } ], "aliases": [ "CVE-2024-21147" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.7", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-rggy-f3va-mfay" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/34365?format=api", "vulnerability_id": "VCID-shg1-t3nh-67hk", "summary": "Multiple vulnerabilities have been found in OpenJDK, the worst of which could result in denial of service.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21305.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21305.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-21305", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00231", "scoring_system": "epss", "scoring_elements": "0.45854", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00231", "scoring_system": "epss", "scoring_elements": "0.45875", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00231", "scoring_system": "epss", "scoring_elements": "0.45825", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00231", "scoring_system": "epss", "scoring_elements": "0.45881", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00231", "scoring_system": "epss", "scoring_elements": "0.45878", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00231", "scoring_system": "epss", "scoring_elements": "0.459", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00231", "scoring_system": "epss", "scoring_elements": "0.4587", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00231", "scoring_system": "epss", "scoring_elements": "0.45877", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00231", "scoring_system": "epss", "scoring_elements": "0.4593", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-21305" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21248", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21248" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21277", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21277" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21282", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21282" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21283", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21283" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21291", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21291" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21293", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21293" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21294", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21294" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21296", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21296" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21299", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21299" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21305", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21305" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21340", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21340" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21341", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21341" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21360", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21360" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21365", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21365" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21366", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21366" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2041878", "reference_id": "2041878", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2041878" }, { "reference_url": "https://security.gentoo.org/glsa/202209-05", "reference_id": "GLSA-202209-05", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202209-05" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0161", "reference_id": "RHSA-2022:0161", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0161" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0165", "reference_id": "RHSA-2022:0165", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0165" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0166", "reference_id": "RHSA-2022:0166", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0166" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0185", "reference_id": "RHSA-2022:0185", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0185" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0204", "reference_id": "RHSA-2022:0204", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0204" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0209", "reference_id": "RHSA-2022:0209", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0209" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0211", "reference_id": "RHSA-2022:0211", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0211" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0228", "reference_id": "RHSA-2022:0228", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0228" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0229", "reference_id": "RHSA-2022:0229", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0229" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0233", "reference_id": "RHSA-2022:0233", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0233" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0304", "reference_id": "RHSA-2022:0304", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0304" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0305", "reference_id": "RHSA-2022:0305", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0305" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0306", "reference_id": "RHSA-2022:0306", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0306" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0307", "reference_id": "RHSA-2022:0307", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0307" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0312", "reference_id": "RHSA-2022:0312", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0312" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0317", "reference_id": "RHSA-2022:0317", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0317" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0321", "reference_id": "RHSA-2022:0321", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0321" }, { "reference_url": "https://usn.ubuntu.com/5313-1/", "reference_id": "USN-5313-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5313-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/933610?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.2%2B8-1~deb11u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.2%252B8-1~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933609?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.2%2B8-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.2%252B8-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933604?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.12%2B7-2~deb11u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.12%252B7-2~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933602?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.17%252B10-1~deb12u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933605?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.19~6ea-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~6ea-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1062446?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.19~9ea-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-1%3Fdistro=sid" } ], "aliases": [ "CVE-2022-21305" ], "risk_score": 2.4, "exploitability": "0.5", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-shg1-t3nh-67hk" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/60301?format=api", "vulnerability_id": "VCID-t4r8-ujpb-5kdk", "summary": "Multiple vulnerabilities have been discovered in OpenJDK, the worst of which can lead to remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21541.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21541.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-21541", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00401", "scoring_system": "epss", "scoring_elements": "0.60711", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00401", "scoring_system": "epss", "scoring_elements": "0.60804", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00401", "scoring_system": "epss", "scoring_elements": "0.60741", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00401", "scoring_system": "epss", "scoring_elements": "0.60706", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00401", "scoring_system": "epss", "scoring_elements": "0.60755", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00401", "scoring_system": "epss", "scoring_elements": "0.6077", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00401", "scoring_system": "epss", "scoring_elements": "0.60795", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00401", "scoring_system": "epss", "scoring_elements": "0.60781", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00401", "scoring_system": "epss", "scoring_elements": "0.60761", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-21541" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21540", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21540" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21541", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21541" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21549", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21549" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34169", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34169" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2108543", "reference_id": "2108543", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2108543" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/H4YNJSJ64NPCNKFPNBYITNZU5H3L4D6L/", "reference_id": "H4YNJSJ64NPCNKFPNBYITNZU5H3L4D6L", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-11T20:42:01Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/H4YNJSJ64NPCNKFPNBYITNZU5H3L4D6L/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I5OZNAZJ4YHLOKRRRZSWRT5OJ25E4XLM/", "reference_id": "I5OZNAZJ4YHLOKRRRZSWRT5OJ25E4XLM", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-11T20:42:01Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I5OZNAZJ4YHLOKRRRZSWRT5OJ25E4XLM/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JN3EVGR7FD3ZLV5SBTJXUIDCMSK4QUE2/", "reference_id": "JN3EVGR7FD3ZLV5SBTJXUIDCMSK4QUE2", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-11T20:42:01Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JN3EVGR7FD3ZLV5SBTJXUIDCMSK4QUE2/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KO3DXNKZ4EU3UZBT6AAR4XRKCD73KLMO/", "reference_id": "KO3DXNKZ4EU3UZBT6AAR4XRKCD73KLMO", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-11T20:42:01Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KO3DXNKZ4EU3UZBT6AAR4XRKCD73KLMO/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L3XPOTPPBZIPFBZHQE5E7OW6PDACUMCJ/", "reference_id": "L3XPOTPPBZIPFBZHQE5E7OW6PDACUMCJ", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-11T20:42:01Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L3XPOTPPBZIPFBZHQE5E7OW6PDACUMCJ/" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20220729-0009/", "reference_id": "ntap-20220729-0009", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-11T20:42:01Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20220729-0009/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5681", "reference_id": "RHSA-2022:5681", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5681" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5683", "reference_id": "RHSA-2022:5683", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5683" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5684", "reference_id": "RHSA-2022:5684", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5684" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5685", "reference_id": "RHSA-2022:5685", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5685" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5687", "reference_id": "RHSA-2022:5687", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5687" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5695", "reference_id": "RHSA-2022:5695", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5695" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5696", "reference_id": "RHSA-2022:5696", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5696" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5697", "reference_id": "RHSA-2022:5697", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5697" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5698", "reference_id": "RHSA-2022:5698", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5698" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5700", "reference_id": "RHSA-2022:5700", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5700" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5701", "reference_id": "RHSA-2022:5701", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5701" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5709", "reference_id": "RHSA-2022:5709", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5709" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5726", "reference_id": "RHSA-2022:5726", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5726" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5736", "reference_id": "RHSA-2022:5736", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5736" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5753", "reference_id": "RHSA-2022:5753", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5753" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5754", "reference_id": "RHSA-2022:5754", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5754" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5755", "reference_id": "RHSA-2022:5755", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5755" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5756", "reference_id": "RHSA-2022:5756", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5756" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5757", "reference_id": "RHSA-2022:5757", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5757" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5758", "reference_id": "RHSA-2022:5758", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5758" }, { "reference_url": "https://usn.ubuntu.com/5546-1/", "reference_id": "USN-5546-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5546-1/" }, { "reference_url": "https://usn.ubuntu.com/5546-2/", "reference_id": "USN-5546-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5546-2/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YULPNO3PAWMEQQZV2C54I3H3ZOXFZUTB/", "reference_id": "YULPNO3PAWMEQQZV2C54I3H3ZOXFZUTB", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-11T20:42:01Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YULPNO3PAWMEQQZV2C54I3H3ZOXFZUTB/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/933614?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.4%2B8-1~deb11u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.4%252B8-1~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933613?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.4%2B8-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.4%252B8-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933604?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.12%2B7-2~deb11u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.12%252B7-2~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933602?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.17%252B10-1~deb12u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933605?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.19~6ea-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~6ea-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1062446?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.19~9ea-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-1%3Fdistro=sid" } ], "aliases": [ "CVE-2022-21541" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-t4r8-ujpb-5kdk" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/34357?format=api", "vulnerability_id": "VCID-tna8-m3b1-nkhn", "summary": "Multiple vulnerabilities have been found in OpenJDK, the worst of which could result in denial of service.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21291.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21291.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-21291", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00126", "scoring_system": "epss", "scoring_elements": "0.32017", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00126", "scoring_system": "epss", "scoring_elements": "0.32057", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00133", "scoring_system": "epss", "scoring_elements": "0.32861", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00133", "scoring_system": "epss", "scoring_elements": "0.32862", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00133", "scoring_system": "epss", "scoring_elements": "0.32824", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00133", "scoring_system": "epss", "scoring_elements": "0.32799", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00133", "scoring_system": "epss", "scoring_elements": "0.32841", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00133", "scoring_system": "epss", "scoring_elements": "0.32785", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00133", "scoring_system": "epss", "scoring_elements": "0.32832", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-21291" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21248", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21248" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21277", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21277" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21282", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21282" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21283", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21283" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21291", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21291" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21293", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21293" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21294", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21294" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21296", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21296" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21299", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21299" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21305", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21305" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21340", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21340" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21341", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21341" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21360", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21360" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21365", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21365" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21366", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21366" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2041831", "reference_id": "2041831", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2041831" }, { "reference_url": "https://security.gentoo.org/glsa/202209-05", "reference_id": "GLSA-202209-05", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202209-05" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0161", "reference_id": "RHSA-2022:0161", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0161" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0165", "reference_id": "RHSA-2022:0165", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0165" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0166", "reference_id": "RHSA-2022:0166", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0166" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0185", "reference_id": "RHSA-2022:0185", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0185" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0204", "reference_id": "RHSA-2022:0204", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0204" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0209", "reference_id": "RHSA-2022:0209", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0209" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0211", "reference_id": "RHSA-2022:0211", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0211" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0228", "reference_id": "RHSA-2022:0228", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0228" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0229", "reference_id": "RHSA-2022:0229", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0229" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0233", "reference_id": "RHSA-2022:0233", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0233" }, { "reference_url": "https://usn.ubuntu.com/5313-1/", "reference_id": "USN-5313-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5313-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/933610?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.2%2B8-1~deb11u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.2%252B8-1~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933609?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.2%2B8-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.2%252B8-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933604?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.12%2B7-2~deb11u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.12%252B7-2~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933602?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.17%252B10-1~deb12u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933605?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.19~6ea-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~6ea-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1062446?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.19~9ea-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-1%3Fdistro=sid" } ], "aliases": [ "CVE-2022-21291" ], "risk_score": 2.4, "exploitability": "0.5", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-tna8-m3b1-nkhn" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/34367?format=api", "vulnerability_id": "VCID-tr4r-wm4s-auej", "summary": "Multiple vulnerabilities have been found in OpenJDK, the worst of which could result in denial of service.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21340.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21340.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-21340", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.06446", "scoring_system": "epss", "scoring_elements": "0.91022", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.06446", "scoring_system": "epss", "scoring_elements": "0.91031", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.06446", "scoring_system": "epss", "scoring_elements": "0.9104", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.06446", "scoring_system": "epss", "scoring_elements": "0.91052", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.06446", "scoring_system": "epss", "scoring_elements": "0.91059", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.06446", "scoring_system": "epss", "scoring_elements": "0.91067", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.06446", "scoring_system": "epss", "scoring_elements": "0.91091", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-21340" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21248", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21248" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21277", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21277" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21282", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21282" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21283", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21283" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21291", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21291" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21293", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21293" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21294", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21294" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21296", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21296" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21299", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21299" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21305", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21305" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21340", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21340" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21341", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21341" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21360", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21360" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21365", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21365" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21366", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21366" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2041884", "reference_id": "2041884", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2041884" }, { "reference_url": "https://security.gentoo.org/glsa/202209-05", "reference_id": "GLSA-202209-05", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202209-05" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0161", "reference_id": "RHSA-2022:0161", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0161" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0165", "reference_id": "RHSA-2022:0165", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0165" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0166", "reference_id": "RHSA-2022:0166", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0166" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0185", "reference_id": "RHSA-2022:0185", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0185" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0204", "reference_id": "RHSA-2022:0204", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0204" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0209", "reference_id": "RHSA-2022:0209", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0209" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0211", "reference_id": "RHSA-2022:0211", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0211" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0228", "reference_id": "RHSA-2022:0228", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0228" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0229", "reference_id": "RHSA-2022:0229", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0229" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0233", "reference_id": "RHSA-2022:0233", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0233" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0304", "reference_id": "RHSA-2022:0304", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0304" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0305", "reference_id": "RHSA-2022:0305", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0305" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0306", "reference_id": "RHSA-2022:0306", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0306" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0307", "reference_id": "RHSA-2022:0307", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0307" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0312", "reference_id": "RHSA-2022:0312", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0312" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0317", "reference_id": "RHSA-2022:0317", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0317" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0321", "reference_id": "RHSA-2022:0321", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0321" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0968", "reference_id": "RHSA-2022:0968", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0968" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0969", "reference_id": "RHSA-2022:0969", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0969" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0970", "reference_id": "RHSA-2022:0970", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0970" }, { "reference_url": "https://usn.ubuntu.com/5313-1/", "reference_id": "USN-5313-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5313-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/933610?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.2%2B8-1~deb11u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.2%252B8-1~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933609?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.2%2B8-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.2%252B8-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933604?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.12%2B7-2~deb11u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.12%252B7-2~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933602?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.17%252B10-1~deb12u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933605?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.19~6ea-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~6ea-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1062446?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.19~9ea-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-1%3Fdistro=sid" } ], "aliases": [ "CVE-2022-21340" ], "risk_score": 2.4, "exploitability": "0.5", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-tr4r-wm4s-auej" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/70363?format=api", "vulnerability_id": "VCID-u81s-cs95-4yhx", "summary": "openjdk: Better TLS connection support (Oracle CPU 2025-04)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-21587.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-21587.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-21587", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00575", "scoring_system": "epss", "scoring_elements": "0.687", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00575", "scoring_system": "epss", "scoring_elements": "0.68788", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00575", "scoring_system": "epss", "scoring_elements": "0.68789", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00575", "scoring_system": "epss", "scoring_elements": "0.68775", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00575", "scoring_system": "epss", "scoring_elements": "0.68746", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00575", "scoring_system": "epss", "scoring_elements": "0.68718", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00575", "scoring_system": "epss", "scoring_elements": "0.68696", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00575", "scoring_system": "epss", "scoring_elements": "0.68748", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00575", "scoring_system": "epss", "scoring_elements": "0.68767", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-21587" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21587", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21587" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103897", "reference_id": "1103897", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103897" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103898", "reference_id": "1103898", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103898" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103899", "reference_id": "1103899", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103899" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103900", "reference_id": "1103900", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103900" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2359695", "reference_id": "2359695", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2359695" }, { "reference_url": "https://www.oracle.com/security-alerts/cpuapr2025.html", "reference_id": "cpuapr2025.html", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-17T03:55:41Z/" } ], "url": "https://www.oracle.com/security-alerts/cpuapr2025.html" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3844", "reference_id": "RHSA-2025:3844", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3844" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3845", "reference_id": "RHSA-2025:3845", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3845" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3846", "reference_id": "RHSA-2025:3846", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3846" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3847", "reference_id": "RHSA-2025:3847", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3847" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3848", "reference_id": "RHSA-2025:3848", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3848" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3849", "reference_id": "RHSA-2025:3849", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3849" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3850", "reference_id": "RHSA-2025:3850", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3850" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3852", "reference_id": "RHSA-2025:3852", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3852" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3853", "reference_id": "RHSA-2025:3853", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3853" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3854", "reference_id": "RHSA-2025:3854", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3854" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3855", "reference_id": "RHSA-2025:3855", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3855" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3856", "reference_id": "RHSA-2025:3856", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3856" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3857", "reference_id": "RHSA-2025:3857", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3857" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7508", "reference_id": "RHSA-2025:7508", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:7508" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8063", "reference_id": "RHSA-2025:8063", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8063" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8431", "reference_id": "RHSA-2025:8431", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8431" }, { "reference_url": "https://usn.ubuntu.com/7480-1/", "reference_id": "USN-7480-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7480-1/" }, { "reference_url": "https://usn.ubuntu.com/7481-1/", "reference_id": "USN-7481-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7481-1/" }, { "reference_url": "https://usn.ubuntu.com/7482-1/", "reference_id": "USN-7482-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7482-1/" }, { "reference_url": "https://usn.ubuntu.com/7483-1/", "reference_id": "USN-7483-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7483-1/" }, { "reference_url": "https://usn.ubuntu.com/7484-1/", "reference_id": "USN-7484-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7484-1/" }, { "reference_url": "https://usn.ubuntu.com/7531-1/", "reference_id": "USN-7531-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7531-1/" }, { "reference_url": "https://usn.ubuntu.com/7533-1/", "reference_id": "USN-7533-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7533-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/933604?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.12%2B7-2~deb11u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.12%252B7-2~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933641?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.15%2B6-1~deb11u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.15%252B6-1~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933640?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.15%2B6-1~deb12u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.15%252B6-1~deb12u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933642?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.15%2B6-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.15%252B6-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933602?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.17%252B10-1~deb12u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933605?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.19~6ea-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~6ea-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1062446?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.19~9ea-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-1%3Fdistro=sid" } ], "aliases": [ "CVE-2025-21587" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.7", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-u81s-cs95-4yhx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/34331?format=api", "vulnerability_id": "VCID-u9xe-x4f1-9fc8", "summary": "Multiple vulnerabilities have been found in OpenJDK, the worst of which could result in denial of service.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-2163.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-2163.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-2163", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00097", "scoring_system": "epss", "scoring_elements": "0.26911", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00097", "scoring_system": "epss", "scoring_elements": "0.26803", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00097", "scoring_system": "epss", "scoring_elements": "0.2695", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00097", "scoring_system": "epss", "scoring_elements": "0.26986", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00097", "scoring_system": "epss", "scoring_elements": "0.26777", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00097", "scoring_system": "epss", "scoring_elements": "0.26846", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00097", "scoring_system": "epss", "scoring_elements": "0.26893", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00097", "scoring_system": "epss", "scoring_elements": "0.26896", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00097", "scoring_system": "epss", "scoring_elements": "0.26852", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00097", "scoring_system": "epss", "scoring_elements": "0.26795", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-2163" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-2163", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-2163" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1951217", "reference_id": "1951217", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1951217" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5ACX4JEVYH6H4PSMGMYWTGABPOFPH3TS/", "reference_id": "5ACX4JEVYH6H4PSMGMYWTGABPOFPH3TS", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T14:44:06Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5ACX4JEVYH6H4PSMGMYWTGABPOFPH3TS/" }, { "reference_url": "https://security.archlinux.org/AVG-1847", "reference_id": "AVG-1847", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1847" }, { "reference_url": "https://security.archlinux.org/AVG-1848", "reference_id": "AVG-1848", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1848" }, { "reference_url": "https://security.archlinux.org/AVG-1849", "reference_id": "AVG-1849", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1849" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CFXOKM2233JVGYDOWW77BN54X3GZTIBK/", "reference_id": "CFXOKM2233JVGYDOWW77BN54X3GZTIBK", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T14:44:06Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CFXOKM2233JVGYDOWW77BN54X3GZTIBK/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CG7EWXSO6JUCVHP7R3SOZQ7WPNBOISJH/", "reference_id": "CG7EWXSO6JUCVHP7R3SOZQ7WPNBOISJH", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T14:44:06Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CG7EWXSO6JUCVHP7R3SOZQ7WPNBOISJH/" }, { "reference_url": "https://www.debian.org/security/2021/dsa-4899", "reference_id": "dsa-4899", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T14:44:06Z/" } ], "url": "https://www.debian.org/security/2021/dsa-4899" }, { "reference_url": "https://security.gentoo.org/glsa/202209-05", "reference_id": "GLSA-202209-05", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T14:44:06Z/" } ], "url": "https://security.gentoo.org/glsa/202209-05" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MAULPCQFLAMBJIS27YLNNX6IHRFJMVP4/", "reference_id": "MAULPCQFLAMBJIS27YLNNX6IHRFJMVP4", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T14:44:06Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MAULPCQFLAMBJIS27YLNNX6IHRFJMVP4/" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2021/04/msg00021.html", "reference_id": "msg00021.html", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T14:44:06Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2021/04/msg00021.html" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MVDY4T5XMSYDQT6RRKPMRCV4MVGS7KXF/", "reference_id": "MVDY4T5XMSYDQT6RRKPMRCV4MVGS7KXF", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T14:44:06Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MVDY4T5XMSYDQT6RRKPMRCV4MVGS7KXF/" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20210513-0001/", "reference_id": "ntap-20210513-0001", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T14:44:06Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20210513-0001/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1297", "reference_id": "RHSA-2021:1297", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1297" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1298", "reference_id": "RHSA-2021:1298", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1298" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1299", "reference_id": "RHSA-2021:1299", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1299" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1301", "reference_id": "RHSA-2021:1301", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1301" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1305", "reference_id": "RHSA-2021:1305", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1305" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1306", "reference_id": "RHSA-2021:1306", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1306" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1307", "reference_id": "RHSA-2021:1307", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1307" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1315", "reference_id": "RHSA-2021:1315", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1315" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1444", "reference_id": "RHSA-2021:1444", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1444" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1445", "reference_id": "RHSA-2021:1445", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1445" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1446", "reference_id": "RHSA-2021:1446", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1446" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1447", "reference_id": "RHSA-2021:1447", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1447" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:6735", "reference_id": "RHSA-2022:6735", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:6735" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:6755", "reference_id": "RHSA-2022:6755", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:6755" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:6756", "reference_id": "RHSA-2022:6756", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:6756" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UD3JEP4HPLK7MNZHVUMKIJPBP74M3A2V/", "reference_id": "UD3JEP4HPLK7MNZHVUMKIJPBP74M3A2V", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T14:44:06Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UD3JEP4HPLK7MNZHVUMKIJPBP74M3A2V/" }, { "reference_url": "https://usn.ubuntu.com/4892-1/", "reference_id": "USN-4892-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4892-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/933606?format=api", "purl": "pkg:deb/debian/openjdk-17@17~19-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17~19-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933604?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.12%2B7-2~deb11u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.12%252B7-2~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933602?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.17%252B10-1~deb12u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933605?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.19~6ea-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~6ea-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1062446?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.19~9ea-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-1%3Fdistro=sid" } ], "aliases": [ "CVE-2021-2163" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-u9xe-x4f1-9fc8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/34428?format=api", "vulnerability_id": "VCID-um54-6ggz-gqf9", "summary": "Multiple vulnerabilities have been found in IcedTea, the worst of which could result in arbitrary code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21628.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21628.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-21628", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00248", "scoring_system": "epss", "scoring_elements": "0.48077", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00248", "scoring_system": "epss", "scoring_elements": "0.48105", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00248", "scoring_system": "epss", "scoring_elements": "0.48094", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00248", "scoring_system": "epss", "scoring_elements": "0.48119", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00248", "scoring_system": "epss", "scoring_elements": "0.48096", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00248", "scoring_system": "epss", "scoring_elements": "0.48101", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00248", "scoring_system": "epss", "scoring_elements": "0.48098", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00248", "scoring_system": "epss", "scoring_elements": "0.48048", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00404", "scoring_system": "epss", "scoring_elements": "0.60977", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-21628" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21618", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21618" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21619", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21619" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21624", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21624" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21626", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21626" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21628", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21628" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39399", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39399" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21835", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21835" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21843", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21843" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2133769", "reference_id": "2133769", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2133769" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/37QDWJBGEPP65X43NXQTXQ7KASLUHON6/", "reference_id": "37QDWJBGEPP65X43NXQTXQ7KASLUHON6", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-23T16:44:33Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/37QDWJBGEPP65X43NXQTXQ7KASLUHON6/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3ARF4QF4N3X5GSFHXUBWARGLISGKJ33R/", "reference_id": "3ARF4QF4N3X5GSFHXUBWARGLISGKJ33R", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-23T16:44:33Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3ARF4QF4N3X5GSFHXUBWARGLISGKJ33R/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3QLQ7OD33W6LT3HWI7VYDFFJLV75Y73K/", "reference_id": "3QLQ7OD33W6LT3HWI7VYDFFJLV75Y73K", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-23T16:44:33Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3QLQ7OD33W6LT3HWI7VYDFFJLV75Y73K/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EXSBV3W6EP6B7XJ63Z2FPVBH6HAPGJ5T/", "reference_id": "EXSBV3W6EP6B7XJ63Z2FPVBH6HAPGJ5T", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-23T16:44:33Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EXSBV3W6EP6B7XJ63Z2FPVBH6HAPGJ5T/" }, { "reference_url": "https://security.gentoo.org/glsa/202409-26", "reference_id": "GLSA-202409-26", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202409-26" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HNGMDNIHAA73BEX6XPA2IMXJSGOKKYE6/", "reference_id": "HNGMDNIHAA73BEX6XPA2IMXJSGOKKYE6", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-23T16:44:33Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HNGMDNIHAA73BEX6XPA2IMXJSGOKKYE6/" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20221028-0012/", "reference_id": "ntap-20221028-0012", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-23T16:44:33Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20221028-0012/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PB3CIGOFG7CENUVVE4FFZT2HI5FO77XU/", "reference_id": "PB3CIGOFG7CENUVVE4FFZT2HI5FO77XU", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-23T16:44:33Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PB3CIGOFG7CENUVVE4FFZT2HI5FO77XU/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:6999", "reference_id": "RHSA-2022:6999", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:6999" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7000", "reference_id": "RHSA-2022:7000", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7000" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7001", "reference_id": "RHSA-2022:7001", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7001" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7002", "reference_id": "RHSA-2022:7002", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7002" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7003", "reference_id": "RHSA-2022:7003", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7003" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7004", "reference_id": "RHSA-2022:7004", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7004" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7005", "reference_id": "RHSA-2022:7005", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7005" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7006", "reference_id": "RHSA-2022:7006", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7006" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7007", "reference_id": "RHSA-2022:7007", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7007" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7008", "reference_id": "RHSA-2022:7008", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7008" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7009", "reference_id": "RHSA-2022:7009", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7009" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7010", "reference_id": "RHSA-2022:7010", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7010" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7011", "reference_id": "RHSA-2022:7011", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7011" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7012", "reference_id": "RHSA-2022:7012", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7012" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7013", "reference_id": "RHSA-2022:7013", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7013" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7049", "reference_id": "RHSA-2022:7049", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7049" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7050", "reference_id": "RHSA-2022:7050", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7050" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7051", "reference_id": "RHSA-2022:7051", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7051" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7052", "reference_id": "RHSA-2022:7052", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7052" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7053", "reference_id": "RHSA-2022:7053", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7053" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7054", "reference_id": "RHSA-2022:7054", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7054" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:8880", "reference_id": "RHSA-2022:8880", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:8880" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0128", "reference_id": "RHSA-2023:0128", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0128" }, { "reference_url": "https://usn.ubuntu.com/5719-1/", "reference_id": "USN-5719-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5719-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/933615?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.5%2B8-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.5%252B8-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933616?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.6%2B10-1~deb11u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.6%252B10-1~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933604?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.12%2B7-2~deb11u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.12%252B7-2~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933602?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.17%252B10-1~deb12u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933605?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.19~6ea-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~6ea-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1062446?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.19~9ea-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-1%3Fdistro=sid" } ], "aliases": [ "CVE-2022-21628" ], "risk_score": 2.4, "exploitability": "0.5", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-um54-6ggz-gqf9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/68627?format=api", "vulnerability_id": "VCID-vbw8-4j9f-eya5", "summary": "openjdk: Glyph out-of-memory access and crash (Oracle CPU 2025-07)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-50106.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-50106.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-50106", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00232", "scoring_system": "epss", "scoring_elements": "0.46067", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00232", "scoring_system": "epss", "scoring_elements": "0.46035", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00232", "scoring_system": "epss", "scoring_elements": "0.46088", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00232", "scoring_system": "epss", "scoring_elements": "0.46091", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00232", "scoring_system": "epss", "scoring_elements": "0.46089", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00259", "scoring_system": "epss", "scoring_elements": "0.49267", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00259", "scoring_system": "epss", "scoring_elements": "0.49245", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00259", "scoring_system": "epss", "scoring_elements": "0.49292", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00259", "scoring_system": "epss", "scoring_elements": "0.4924", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-50106" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-50106", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-50106" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2379031", "reference_id": "2379031", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2379031" }, { "reference_url": "https://www.oracle.com/security-alerts/cpujul2025.html", "reference_id": "cpujul2025.html", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-07-15T20:22:48Z/" } ], "url": "https://www.oracle.com/security-alerts/cpujul2025.html" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10861", "reference_id": "RHSA-2025:10861", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10861" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10862", "reference_id": "RHSA-2025:10862", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10862" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10863", "reference_id": "RHSA-2025:10863", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10863" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10864", "reference_id": "RHSA-2025:10864", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10864" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10865", "reference_id": "RHSA-2025:10865", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10865" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10866", "reference_id": "RHSA-2025:10866", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10866" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10867", "reference_id": "RHSA-2025:10867", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10867" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10868", "reference_id": "RHSA-2025:10868", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10868" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10869", "reference_id": "RHSA-2025:10869", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10869" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10870", "reference_id": "RHSA-2025:10870", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10870" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10873", "reference_id": "RHSA-2025:10873", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10873" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10874", "reference_id": "RHSA-2025:10874", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10874" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10875", "reference_id": "RHSA-2025:10875", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10875" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:13656", "reference_id": "RHSA-2025:13656", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:13656" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:13675", "reference_id": "RHSA-2025:13675", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:13675" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0934", "reference_id": "RHSA-2026:0934", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0934" }, { "reference_url": "https://usn.ubuntu.com/7667-1/", "reference_id": "USN-7667-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7667-1/" }, { "reference_url": "https://usn.ubuntu.com/7668-1/", "reference_id": "USN-7668-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7668-1/" }, { "reference_url": "https://usn.ubuntu.com/7669-1/", "reference_id": "USN-7669-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7669-1/" }, { "reference_url": "https://usn.ubuntu.com/7672-1/", "reference_id": "USN-7672-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7672-1/" }, { "reference_url": "https://usn.ubuntu.com/7673-1/", "reference_id": "USN-7673-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7673-1/" }, { "reference_url": "https://usn.ubuntu.com/7674-1/", "reference_id": "USN-7674-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7674-1/" }, { "reference_url": "https://usn.ubuntu.com/7690-1/", "reference_id": "USN-7690-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7690-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/933604?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.12%2B7-2~deb11u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.12%252B7-2~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933644?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.16%2B8-1~deb11u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.16%252B8-1~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933643?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.16%2B8-1~deb12u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.16%252B8-1~deb12u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933645?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.16%2B8-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.16%252B8-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933602?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.17%252B10-1~deb12u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933605?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.19~6ea-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~6ea-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1062446?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.19~9ea-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-1%3Fdistro=sid" } ], "aliases": [ "CVE-2025-50106" ], "risk_score": 3.6, "exploitability": "0.5", "weighted_severity": "7.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vbw8-4j9f-eya5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31978?format=api", "vulnerability_id": "VCID-vpnc-yu7r-bqb6", "summary": "Multiple vulnerabilities have been discovered in OpenJDK, the worst of which could lead to remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21208.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21208.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-21208", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00054", "scoring_system": "epss", "scoring_elements": "0.16971", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00054", "scoring_system": "epss", "scoring_elements": "0.17144", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00054", "scoring_system": "epss", "scoring_elements": "0.17096", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00054", "scoring_system": "epss", "scoring_elements": "0.17036", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00054", "scoring_system": "epss", "scoring_elements": "0.1719", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00054", "scoring_system": "epss", "scoring_elements": "0.17241", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00054", "scoring_system": "epss", "scoring_elements": "0.17021", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00054", "scoring_system": "epss", "scoring_elements": "0.17111", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00054", "scoring_system": "epss", "scoring_elements": "0.17169", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-21208" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21208", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21208" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1085696", "reference_id": "1085696", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1085696" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2318526", "reference_id": "2318526", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2318526" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm:20.3.15:*:*:*:enterprise:*:*:*", "reference_id": "cpe:2.3:a:oracle:graalvm:20.3.15:*:*:*:enterprise:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm:20.3.15:*:*:*:enterprise:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm:21.3.11:*:*:*:enterprise:*:*:*", "reference_id": "cpe:2.3:a:oracle:graalvm:21.3.11:*:*:*:enterprise:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm:21.3.11:*:*:*:enterprise:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:17.0.12:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:graalvm_for_jdk:17.0.12:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:17.0.12:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:21.0.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:graalvm_for_jdk:21.0.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:21.0.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:23:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:graalvm_for_jdk:23:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:23:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:11.0.24:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:java_se:11.0.24:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:11.0.24:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:17.0.12:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:java_se:17.0.12:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:17.0.12:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:21.0.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:java_se:21.0.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:21.0.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:23:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:java_se:23:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:23:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:8u421:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:java_se:8u421:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:8u421:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:8u421:*:*:*:enterprise_performance:*:*:*", "reference_id": "cpe:2.3:a:oracle:java_se:8u421:*:*:*:enterprise_performance:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:8u421:*:*:*:enterprise_performance:*:*:*" }, { "reference_url": "https://security.gentoo.org/glsa/202412-07", "reference_id": "GLSA-202412-07", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-07" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10926", "reference_id": "RHSA-2024:10926", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10926" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8116", "reference_id": "RHSA-2024:8116", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8116" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8117", "reference_id": "RHSA-2024:8117", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8117" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8118", "reference_id": "RHSA-2024:8118", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8118" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8119", "reference_id": "RHSA-2024:8119", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8119" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8120", "reference_id": "RHSA-2024:8120", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8120" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8121", "reference_id": "RHSA-2024:8121", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8121" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8122", "reference_id": "RHSA-2024:8122", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8122" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8123", "reference_id": "RHSA-2024:8123", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8123" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8124", "reference_id": "RHSA-2024:8124", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8124" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8125", "reference_id": "RHSA-2024:8125", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8125" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8126", "reference_id": "RHSA-2024:8126", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8126" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8127", "reference_id": "RHSA-2024:8127", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8127" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8128", "reference_id": "RHSA-2024:8128", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8128" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8129", "reference_id": "RHSA-2024:8129", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8129" }, { "reference_url": "https://usn.ubuntu.com/7096-1/", "reference_id": "USN-7096-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7096-1/" }, { "reference_url": "https://usn.ubuntu.com/7097-1/", "reference_id": "USN-7097-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7097-1/" }, { "reference_url": "https://usn.ubuntu.com/7098-1/", "reference_id": "USN-7098-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7098-1/" }, { "reference_url": "https://usn.ubuntu.com/7099-1/", "reference_id": "USN-7099-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7099-1/" }, { "reference_url": "https://usn.ubuntu.com/7124-1/", "reference_id": "USN-7124-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7124-1/" }, { "reference_url": "https://usn.ubuntu.com/7338-1/", "reference_id": "USN-7338-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7338-1/" }, { "reference_url": "https://usn.ubuntu.com/7339-1/", "reference_id": "USN-7339-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7339-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/933604?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.12%2B7-2~deb11u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.12%252B7-2~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933635?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.13%2B11-1~deb11u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.13%252B11-1~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933636?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.13%2B11-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.13%252B11-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933634?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.13%2B11-2~deb12u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.13%252B11-2~deb12u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933602?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.17%252B10-1~deb12u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933605?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.19~6ea-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~6ea-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1062446?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.19~9ea-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-1%3Fdistro=sid" } ], "aliases": [ "CVE-2024-21208" ], "risk_score": 1.6, "exploitability": "0.5", "weighted_severity": "3.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vpnc-yu7r-bqb6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31959?format=api", "vulnerability_id": "VCID-vuhe-re6z-8kax", "summary": "Multiple vulnerabilities have been discovered in OpenJDK, the worst of which could lead to remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-22025.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-22025.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-22025", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00128", "scoring_system": "epss", "scoring_elements": "0.32344", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00128", "scoring_system": "epss", "scoring_elements": "0.32251", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00128", "scoring_system": "epss", "scoring_elements": "0.32382", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00128", "scoring_system": "epss", "scoring_elements": "0.32207", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00128", "scoring_system": "epss", "scoring_elements": "0.32256", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00128", "scoring_system": "epss", "scoring_elements": "0.32285", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00128", "scoring_system": "epss", "scoring_elements": "0.32286", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00128", "scoring_system": "epss", "scoring_elements": "0.32248", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00128", "scoring_system": "epss", "scoring_elements": "0.32217", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-22025" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22025", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22025" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22081", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22081" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243805", "reference_id": "2243805", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243805" }, { "reference_url": "https://www.debian.org/security/2023/dsa-5548", "reference_id": "dsa-5548", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-13T16:28:29Z/" } ], "url": "https://www.debian.org/security/2023/dsa-5548" }, { "reference_url": "https://security.gentoo.org/glsa/202412-07", "reference_id": "GLSA-202412-07", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-07" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20231027-0006/", "reference_id": "ntap-20231027-0006", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-13T16:28:29Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20231027-0006/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5745", "reference_id": "RHSA-2023:5745", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5745" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5746", "reference_id": "RHSA-2023:5746", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5746" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5747", "reference_id": "RHSA-2023:5747", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5747" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5750", "reference_id": "RHSA-2023:5750", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5750" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5751", "reference_id": "RHSA-2023:5751", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5751" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5752", "reference_id": "RHSA-2023:5752", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5752" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5753", "reference_id": "RHSA-2023:5753", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5753" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6738", "reference_id": "RHSA-2023:6738", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6738" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6887", "reference_id": "RHSA-2023:6887", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6887" }, { "reference_url": "https://usn.ubuntu.com/6527-1/", "reference_id": "USN-6527-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6527-1/" }, { "reference_url": "https://usn.ubuntu.com/6528-1/", "reference_id": "USN-6528-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6528-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/933624?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.9%2B9-1~deb11u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.9%252B9-1~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933623?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.9%2B9-1~deb12u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.9%252B9-1~deb12u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933625?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.9%2B9-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.9%252B9-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933604?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.12%2B7-2~deb11u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.12%252B7-2~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933602?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.17%252B10-1~deb12u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933605?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.19~6ea-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~6ea-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1062446?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.19~9ea-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-1%3Fdistro=sid" } ], "aliases": [ "CVE-2023-22025" ], "risk_score": 1.6, "exploitability": "0.5", "weighted_severity": "3.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vuhe-re6z-8kax" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31969?format=api", "vulnerability_id": "VCID-wn4r-ugaa-5ydb", "summary": "Multiple vulnerabilities have been discovered in OpenJDK, the worst of which could lead to remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-20918.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-20918.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-20918", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00238", "scoring_system": "epss", "scoring_elements": "0.46999", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00238", "scoring_system": "epss", "scoring_elements": "0.4694", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00238", "scoring_system": "epss", "scoring_elements": "0.46888", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00238", "scoring_system": "epss", "scoring_elements": "0.46942", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00238", "scoring_system": "epss", "scoring_elements": "0.46939", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00238", "scoring_system": "epss", "scoring_elements": "0.46963", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00238", "scoring_system": "epss", "scoring_elements": "0.46936", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00238", "scoring_system": "epss", "scoring_elements": "0.46944", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00238", "scoring_system": "epss", "scoring_elements": "0.46923", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-20918" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20918", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20918" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20919", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20919" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20921", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20921" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20926", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20926" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20932", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20932" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20945", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20945" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20952", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20952" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2257728", "reference_id": "2257728", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2257728" }, { "reference_url": "https://security.gentoo.org/glsa/202412-07", "reference_id": "GLSA-202412-07", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-07" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2024/01/msg00023.html", "reference_id": "msg00023.html", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-01-25T05:01:02Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2024/01/msg00023.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20240201-0002/", "reference_id": "ntap-20240201-0002", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-01-25T05:01:02Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20240201-0002/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0222", "reference_id": "RHSA-2024:0222", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0222" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0223", "reference_id": "RHSA-2024:0223", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0223" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0224", "reference_id": "RHSA-2024:0224", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0224" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0225", "reference_id": "RHSA-2024:0225", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0225" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0226", "reference_id": "RHSA-2024:0226", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0226" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0228", "reference_id": "RHSA-2024:0228", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0228" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0230", "reference_id": "RHSA-2024:0230", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0230" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0231", "reference_id": "RHSA-2024:0231", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0231" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0232", "reference_id": "RHSA-2024:0232", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0232" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0233", "reference_id": "RHSA-2024:0233", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0233" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0234", "reference_id": "RHSA-2024:0234", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0234" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0235", "reference_id": "RHSA-2024:0235", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0235" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0237", "reference_id": "RHSA-2024:0237", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0237" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0239", "reference_id": "RHSA-2024:0239", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0239" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0240", "reference_id": "RHSA-2024:0240", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0240" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0241", "reference_id": "RHSA-2024:0241", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0241" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0242", "reference_id": "RHSA-2024:0242", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0242" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0244", "reference_id": "RHSA-2024:0244", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0244" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0246", "reference_id": "RHSA-2024:0246", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0246" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0247", "reference_id": "RHSA-2024:0247", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0247" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0248", "reference_id": "RHSA-2024:0248", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0248" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0249", "reference_id": "RHSA-2024:0249", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0249" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0250", "reference_id": "RHSA-2024:0250", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0250" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0265", "reference_id": "RHSA-2024:0265", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0265" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0266", "reference_id": "RHSA-2024:0266", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0266" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0267", "reference_id": "RHSA-2024:0267", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0267" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1481", "reference_id": "RHSA-2024:1481", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1481" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1482", "reference_id": "RHSA-2024:1482", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1482" }, { "reference_url": "https://usn.ubuntu.com/6660-1/", "reference_id": "USN-6660-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6660-1/" }, { "reference_url": "https://usn.ubuntu.com/6661-1/", "reference_id": "USN-6661-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6661-1/" }, { "reference_url": "https://usn.ubuntu.com/6662-1/", "reference_id": "USN-6662-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6662-1/" }, { "reference_url": "https://usn.ubuntu.com/6696-1/", "reference_id": "USN-6696-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6696-1/" }, { "reference_url": "https://usn.ubuntu.com/7096-1/", "reference_id": "USN-7096-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7096-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/933627?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.10%2B7-1~deb11u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.10%252B7-1~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933626?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.10%2B7-1~deb12u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.10%252B7-1~deb12u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933628?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.10%2B7-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.10%252B7-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933604?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.12%2B7-2~deb11u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.12%252B7-2~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933602?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.17%252B10-1~deb12u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933605?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.19~6ea-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~6ea-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1062446?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.19~9ea-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-1%3Fdistro=sid" } ], "aliases": [ "CVE-2024-20918" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.7", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-wn4r-ugaa-5ydb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/34363?format=api", "vulnerability_id": "VCID-ws4h-edpn-nudd", "summary": "Multiple vulnerabilities have been found in OpenJDK, the worst of which could result in denial of service.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21299.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21299.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-21299", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00097", "scoring_system": "epss", "scoring_elements": "0.26898", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00097", "scoring_system": "epss", "scoring_elements": "0.26933", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00097", "scoring_system": "epss", "scoring_elements": "0.2672", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00097", "scoring_system": "epss", "scoring_elements": "0.26789", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00097", "scoring_system": "epss", "scoring_elements": "0.26838", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00097", "scoring_system": "epss", "scoring_elements": "0.26841", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00097", "scoring_system": "epss", "scoring_elements": "0.26796", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00097", "scoring_system": "epss", "scoring_elements": "0.26739", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00097", "scoring_system": "epss", "scoring_elements": "0.26747", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-21299" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21248", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21248" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21277", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21277" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21282", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21282" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21283", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21283" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21291", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21291" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21293", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21293" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21294", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21294" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21296", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21296" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21299", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21299" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21305", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21305" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21340", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21340" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21341", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21341" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21360", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21360" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21365", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21365" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21366", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21366" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2041472", "reference_id": "2041472", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2041472" }, { "reference_url": "https://security.gentoo.org/glsa/202209-05", "reference_id": "GLSA-202209-05", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202209-05" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0161", "reference_id": "RHSA-2022:0161", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0161" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0165", "reference_id": "RHSA-2022:0165", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0165" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0166", "reference_id": "RHSA-2022:0166", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0166" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0185", "reference_id": "RHSA-2022:0185", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0185" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0204", "reference_id": "RHSA-2022:0204", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0204" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0209", "reference_id": "RHSA-2022:0209", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0209" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0211", "reference_id": "RHSA-2022:0211", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0211" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0228", "reference_id": "RHSA-2022:0228", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0228" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0229", "reference_id": "RHSA-2022:0229", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0229" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0233", "reference_id": "RHSA-2022:0233", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0233" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0304", "reference_id": "RHSA-2022:0304", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0304" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0305", "reference_id": "RHSA-2022:0305", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0305" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0306", "reference_id": "RHSA-2022:0306", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0306" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0307", "reference_id": "RHSA-2022:0307", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0307" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0312", "reference_id": "RHSA-2022:0312", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0312" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0317", "reference_id": "RHSA-2022:0317", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0317" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0321", "reference_id": "RHSA-2022:0321", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0321" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4918", "reference_id": "RHSA-2022:4918", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4918" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4919", "reference_id": "RHSA-2022:4919", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4919" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4922", "reference_id": "RHSA-2022:4922", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4922" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4957", "reference_id": "RHSA-2022:4957", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4957" }, { "reference_url": "https://usn.ubuntu.com/5313-1/", "reference_id": "USN-5313-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5313-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/933610?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.2%2B8-1~deb11u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.2%252B8-1~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933609?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.2%2B8-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.2%252B8-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933604?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.12%2B7-2~deb11u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.12%252B7-2~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933602?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.17%252B10-1~deb12u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933605?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.19~6ea-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~6ea-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1062446?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.19~9ea-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-1%3Fdistro=sid" } ], "aliases": [ "CVE-2022-21299" ], "risk_score": 2.4, "exploitability": "0.5", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ws4h-edpn-nudd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31957?format=api", "vulnerability_id": "VCID-x4ms-sbj7-aufu", "summary": "Multiple vulnerabilities have been discovered in OpenJDK, the worst of which could lead to remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-22006.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-22006.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-22006", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00147", "scoring_system": "epss", "scoring_elements": "0.35272", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00147", "scoring_system": "epss", "scoring_elements": "0.353", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00147", "scoring_system": "epss", "scoring_elements": "0.35182", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00147", "scoring_system": "epss", "scoring_elements": "0.35226", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00147", "scoring_system": "epss", "scoring_elements": "0.35251", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00147", "scoring_system": "epss", "scoring_elements": "0.35255", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00147", "scoring_system": "epss", "scoring_elements": "0.3522", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00147", "scoring_system": "epss", "scoring_elements": "0.35196", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00147", "scoring_system": "epss", "scoring_elements": "0.35235", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-22006" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21930", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21930" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21937", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21937" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21938", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21938" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21939", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21939" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21954", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21954" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21967", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21967" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21968", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21968" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22006", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22006" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22036", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22036" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22041", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22041" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22045", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22045" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22049", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22049" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2221626", "reference_id": "2221626", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2221626" }, { "reference_url": "https://security.gentoo.org/glsa/202407-24", "reference_id": "GLSA-202407-24", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202407-24" }, { "reference_url": "https://security.gentoo.org/glsa/202412-07", "reference_id": "GLSA-202412-07", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-07" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4157", "reference_id": "RHSA-2023:4157", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4157" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4158", "reference_id": "RHSA-2023:4158", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4158" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4159", "reference_id": "RHSA-2023:4159", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4159" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4161", "reference_id": "RHSA-2023:4161", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4161" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4162", "reference_id": "RHSA-2023:4162", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4162" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4163", "reference_id": "RHSA-2023:4163", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4163" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4164", "reference_id": "RHSA-2023:4164", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4164" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4165", "reference_id": "RHSA-2023:4165", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4165" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4169", "reference_id": "RHSA-2023:4169", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4169" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4170", "reference_id": "RHSA-2023:4170", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4170" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4171", "reference_id": "RHSA-2023:4171", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4171" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4175", "reference_id": "RHSA-2023:4175", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4175" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4177", "reference_id": "RHSA-2023:4177", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4177" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4208", "reference_id": "RHSA-2023:4208", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4208" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4210", "reference_id": "RHSA-2023:4210", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4210" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4211", "reference_id": "RHSA-2023:4211", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4211" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4233", "reference_id": "RHSA-2023:4233", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4233" }, { "reference_url": "https://usn.ubuntu.com/6263-1/", "reference_id": "USN-6263-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6263-1/" }, { "reference_url": "https://usn.ubuntu.com/6272-1/", "reference_id": "USN-6272-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6272-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/933621?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.8%2B7-1~deb12u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.8%252B7-1~deb12u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933622?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.8%2B7-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.8%252B7-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933604?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.12%2B7-2~deb11u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.12%252B7-2~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933602?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.17%252B10-1~deb12u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933605?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.19~6ea-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~6ea-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1062446?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.19~9ea-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-1%3Fdistro=sid" } ], "aliases": [ "CVE-2023-22006" ], "risk_score": 1.4, "exploitability": "0.5", "weighted_severity": "2.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-x4ms-sbj7-aufu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/34351?format=api", "vulnerability_id": "VCID-xfqx-d3jw-yuhn", "summary": "Multiple vulnerabilities have been found in OpenJDK, the worst of which could result in denial of service.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21248.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21248.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-21248", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00083", "scoring_system": "epss", "scoring_elements": "0.24337", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00083", "scoring_system": "epss", "scoring_elements": "0.24196", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00083", "scoring_system": "epss", "scoring_elements": "0.2437", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00083", "scoring_system": "epss", "scoring_elements": "0.24153", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00083", "scoring_system": "epss", "scoring_elements": "0.2422", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00083", "scoring_system": "epss", "scoring_elements": "0.24263", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00083", "scoring_system": "epss", "scoring_elements": "0.2428", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00083", "scoring_system": "epss", "scoring_elements": "0.24237", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00083", "scoring_system": "epss", "scoring_elements": "0.2418", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-21248" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21248", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21248" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21277", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21277" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21282", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21282" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21283", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21283" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21291", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21291" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21293", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21293" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21294", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21294" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21296", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21296" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21299", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21299" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21305", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21305" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21340", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21340" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21341", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21341" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21360", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21360" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21365", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21365" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21366", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21366" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2041801", "reference_id": "2041801", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2041801" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2DIN3L6L3SVZK75CKW2GPSU4HIGZR7XG/", "reference_id": "2DIN3L6L3SVZK75CKW2GPSU4HIGZR7XG", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-24T17:45:14Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2DIN3L6L3SVZK75CKW2GPSU4HIGZR7XG/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4J2N4FNXW6JKJBWUZH6SNI2UHCZXQXCY/", "reference_id": "4J2N4FNXW6JKJBWUZH6SNI2UHCZXQXCY", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-24T17:45:14Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4J2N4FNXW6JKJBWUZH6SNI2UHCZXQXCY/" }, { "reference_url": "https://www.debian.org/security/2022/dsa-5057", "reference_id": "dsa-5057", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-24T17:45:14Z/" } ], "url": "https://www.debian.org/security/2022/dsa-5057" }, { "reference_url": "https://www.debian.org/security/2022/dsa-5058", "reference_id": "dsa-5058", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-24T17:45:14Z/" } ], "url": "https://www.debian.org/security/2022/dsa-5058" }, { "reference_url": "https://security.gentoo.org/glsa/202209-05", "reference_id": "GLSA-202209-05", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-24T17:45:14Z/" } ], "url": "https://security.gentoo.org/glsa/202209-05" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KPIWQ6DL5IPOT54UBWTISG5T24FQJ7MN/", "reference_id": "KPIWQ6DL5IPOT54UBWTISG5T24FQJ7MN", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-24T17:45:14Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KPIWQ6DL5IPOT54UBWTISG5T24FQJ7MN/" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2022/02/msg00011.html", "reference_id": "msg00011.html", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-24T17:45:14Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2022/02/msg00011.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20220121-0007/", "reference_id": "ntap-20220121-0007", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-24T17:45:14Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20220121-0007/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0161", "reference_id": "RHSA-2022:0161", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0161" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0165", "reference_id": "RHSA-2022:0165", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0165" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0166", "reference_id": "RHSA-2022:0166", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0166" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0185", "reference_id": "RHSA-2022:0185", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0185" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0204", "reference_id": "RHSA-2022:0204", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0204" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0209", "reference_id": "RHSA-2022:0209", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0209" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0211", "reference_id": "RHSA-2022:0211", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0211" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0228", "reference_id": "RHSA-2022:0228", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0228" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0229", "reference_id": "RHSA-2022:0229", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0229" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0233", "reference_id": "RHSA-2022:0233", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0233" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0304", "reference_id": "RHSA-2022:0304", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0304" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0305", "reference_id": "RHSA-2022:0305", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0305" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0306", "reference_id": "RHSA-2022:0306", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0306" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0307", "reference_id": "RHSA-2022:0307", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0307" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0312", "reference_id": "RHSA-2022:0312", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0312" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0317", "reference_id": "RHSA-2022:0317", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0317" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0321", "reference_id": "RHSA-2022:0321", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0321" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0968", "reference_id": "RHSA-2022:0968", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0968" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0969", "reference_id": "RHSA-2022:0969", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0969" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0970", "reference_id": "RHSA-2022:0970", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0970" }, { "reference_url": "https://usn.ubuntu.com/5313-1/", "reference_id": "USN-5313-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5313-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/933610?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.2%2B8-1~deb11u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.2%252B8-1~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933609?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.2%2B8-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.2%252B8-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933604?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.12%2B7-2~deb11u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.12%252B7-2~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933602?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.17%252B10-1~deb12u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933605?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.19~6ea-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~6ea-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1062446?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.19~9ea-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-1%3Fdistro=sid" } ], "aliases": [ "CVE-2022-21248" ], "risk_score": 1.6, "exploitability": "0.5", "weighted_severity": "3.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-xfqx-d3jw-yuhn" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/78476?format=api", "vulnerability_id": "VCID-xk2v-7cgk-13ex", "summary": "OpenJDK: certificate validation issue in TLS session negotiation (8298310)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-21967.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-21967.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-21967", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00071", "scoring_system": "epss", "scoring_elements": "0.2175", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00071", "scoring_system": "epss", "scoring_elements": "0.21605", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00071", "scoring_system": "epss", "scoring_elements": "0.21805", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00071", "scoring_system": "epss", "scoring_elements": "0.21556", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00071", "scoring_system": "epss", "scoring_elements": "0.21633", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00071", "scoring_system": "epss", "scoring_elements": "0.21691", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00071", "scoring_system": "epss", "scoring_elements": "0.21702", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00071", "scoring_system": "epss", "scoring_elements": "0.21664", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00071", "scoring_system": "epss", "scoring_elements": "0.21607", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-21967" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21930", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21930" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21937", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21937" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21938", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21938" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21939", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21939" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21954", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21954" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21967", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21967" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21968", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21968" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22006", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22006" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22036", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22036" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22041", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22041" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22045", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22045" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22049", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22049" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1035957", "reference_id": "1035957", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1035957" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036280", "reference_id": "1036280", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036280" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2187704", "reference_id": "2187704", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2187704" }, { "reference_url": "https://www.debian.org/security/2023/dsa-5430", "reference_id": "dsa-5430", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-17T13:34:32Z/" } ], "url": "https://www.debian.org/security/2023/dsa-5430" }, { "reference_url": "https://www.debian.org/security/2023/dsa-5478", "reference_id": "dsa-5478", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-17T13:34:32Z/" } ], "url": "https://www.debian.org/security/2023/dsa-5478" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00018.html", "reference_id": "msg00018.html", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-17T13:34:32Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00018.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20230427-0008/", "reference_id": "ntap-20230427-0008", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-17T13:34:32Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20230427-0008/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1875", "reference_id": "RHSA-2023:1875", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1875" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1877", "reference_id": "RHSA-2023:1877", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1877" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1878", "reference_id": "RHSA-2023:1878", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1878" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1879", "reference_id": "RHSA-2023:1879", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1879" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1880", "reference_id": "RHSA-2023:1880", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1880" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1882", "reference_id": "RHSA-2023:1882", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1882" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1883", "reference_id": "RHSA-2023:1883", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1883" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1884", "reference_id": "RHSA-2023:1884", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1884" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1885", "reference_id": "RHSA-2023:1885", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1885" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1889", "reference_id": "RHSA-2023:1889", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1889" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1890", "reference_id": "RHSA-2023:1890", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1890" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1891", "reference_id": "RHSA-2023:1891", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1891" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1892", "reference_id": "RHSA-2023:1892", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1892" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1895", "reference_id": "RHSA-2023:1895", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1895" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1898", "reference_id": "RHSA-2023:1898", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1898" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1899", "reference_id": "RHSA-2023:1899", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1899" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1900", "reference_id": "RHSA-2023:1900", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1900" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1903", "reference_id": "RHSA-2023:1903", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1903" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1904", "reference_id": "RHSA-2023:1904", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1904" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1905", "reference_id": "RHSA-2023:1905", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1905" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1906", "reference_id": "RHSA-2023:1906", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1906" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1907", "reference_id": "RHSA-2023:1907", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1907" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1908", "reference_id": "RHSA-2023:1908", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1908" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1909", "reference_id": "RHSA-2023:1909", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1909" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1910", "reference_id": "RHSA-2023:1910", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1910" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1911", "reference_id": "RHSA-2023:1911", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1911" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1912", "reference_id": "RHSA-2023:1912", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1912" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4103", "reference_id": "RHSA-2023:4103", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4103" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4160", "reference_id": "RHSA-2023:4160", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4160" }, { "reference_url": "https://usn.ubuntu.com/6077-1/", "reference_id": "USN-6077-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6077-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/933619?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.7%2B7-1~deb11u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.7%252B7-1~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933618?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.7%2B7-1~deb12u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.7%252B7-1~deb12u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933620?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.7%2B7-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.7%252B7-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933604?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.12%2B7-2~deb11u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.12%252B7-2~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933602?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.17%252B10-1~deb12u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933605?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.19~6ea-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~6ea-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1062446?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.19~9ea-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-1%3Fdistro=sid" } ], "aliases": [ "CVE-2023-21967" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-xk2v-7cgk-13ex" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/79489?format=api", "vulnerability_id": "VCID-y5qu-j3wt-wuej", "summary": "OpenJDK: URI parsing inconsistencies (JNDI, 8278972)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21496.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21496.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-21496", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00109", "scoring_system": "epss", "scoring_elements": "0.29176", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00109", "scoring_system": "epss", "scoring_elements": "0.29303", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00109", "scoring_system": "epss", "scoring_elements": "0.29203", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00109", "scoring_system": "epss", "scoring_elements": "0.29352", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00109", "scoring_system": "epss", "scoring_elements": "0.29164", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00109", "scoring_system": "epss", "scoring_elements": "0.29228", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00109", "scoring_system": "epss", "scoring_elements": "0.29269", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00109", "scoring_system": "epss", "scoring_elements": "0.29275", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00109", "scoring_system": "epss", "scoring_elements": "0.29229", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-21496" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21426", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21426" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21434", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21434" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21443", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21443" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21449", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21449" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21476", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21476" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21496", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21496" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2075849", "reference_id": "2075849", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2075849" }, { "reference_url": "https://security.archlinux.org/AVG-2686", "reference_id": "AVG-2686", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2686" }, { "reference_url": "https://security.archlinux.org/AVG-2687", "reference_id": "AVG-2687", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2687" }, { "reference_url": "https://security.archlinux.org/AVG-2688", "reference_id": "AVG-2688", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2688" }, { "reference_url": "https://security.archlinux.org/AVG-2689", "reference_id": "AVG-2689", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2689" }, { "reference_url": "https://www.debian.org/security/2022/dsa-5128", "reference_id": "dsa-5128", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-24T13:53:50Z/" } ], "url": "https://www.debian.org/security/2022/dsa-5128" }, { "reference_url": "https://www.debian.org/security/2022/dsa-5131", "reference_id": "dsa-5131", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-24T13:53:50Z/" } ], "url": "https://www.debian.org/security/2022/dsa-5131" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2022/05/msg00017.html", "reference_id": "msg00017.html", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-24T13:53:50Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2022/05/msg00017.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20220429-0006/", "reference_id": "ntap-20220429-0006", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-24T13:53:50Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20220429-0006/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1435", "reference_id": "RHSA-2022:1435", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1435" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1436", "reference_id": "RHSA-2022:1436", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1436" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1437", "reference_id": "RHSA-2022:1437", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1437" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1438", "reference_id": "RHSA-2022:1438", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1438" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1439", "reference_id": "RHSA-2022:1439", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1439" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1440", "reference_id": "RHSA-2022:1440", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1440" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1441", "reference_id": "RHSA-2022:1441", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1441" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1442", "reference_id": "RHSA-2022:1442", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1442" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1443", "reference_id": "RHSA-2022:1443", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1443" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1444", "reference_id": "RHSA-2022:1444", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1444" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1445", "reference_id": "RHSA-2022:1445", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1445" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1487", "reference_id": "RHSA-2022:1487", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1487" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1488", "reference_id": "RHSA-2022:1488", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1488" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1489", "reference_id": "RHSA-2022:1489", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1489" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1490", "reference_id": "RHSA-2022:1490", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1490" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1491", "reference_id": "RHSA-2022:1491", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1491" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1492", "reference_id": "RHSA-2022:1492", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1492" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1728", "reference_id": "RHSA-2022:1728", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1728" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1729", "reference_id": "RHSA-2022:1729", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1729" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:2137", "reference_id": "RHSA-2022:2137", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:2137" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4957", "reference_id": "RHSA-2022:4957", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4957" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4959", "reference_id": "RHSA-2022:4959", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4959" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5837", "reference_id": "RHSA-2022:5837", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5837" }, { "reference_url": "https://usn.ubuntu.com/5388-1/", "reference_id": "USN-5388-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5388-1/" }, { "reference_url": "https://usn.ubuntu.com/5388-2/", "reference_id": "USN-5388-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5388-2/" }, { "reference_url": "https://usn.ubuntu.com/5546-1/", "reference_id": "USN-5546-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5546-1/" }, { "reference_url": "https://usn.ubuntu.com/5546-2/", "reference_id": "USN-5546-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5546-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/933612?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.3%2B7-1~deb11u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.3%252B7-1~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933611?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.3%2B7-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.3%252B7-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933604?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.12%2B7-2~deb11u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.12%252B7-2~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933602?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.17%252B10-1~deb12u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933605?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.19~6ea-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~6ea-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1062446?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.19~9ea-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-1%3Fdistro=sid" } ], "aliases": [ "CVE-2022-21496" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-y5qu-j3wt-wuej" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/70362?format=api", "vulnerability_id": "VCID-y8bc-k5qu-c7f5", "summary": "openjdk: Improve compiler transformations (Oracle CPU 2025-04)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-30691.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-30691.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-30691", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00369", "scoring_system": "epss", "scoring_elements": "0.58784", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00369", "scoring_system": "epss", "scoring_elements": "0.58846", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00369", "scoring_system": "epss", "scoring_elements": "0.58833", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00369", "scoring_system": "epss", "scoring_elements": "0.58851", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00369", "scoring_system": "epss", "scoring_elements": "0.58814", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00369", "scoring_system": "epss", "scoring_elements": "0.58805", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00369", "scoring_system": "epss", "scoring_elements": "0.58775", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00369", "scoring_system": "epss", "scoring_elements": "0.58827", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-30691" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-30691", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-30691" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103897", "reference_id": "1103897", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103897" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103898", "reference_id": "1103898", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103898" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103899", "reference_id": "1103899", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103899" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103900", "reference_id": "1103900", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103900" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2359694", "reference_id": "2359694", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2359694" }, { "reference_url": "https://www.oracle.com/security-alerts/cpuapr2025.html", "reference_id": "cpuapr2025.html", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-16T14:24:18Z/" } ], "url": "https://www.oracle.com/security-alerts/cpuapr2025.html" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3844", "reference_id": "RHSA-2025:3844", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3844" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3845", "reference_id": "RHSA-2025:3845", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3845" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3846", "reference_id": "RHSA-2025:3846", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3846" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3847", "reference_id": "RHSA-2025:3847", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3847" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3848", "reference_id": "RHSA-2025:3848", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3848" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3849", "reference_id": "RHSA-2025:3849", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3849" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3850", "reference_id": "RHSA-2025:3850", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3850" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3852", "reference_id": "RHSA-2025:3852", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3852" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3853", "reference_id": "RHSA-2025:3853", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3853" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3854", "reference_id": "RHSA-2025:3854", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3854" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3855", "reference_id": "RHSA-2025:3855", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3855" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3856", "reference_id": "RHSA-2025:3856", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3856" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3857", "reference_id": "RHSA-2025:3857", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3857" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7508", "reference_id": "RHSA-2025:7508", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:7508" }, { "reference_url": "https://usn.ubuntu.com/7480-1/", "reference_id": "USN-7480-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7480-1/" }, { "reference_url": "https://usn.ubuntu.com/7481-1/", "reference_id": "USN-7481-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7481-1/" }, { "reference_url": "https://usn.ubuntu.com/7482-1/", "reference_id": "USN-7482-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7482-1/" }, { "reference_url": "https://usn.ubuntu.com/7483-1/", "reference_id": "USN-7483-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7483-1/" }, { "reference_url": "https://usn.ubuntu.com/7484-1/", "reference_id": "USN-7484-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7484-1/" }, { "reference_url": "https://usn.ubuntu.com/7531-1/", "reference_id": "USN-7531-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7531-1/" }, { "reference_url": "https://usn.ubuntu.com/7533-1/", "reference_id": "USN-7533-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7533-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/933604?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.12%2B7-2~deb11u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.12%252B7-2~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933641?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.15%2B6-1~deb11u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.15%252B6-1~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933640?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.15%2B6-1~deb12u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.15%252B6-1~deb12u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933642?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.15%2B6-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.15%252B6-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933602?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.17%252B10-1~deb12u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933605?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.19~6ea-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~6ea-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1062446?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.19~9ea-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-1%3Fdistro=sid" } ], "aliases": [ "CVE-2025-30691" ], "risk_score": 2.1, "exploitability": "0.5", "weighted_severity": "4.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-y8bc-k5qu-c7f5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/34347?format=api", "vulnerability_id": "VCID-yxk8-59zb-y7g2", "summary": "Multiple vulnerabilities have been found in OpenJDK, the worst of which could result in denial of service.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-35578.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-35578.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-35578", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00144", "scoring_system": "epss", "scoring_elements": "0.34514", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00144", "scoring_system": "epss", "scoring_elements": "0.34648", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00144", "scoring_system": "epss", "scoring_elements": "0.34732", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00144", "scoring_system": "epss", "scoring_elements": "0.34685", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00144", "scoring_system": "epss", "scoring_elements": "0.34758", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00144", "scoring_system": "epss", "scoring_elements": "0.34635", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00144", "scoring_system": "epss", "scoring_elements": "0.34679", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00144", "scoring_system": "epss", "scoring_elements": "0.34707", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00144", "scoring_system": "epss", "scoring_elements": "0.34711", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00144", "scoring_system": "epss", "scoring_elements": "0.34672", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-35578" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35550", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35550" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35556", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35556" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35559", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35559" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35561", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35561" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35564", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35564" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35565", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35565" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35567", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35567" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35578", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35578" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35586", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35586" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35603", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35603" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2015653", "reference_id": "2015653", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2015653" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6EUURAQOIJYFZHQ7DFZCO6IKDPIAWTNK/", "reference_id": "6EUURAQOIJYFZHQ7DFZCO6IKDPIAWTNK", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-18T17:53:39Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6EUURAQOIJYFZHQ7DFZCO6IKDPIAWTNK/" }, { "reference_url": "https://security.archlinux.org/AVG-2477", "reference_id": "AVG-2477", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2477" }, { "reference_url": "https://security.archlinux.org/AVG-2478", "reference_id": "AVG-2478", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2478" }, { "reference_url": "https://security.archlinux.org/AVG-2479", "reference_id": "AVG-2479", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2479" }, { "reference_url": "https://www.debian.org/security/2021/dsa-5000", "reference_id": "dsa-5000", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-18T17:53:39Z/" } ], "url": "https://www.debian.org/security/2021/dsa-5000" }, { "reference_url": "https://www.debian.org/security/2021/dsa-5012", "reference_id": "dsa-5012", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-18T17:53:39Z/" } ], "url": "https://www.debian.org/security/2021/dsa-5012" }, { "reference_url": "https://security.gentoo.org/glsa/202209-05", "reference_id": "GLSA-202209-05", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-18T17:53:39Z/" } ], "url": "https://security.gentoo.org/glsa/202209-05" }, { "reference_url": "https://security.gentoo.org/glsa/202409-26", "reference_id": "GLSA-202409-26", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202409-26" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GTYZWIXDFUV2H57YQZJWPOD3BC3I3EIQ/", "reference_id": "GTYZWIXDFUV2H57YQZJWPOD3BC3I3EIQ", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-18T17:53:39Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GTYZWIXDFUV2H57YQZJWPOD3BC3I3EIQ/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GXTUWAWXVU37GRNIG4TPMA47THO6VAE6/", "reference_id": "GXTUWAWXVU37GRNIG4TPMA47THO6VAE6", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-18T17:53:39Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GXTUWAWXVU37GRNIG4TPMA47THO6VAE6/" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2021/11/msg00008.html", "reference_id": "msg00008.html", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-18T17:53:39Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2021/11/msg00008.html" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3884", "reference_id": "RHSA-2021:3884", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3884" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3885", "reference_id": "RHSA-2021:3885", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3885" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3886", "reference_id": "RHSA-2021:3886", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3886" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3887", "reference_id": "RHSA-2021:3887", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3887" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3889", "reference_id": "RHSA-2021:3889", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3889" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3891", "reference_id": "RHSA-2021:3891", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3891" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3892", "reference_id": "RHSA-2021:3892", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3892" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3893", "reference_id": "RHSA-2021:3893", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3893" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3960", "reference_id": "RHSA-2021:3960", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3960" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3961", "reference_id": "RHSA-2021:3961", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3961" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3967", "reference_id": "RHSA-2021:3967", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3967" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:3968", "reference_id": "RHSA-2021:3968", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:3968" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4135", "reference_id": "RHSA-2021:4135", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4135" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4531", "reference_id": "RHSA-2021:4531", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4531" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4532", "reference_id": "RHSA-2021:4532", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4532" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:5030", "reference_id": "RHSA-2021:5030", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:5030" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0345", "reference_id": "RHSA-2022:0345", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0345" }, { "reference_url": "https://usn.ubuntu.com/5202-1/", "reference_id": "USN-5202-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5202-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/933607?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.1%2B12-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.1%252B12-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933608?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.1%2B12-1%2Bdeb11u2?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.1%252B12-1%252Bdeb11u2%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933604?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.12%2B7-2~deb11u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.12%252B7-2~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933602?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.17%252B10-1~deb12u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933605?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.19~6ea-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~6ea-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1062446?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.19~9ea-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-1%3Fdistro=sid" } ], "aliases": [ "CVE-2021-35578" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-yxk8-59zb-y7g2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31979?format=api", "vulnerability_id": "VCID-z356-tw9t-q7bp", "summary": "Multiple vulnerabilities have been discovered in OpenJDK, the worst of which could lead to remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21210.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21210.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-21210", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00144", "scoring_system": "epss", "scoring_elements": "0.34685", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00144", "scoring_system": "epss", "scoring_elements": "0.34711", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00144", "scoring_system": "epss", "scoring_elements": "0.34672", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00144", "scoring_system": "epss", "scoring_elements": "0.34648", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00144", "scoring_system": "epss", "scoring_elements": "0.34732", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00144", "scoring_system": "epss", "scoring_elements": "0.34758", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00144", "scoring_system": "epss", "scoring_elements": "0.34636", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00144", "scoring_system": "epss", "scoring_elements": "0.34679", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00144", "scoring_system": "epss", "scoring_elements": "0.34708", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-21210" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21210", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21210" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1085696", "reference_id": "1085696", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1085696" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2318524", "reference_id": "2318524", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2318524" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:11.0.24:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:java_se:11.0.24:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:11.0.24:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:17.0.12:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:java_se:17.0.12:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:17.0.12:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:21.0.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:java_se:21.0.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:21.0.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:23:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:java_se:23:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:23:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:8u421:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:java_se:8u421:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:8u421:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:8u421:*:*:*:enterprise_performance:*:*:*", "reference_id": "cpe:2.3:a:oracle:java_se:8u421:*:*:*:enterprise_performance:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:8u421:*:*:*:enterprise_performance:*:*:*" }, { "reference_url": "https://security.gentoo.org/glsa/202412-07", "reference_id": "GLSA-202412-07", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-07" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10926", "reference_id": "RHSA-2024:10926", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10926" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8116", "reference_id": "RHSA-2024:8116", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8116" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8117", "reference_id": "RHSA-2024:8117", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8117" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8118", "reference_id": "RHSA-2024:8118", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8118" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8119", "reference_id": "RHSA-2024:8119", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8119" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8120", "reference_id": "RHSA-2024:8120", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8120" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8121", "reference_id": "RHSA-2024:8121", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8121" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8122", "reference_id": "RHSA-2024:8122", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8122" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8123", "reference_id": "RHSA-2024:8123", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8123" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8124", "reference_id": "RHSA-2024:8124", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8124" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8125", "reference_id": "RHSA-2024:8125", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8125" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8126", "reference_id": "RHSA-2024:8126", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8126" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8127", "reference_id": "RHSA-2024:8127", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8127" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8128", "reference_id": "RHSA-2024:8128", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8128" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8129", "reference_id": "RHSA-2024:8129", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8129" }, { "reference_url": "https://usn.ubuntu.com/7096-1/", "reference_id": "USN-7096-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7096-1/" }, { "reference_url": "https://usn.ubuntu.com/7097-1/", "reference_id": "USN-7097-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7097-1/" }, { "reference_url": "https://usn.ubuntu.com/7098-1/", "reference_id": "USN-7098-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7098-1/" }, { "reference_url": "https://usn.ubuntu.com/7099-1/", "reference_id": "USN-7099-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7099-1/" }, { "reference_url": "https://usn.ubuntu.com/7124-1/", "reference_id": "USN-7124-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7124-1/" }, { "reference_url": "https://usn.ubuntu.com/7338-1/", "reference_id": "USN-7338-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7338-1/" }, { "reference_url": "https://usn.ubuntu.com/7339-1/", "reference_id": "USN-7339-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7339-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/933604?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.12%2B7-2~deb11u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.12%252B7-2~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933635?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.13%2B11-1~deb11u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.13%252B11-1~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933636?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.13%2B11-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.13%252B11-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933634?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.13%2B11-2~deb12u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.13%252B11-2~deb12u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933602?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.17%252B10-1~deb12u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933605?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.19~6ea-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~6ea-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1062446?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.19~9ea-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-1%3Fdistro=sid" } ], "aliases": [ "CVE-2024-21210" ], "risk_score": 1.6, "exploitability": "0.5", "weighted_severity": "3.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-z356-tw9t-q7bp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/76843?format=api", "vulnerability_id": "VCID-zdra-bzqn-4ug9", "summary": "OpenJDK: integer overflow in C1 compiler address generation (8322122)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21068.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21068.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-21068", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0054", "scoring_system": "epss", "scoring_elements": "0.6765", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0054", "scoring_system": "epss", "scoring_elements": "0.67597", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0054", "scoring_system": "epss", "scoring_elements": "0.67575", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0054", "scoring_system": "epss", "scoring_elements": "0.67627", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0054", "scoring_system": "epss", "scoring_elements": "0.6764", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0054", "scoring_system": "epss", "scoring_elements": "0.67663", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0054", "scoring_system": "epss", "scoring_elements": "0.67648", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0054", "scoring_system": "epss", "scoring_elements": "0.67616", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0054", "scoring_system": "epss", "scoring_elements": "0.67576", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-21068" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21011", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21011" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21012", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21012" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21068", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21068" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21085", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21085" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21094", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21094" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1069678", "reference_id": "1069678", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1069678" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2275003", "reference_id": "2275003", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2275003" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm:21.3.9:*:*:*:enterprise:*:*:*", "reference_id": "cpe:2.3:a:oracle:graalvm:21.3.9:*:*:*:enterprise:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm:21.3.9:*:*:*:enterprise:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:17.0.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:graalvm_for_jdk:17.0.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:17.0.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:21.0.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:graalvm_for_jdk:21.0.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:21.0.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:22:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:graalvm_for_jdk:22:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:22:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:11.0.22:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:java_se:11.0.22:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:11.0.22:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:17.0.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:java_se:17.0.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:17.0.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:21.0.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:java_se:21.0.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:21.0.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:22:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:java_se:22:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:22:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:8u401:*:*:*:enterprise_performance:*:*:*", "reference_id": "cpe:2.3:a:oracle:java_se:8u401:*:*:*:enterprise_performance:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:8u401:*:*:*:enterprise_performance:*:*:*" }, { "reference_url": "https://www.oracle.com/security-alerts/cpuapr2024.html", "reference_id": "cpuapr2024.html", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-03T19:30:18Z/" } ], "url": "https://www.oracle.com/security-alerts/cpuapr2024.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00014.html", "reference_id": "msg00014.html", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-03T19:30:18Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00014.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20240426-0004/", "reference_id": "ntap-20240426-0004", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-03T19:30:18Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20240426-0004/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1815", "reference_id": "RHSA-2024:1815", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1815" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1816", "reference_id": "RHSA-2024:1816", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1816" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1817", "reference_id": "RHSA-2024:1817", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1817" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1818", "reference_id": "RHSA-2024:1818", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1818" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1819", "reference_id": "RHSA-2024:1819", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1819" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1820", "reference_id": "RHSA-2024:1820", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1820" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1821", "reference_id": "RHSA-2024:1821", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1821" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1822", "reference_id": "RHSA-2024:1822", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1822" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1823", "reference_id": "RHSA-2024:1823", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1823" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1824", "reference_id": "RHSA-2024:1824", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1824" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1825", "reference_id": "RHSA-2024:1825", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1825" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1826", "reference_id": "RHSA-2024:1826", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1826" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1827", "reference_id": "RHSA-2024:1827", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1827" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1828", "reference_id": "RHSA-2024:1828", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1828" }, { "reference_url": "https://usn.ubuntu.com/6810-1/", "reference_id": "USN-6810-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6810-1/" }, { "reference_url": "https://usn.ubuntu.com/6811-1/", "reference_id": "USN-6811-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6811-1/" }, { "reference_url": "https://usn.ubuntu.com/6812-1/", "reference_id": "USN-6812-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6812-1/" }, { "reference_url": "https://usn.ubuntu.com/6813-1/", "reference_id": "USN-6813-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6813-1/" }, { "reference_url": "https://usn.ubuntu.com/7096-1/", "reference_id": "USN-7096-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7096-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/933630?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.11%2B9-1~deb11u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.11%252B9-1~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933629?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.11%2B9-1~deb12u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.11%252B9-1~deb12u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933631?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.11%2B9-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.11%252B9-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933604?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.12%2B7-2~deb11u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.12%252B7-2~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933602?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.17%252B10-1~deb12u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933605?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.19~6ea-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~6ea-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1062446?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.19~9ea-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-1%3Fdistro=sid" } ], "aliases": [ "CVE-2024-21068" ], "risk_score": 1.6, "exploitability": "0.5", "weighted_severity": "3.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zdra-bzqn-4ug9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/74707?format=api", "vulnerability_id": "VCID-zgpr-3zft-zqgt", "summary": "OpenJDK: Range Check Elimination (RCE) pre-loop limit overflow (8320548)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21140.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21140.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-21140", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00568", "scoring_system": "epss", "scoring_elements": "0.68566", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00568", "scoring_system": "epss", "scoring_elements": "0.68525", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00568", "scoring_system": "epss", "scoring_elements": "0.68543", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00568", "scoring_system": "epss", "scoring_elements": "0.68569", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00568", "scoring_system": "epss", "scoring_elements": "0.68556", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00568", "scoring_system": "epss", "scoring_elements": "0.68526", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00568", "scoring_system": "epss", "scoring_elements": "0.68479", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00568", "scoring_system": "epss", "scoring_elements": "0.68498", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00568", "scoring_system": "epss", "scoring_elements": "0.68475", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-21140" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21131", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21131" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21138", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21138" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21140", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21140" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21144", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21144" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21145", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21145" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21147", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21147" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2297963", "reference_id": "2297963", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2297963" }, { "reference_url": "https://www.oracle.com/security-alerts/cpujul2024.html", "reference_id": "cpujul2024.html", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-17T13:27:50Z/" } ], "url": "https://www.oracle.com/security-alerts/cpujul2024.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20240719-0008/", "reference_id": "ntap-20240719-0008", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-17T13:27:50Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20240719-0008/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4560", "reference_id": "RHSA-2024:4560", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4560" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4561", "reference_id": "RHSA-2024:4561", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4561" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4562", "reference_id": "RHSA-2024:4562", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4562" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4563", "reference_id": "RHSA-2024:4563", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4563" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4564", "reference_id": "RHSA-2024:4564", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4564" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4565", "reference_id": "RHSA-2024:4565", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4565" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4566", "reference_id": "RHSA-2024:4566", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4566" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4567", "reference_id": "RHSA-2024:4567", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4567" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4568", "reference_id": "RHSA-2024:4568", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4568" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4569", "reference_id": "RHSA-2024:4569", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4569" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4570", "reference_id": "RHSA-2024:4570", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4570" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4571", "reference_id": "RHSA-2024:4571", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4571" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4572", "reference_id": "RHSA-2024:4572", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4572" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4573", "reference_id": "RHSA-2024:4573", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4573" }, { "reference_url": "https://usn.ubuntu.com/6929-1/", "reference_id": "USN-6929-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6929-1/" }, { "reference_url": "https://usn.ubuntu.com/6930-1/", "reference_id": "USN-6930-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6930-1/" }, { "reference_url": "https://usn.ubuntu.com/6931-1/", "reference_id": "USN-6931-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6931-1/" }, { "reference_url": "https://usn.ubuntu.com/6932-1/", "reference_id": "USN-6932-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6932-1/" }, { "reference_url": "https://usn.ubuntu.com/7096-1/", "reference_id": "USN-7096-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7096-1/" }, { "reference_url": "https://usn.ubuntu.com/7097-1/", "reference_id": "USN-7097-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7097-1/" }, { "reference_url": "https://usn.ubuntu.com/7098-1/", "reference_id": "USN-7098-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7098-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/933633?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.12%2B7-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.12%252B7-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933604?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.12%2B7-2~deb11u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.12%252B7-2~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933632?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.12%2B7-2~deb12u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.12%252B7-2~deb12u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933602?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.17%252B10-1~deb12u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933605?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.19~6ea-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~6ea-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1062446?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.19~9ea-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-1%3Fdistro=sid" } ], "aliases": [ "CVE-2024-21140" ], "risk_score": 2.1, "exploitability": "0.5", "weighted_severity": "4.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zgpr-3zft-zqgt" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/79487?format=api", "vulnerability_id": "VCID-zh9v-47ue-p7ep", "summary": "OpenJDK: Improper object-to-string conversion in AnnotationInvocationHandler (Libraries, 8277672)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21434.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21434.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-21434", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00108", "scoring_system": "epss", "scoring_elements": "0.29078", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00108", "scoring_system": "epss", "scoring_elements": "0.2911", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00108", "scoring_system": "epss", "scoring_elements": "0.29014", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00108", "scoring_system": "epss", "scoring_elements": "0.2899", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00108", "scoring_system": "epss", "scoring_elements": "0.2904", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00108", "scoring_system": "epss", "scoring_elements": "0.29084", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00108", "scoring_system": "epss", "scoring_elements": "0.29161", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00108", "scoring_system": "epss", "scoring_elements": "0.28972", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00108", "scoring_system": "epss", "scoring_elements": "0.29036", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-21434" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21426", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21426" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21434", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21434" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21443", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21443" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21449", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21449" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21476", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21476" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21496", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21496" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2075836", "reference_id": "2075836", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2075836" }, { "reference_url": "https://security.archlinux.org/AVG-2686", "reference_id": "AVG-2686", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2686" }, { "reference_url": "https://security.archlinux.org/AVG-2687", "reference_id": "AVG-2687", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2687" }, { "reference_url": "https://security.archlinux.org/AVG-2688", "reference_id": "AVG-2688", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2688" }, { "reference_url": "https://security.archlinux.org/AVG-2689", "reference_id": "AVG-2689", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2689" }, { "reference_url": "https://www.debian.org/security/2022/dsa-5128", "reference_id": "dsa-5128", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-02T19:51:37Z/" } ], "url": "https://www.debian.org/security/2022/dsa-5128" }, { "reference_url": "https://www.debian.org/security/2022/dsa-5131", "reference_id": "dsa-5131", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-02T19:51:37Z/" } ], "url": "https://www.debian.org/security/2022/dsa-5131" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2022/05/msg00017.html", "reference_id": "msg00017.html", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-02T19:51:37Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2022/05/msg00017.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20220429-0006/", "reference_id": "ntap-20220429-0006", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-02T19:51:37Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20220429-0006/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1435", "reference_id": "RHSA-2022:1435", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1435" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1436", "reference_id": "RHSA-2022:1436", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1436" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1437", "reference_id": "RHSA-2022:1437", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1437" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1438", "reference_id": "RHSA-2022:1438", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1438" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1439", "reference_id": "RHSA-2022:1439", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1439" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1440", "reference_id": "RHSA-2022:1440", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1440" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1441", "reference_id": "RHSA-2022:1441", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1441" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1442", "reference_id": "RHSA-2022:1442", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1442" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1443", "reference_id": "RHSA-2022:1443", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1443" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1444", "reference_id": "RHSA-2022:1444", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1444" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1445", "reference_id": "RHSA-2022:1445", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1445" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1487", "reference_id": "RHSA-2022:1487", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1487" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1488", "reference_id": "RHSA-2022:1488", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1488" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1489", "reference_id": "RHSA-2022:1489", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1489" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1490", "reference_id": "RHSA-2022:1490", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1490" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1491", "reference_id": "RHSA-2022:1491", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1491" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1492", "reference_id": "RHSA-2022:1492", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1492" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1728", "reference_id": "RHSA-2022:1728", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1728" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1729", "reference_id": "RHSA-2022:1729", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1729" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:2137", "reference_id": "RHSA-2022:2137", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:2137" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4957", "reference_id": "RHSA-2022:4957", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4957" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:4959", "reference_id": "RHSA-2022:4959", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:4959" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5837", "reference_id": "RHSA-2022:5837", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5837" }, { "reference_url": "https://usn.ubuntu.com/5388-1/", "reference_id": "USN-5388-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5388-1/" }, { "reference_url": "https://usn.ubuntu.com/5388-2/", "reference_id": "USN-5388-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5388-2/" }, { "reference_url": "https://usn.ubuntu.com/5546-1/", "reference_id": "USN-5546-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5546-1/" }, { "reference_url": "https://usn.ubuntu.com/5546-2/", "reference_id": "USN-5546-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5546-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/933612?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.3%2B7-1~deb11u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.3%252B7-1~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933611?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.3%2B7-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.3%252B7-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933604?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.12%2B7-2~deb11u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.12%252B7-2~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933602?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.17%252B10-1~deb12u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933605?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.19~6ea-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~6ea-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1062446?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.19~9ea-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-1%3Fdistro=sid" } ], "aliases": [ "CVE-2022-21434" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zh9v-47ue-p7ep" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/34353?format=api", "vulnerability_id": "VCID-ztx2-xh6v-nke1", "summary": "Multiple vulnerabilities have been found in OpenJDK, the worst of which could result in denial of service.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21277.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21277.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-21277", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00164", "scoring_system": "epss", "scoring_elements": "0.37445", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00164", "scoring_system": "epss", "scoring_elements": "0.3747", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00882", "scoring_system": "epss", "scoring_elements": "0.75391", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00882", "scoring_system": "epss", "scoring_elements": "0.75412", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00882", "scoring_system": "epss", "scoring_elements": "0.7539", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00882", "scoring_system": "epss", "scoring_elements": "0.75378", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00882", "scoring_system": "epss", "scoring_elements": "0.7542", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00882", "scoring_system": "epss", "scoring_elements": "0.75338", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00882", "scoring_system": "epss", "scoring_elements": "0.75382", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-21277" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21248", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21248" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21277", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21277" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21282", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21282" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21283", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21283" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21291", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21291" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21293", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21293" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21294", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21294" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21296", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21296" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21299", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21299" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21305", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21305" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21340", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21340" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21341", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21341" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21360", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21360" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21365", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21365" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21366", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21366" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2041479", "reference_id": "2041479", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2041479" }, { "reference_url": "https://security.gentoo.org/glsa/202209-05", "reference_id": "GLSA-202209-05", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202209-05" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0161", "reference_id": "RHSA-2022:0161", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0161" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0165", "reference_id": "RHSA-2022:0165", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0165" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0166", "reference_id": "RHSA-2022:0166", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0166" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0185", "reference_id": "RHSA-2022:0185", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0185" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0204", "reference_id": "RHSA-2022:0204", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0204" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0209", "reference_id": "RHSA-2022:0209", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0209" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0211", "reference_id": "RHSA-2022:0211", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0211" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0228", "reference_id": "RHSA-2022:0228", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0228" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0229", "reference_id": "RHSA-2022:0229", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0229" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0233", "reference_id": "RHSA-2022:0233", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0233" }, { "reference_url": "https://usn.ubuntu.com/5313-1/", "reference_id": "USN-5313-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5313-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/933610?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.2%2B8-1~deb11u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.2%252B8-1~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933609?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.2%2B8-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.2%252B8-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933604?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.12%2B7-2~deb11u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.12%252B7-2~deb11u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933602?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.17%252B10-1~deb12u1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/933605?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.19~6ea-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~6ea-1%3Fdistro=sid" }, { "url": "http://public2.vulnerablecode.io/api/packages/1062446?format=api", "purl": "pkg:deb/debian/openjdk-17@17.0.19~9ea-1?distro=sid", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-1%3Fdistro=sid" } ], "aliases": [ "CVE-2022-21277" ], "risk_score": 2.4, "exploitability": "0.5", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ztx2-xh6v-nke1" } ], "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.17%252B10-1~deb12u1%3Fdistro=sid" }