Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/933653?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/933653?format=api", "purl": "pkg:deb/debian/openjdk-21@21.0.11~8ea-1?distro=trixie", "type": "deb", "namespace": "debian", "name": "openjdk-21", "version": "21.0.11~8ea-1", "qualifiers": { "distro": "trixie" }, "subpath": "", "is_vulnerable": false, "next_non_vulnerable_version": "21.0.11~9ea-1", "latest_non_vulnerable_version": "21.0.11~9ea-1", "affected_by_vulnerabilities": [], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/70352?format=api", "vulnerability_id": "VCID-11vj-5zz4-6fe7", "summary": "openjdk: Enhance Buffered Image handling (Oracle CPU 2025-04)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-30698.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.6", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-30698.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-30698", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00605", "scoring_system": "epss", "scoring_elements": "0.69565", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00605", "scoring_system": "epss", "scoring_elements": "0.69621", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00605", "scoring_system": "epss", "scoring_elements": "0.69627", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00605", "scoring_system": "epss", "scoring_elements": "0.6965", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00605", "scoring_system": "epss", "scoring_elements": "0.69635", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00605", "scoring_system": "epss", "scoring_elements": "0.69581", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00605", "scoring_system": "epss", "scoring_elements": "0.6956", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00605", "scoring_system": "epss", "scoring_elements": "0.69611", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-30698" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-30698", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-30698" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103897", "reference_id": "1103897", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103897" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103898", "reference_id": "1103898", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103898" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103899", "reference_id": "1103899", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103899" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103900", "reference_id": "1103900", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103900" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2359693", "reference_id": "2359693", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2359693" }, { "reference_url": "https://www.oracle.com/security-alerts/cpuapr2025.html", "reference_id": "cpuapr2025.html", "reference_type": "", "scores": [ { "value": "5.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-16T14:13:36Z/" } ], "url": "https://www.oracle.com/security-alerts/cpuapr2025.html" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3844", "reference_id": "RHSA-2025:3844", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3844" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3845", "reference_id": "RHSA-2025:3845", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3845" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3846", "reference_id": "RHSA-2025:3846", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3846" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3847", "reference_id": "RHSA-2025:3847", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3847" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3848", "reference_id": "RHSA-2025:3848", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3848" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3849", "reference_id": "RHSA-2025:3849", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3849" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3850", "reference_id": "RHSA-2025:3850", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3850" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3852", "reference_id": "RHSA-2025:3852", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3852" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3853", "reference_id": "RHSA-2025:3853", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3853" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3854", "reference_id": "RHSA-2025:3854", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3854" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3855", "reference_id": "RHSA-2025:3855", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3855" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3856", "reference_id": "RHSA-2025:3856", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3856" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3857", "reference_id": "RHSA-2025:3857", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3857" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7508", "reference_id": "RHSA-2025:7508", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:7508" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8063", "reference_id": "RHSA-2025:8063", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8063" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8431", "reference_id": "RHSA-2025:8431", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8431" }, { "reference_url": "https://usn.ubuntu.com/7480-1/", "reference_id": "USN-7480-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7480-1/" }, { "reference_url": "https://usn.ubuntu.com/7481-1/", "reference_id": "USN-7481-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7481-1/" }, { "reference_url": "https://usn.ubuntu.com/7482-1/", "reference_id": "USN-7482-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7482-1/" }, { "reference_url": "https://usn.ubuntu.com/7483-1/", "reference_id": "USN-7483-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7483-1/" }, { "reference_url": "https://usn.ubuntu.com/7484-1/", "reference_id": "USN-7484-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7484-1/" }, { "reference_url": "https://usn.ubuntu.com/7531-1/", "reference_id": "USN-7531-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7531-1/" }, { "reference_url": "https://usn.ubuntu.com/7533-1/", "reference_id": "USN-7533-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7533-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/933660?format=api", "purl": "pkg:deb/debian/openjdk-21@21.0.7%2B6-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-21@21.0.7%252B6-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933654?format=api", "purl": "pkg:deb/debian/openjdk-21@21.0.10%2B7-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-21@21.0.10%252B7-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933651?format=api", "purl": "pkg:deb/debian/openjdk-21@21.0.11~6ea-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-21@21.0.11~6ea-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933653?format=api", "purl": "pkg:deb/debian/openjdk-21@21.0.11~8ea-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-21@21.0.11~8ea-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1062512?format=api", "purl": "pkg:deb/debian/openjdk-21@21.0.11~9ea-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-21@21.0.11~9ea-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2025-30698" ], "risk_score": 2.5, "exploitability": "0.5", "weighted_severity": "5.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-11vj-5zz4-6fe7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/66833?format=api", "vulnerability_id": "VCID-13t7-vubq-8kae", "summary": "openjdk: Enhance certificate handling (Oracle CPU 2025-10)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-53057.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-53057.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-53057", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00075", "scoring_system": "epss", "scoring_elements": "0.22702", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00075", "scoring_system": "epss", "scoring_elements": "0.22587", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00075", "scoring_system": "epss", "scoring_elements": "0.22666", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00075", "scoring_system": "epss", "scoring_elements": "0.22683", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00075", "scoring_system": "epss", "scoring_elements": "0.22642", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00075", "scoring_system": "epss", "scoring_elements": "0.22747", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00075", "scoring_system": "epss", "scoring_elements": "0.22535", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00075", "scoring_system": "epss", "scoring_elements": "0.22612", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-53057" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-53057", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-53057" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1118944", "reference_id": "1118944", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1118944" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2403082", "reference_id": "2403082", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2403082" }, { "reference_url": "https://www.oracle.com/security-alerts/cpuoct2025.html", "reference_id": "cpuoct2025.html", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-22T14:46:38Z/" } ], "url": "https://www.oracle.com/security-alerts/cpuoct2025.html" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:18814", "reference_id": "RHSA-2025:18814", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:18814" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:18815", "reference_id": "RHSA-2025:18815", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:18815" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:18816", "reference_id": "RHSA-2025:18816", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:18816" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:18817", "reference_id": "RHSA-2025:18817", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:18817" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:18818", "reference_id": "RHSA-2025:18818", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:18818" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:18819", "reference_id": "RHSA-2025:18819", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:18819" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:18820", "reference_id": "RHSA-2025:18820", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:18820" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:18821", "reference_id": "RHSA-2025:18821", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:18821" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:18822", "reference_id": "RHSA-2025:18822", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:18822" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:18823", "reference_id": "RHSA-2025:18823", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:18823" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:18824", "reference_id": "RHSA-2025:18824", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:18824" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:18825", "reference_id": "RHSA-2025:18825", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:18825" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:18826", "reference_id": "RHSA-2025:18826", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:18826" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21485", "reference_id": "RHSA-2025:21485", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21485" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22370", "reference_id": "RHSA-2025:22370", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22370" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22672", "reference_id": "RHSA-2025:22672", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22672" }, { "reference_url": "https://usn.ubuntu.com/7881-1/", "reference_id": "USN-7881-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7881-1/" }, { "reference_url": "https://usn.ubuntu.com/7882-1/", "reference_id": "USN-7882-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7882-1/" }, { "reference_url": "https://usn.ubuntu.com/7883-1/", "reference_id": "USN-7883-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7883-1/" }, { "reference_url": "https://usn.ubuntu.com/7884-1/", "reference_id": "USN-7884-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7884-1/" }, { "reference_url": "https://usn.ubuntu.com/7885-1/", "reference_id": "USN-7885-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7885-1/" }, { "reference_url": "https://usn.ubuntu.com/7900-1/", "reference_id": "USN-7900-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7900-1/" }, { "reference_url": "https://usn.ubuntu.com/7901-1/", "reference_id": "USN-7901-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7901-1/" }, { "reference_url": "https://usn.ubuntu.com/7902-1/", "reference_id": "USN-7902-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7902-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/933663?format=api", "purl": "pkg:deb/debian/openjdk-21@21.0.9%2B10-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-21@21.0.9%252B10-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933662?format=api", "purl": "pkg:deb/debian/openjdk-21@21.0.9%2B10-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-21@21.0.9%252B10-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933654?format=api", "purl": "pkg:deb/debian/openjdk-21@21.0.10%2B7-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-21@21.0.10%252B7-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933651?format=api", "purl": "pkg:deb/debian/openjdk-21@21.0.11~6ea-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-21@21.0.11~6ea-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933653?format=api", "purl": "pkg:deb/debian/openjdk-21@21.0.11~8ea-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-21@21.0.11~8ea-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1062512?format=api", "purl": "pkg:deb/debian/openjdk-21@21.0.11~9ea-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-21@21.0.11~9ea-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2025-53057" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-13t7-vubq-8kae" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/76844?format=api", "vulnerability_id": "VCID-2tju-1r8k-sbf9", "summary": "OpenJDK: C2 compilation fails with \"Exceeded _node_regs array\" (8317507)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21094.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21094.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-21094", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00417", "scoring_system": "epss", "scoring_elements": "0.61756", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00417", "scoring_system": "epss", "scoring_elements": "0.617", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00417", "scoring_system": "epss", "scoring_elements": "0.6173", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00417", "scoring_system": "epss", "scoring_elements": "0.61701", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00417", "scoring_system": "epss", "scoring_elements": "0.6175", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00417", "scoring_system": "epss", "scoring_elements": "0.61766", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00417", "scoring_system": "epss", "scoring_elements": "0.61787", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00417", "scoring_system": "epss", "scoring_elements": "0.61775", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-21094" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21011", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21011" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21012", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21012" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21068", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21068" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21085", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21085" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21094", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21094" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1069678", "reference_id": "1069678", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1069678" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2275005", "reference_id": "2275005", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2275005" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm:20.3.13:*:*:*:enterprise:*:*:*", "reference_id": "cpe:2.3:a:oracle:graalvm:20.3.13:*:*:*:enterprise:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm:20.3.13:*:*:*:enterprise:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm:21.3.9:*:*:*:enterprise:*:*:*", "reference_id": "cpe:2.3:a:oracle:graalvm:21.3.9:*:*:*:enterprise:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm:21.3.9:*:*:*:enterprise:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:17.0.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:graalvm_for_jdk:17.0.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:17.0.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:21.0.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:graalvm_for_jdk:21.0.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:21.0.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:22:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:graalvm_for_jdk:22:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:22:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:11.0.22:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:java_se:11.0.22:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:11.0.22:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:17.0.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:java_se:17.0.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:17.0.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:21.0.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:java_se:21.0.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:21.0.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:22:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:java_se:22:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:22:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:8u401:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:java_se:8u401:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:8u401:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:8u401:*:*:*:enterprise_performance:*:*:*", "reference_id": "cpe:2.3:a:oracle:java_se:8u401:*:*:*:enterprise_performance:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:8u401:*:*:*:enterprise_performance:*:*:*" }, { "reference_url": "https://www.oracle.com/security-alerts/cpuapr2024.html", "reference_id": "cpuapr2024.html", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-23T13:58:54Z/" } ], "url": "https://www.oracle.com/security-alerts/cpuapr2024.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00014.html", "reference_id": "msg00014.html", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-23T13:58:54Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00014.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20240426-0004/", "reference_id": "ntap-20240426-0004", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-23T13:58:54Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20240426-0004/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0248", "reference_id": "RHSA-2024:0248", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0248" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0249", "reference_id": "RHSA-2024:0249", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0249" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1815", "reference_id": "RHSA-2024:1815", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1815" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1816", "reference_id": "RHSA-2024:1816", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1816" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1817", "reference_id": "RHSA-2024:1817", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1817" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1818", "reference_id": "RHSA-2024:1818", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1818" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1819", "reference_id": "RHSA-2024:1819", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1819" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1820", "reference_id": "RHSA-2024:1820", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1820" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1821", "reference_id": "RHSA-2024:1821", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1821" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1822", "reference_id": "RHSA-2024:1822", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1822" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1823", "reference_id": "RHSA-2024:1823", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1823" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1824", "reference_id": "RHSA-2024:1824", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1824" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1825", "reference_id": "RHSA-2024:1825", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1825" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1826", "reference_id": "RHSA-2024:1826", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1826" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1828", "reference_id": "RHSA-2024:1828", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1828" }, { "reference_url": "https://usn.ubuntu.com/6810-1/", "reference_id": "USN-6810-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6810-1/" }, { "reference_url": "https://usn.ubuntu.com/6811-1/", "reference_id": "USN-6811-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6811-1/" }, { "reference_url": "https://usn.ubuntu.com/6812-1/", "reference_id": "USN-6812-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6812-1/" }, { "reference_url": "https://usn.ubuntu.com/6813-1/", "reference_id": "USN-6813-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6813-1/" }, { "reference_url": "https://usn.ubuntu.com/7096-1/", "reference_id": "USN-7096-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7096-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/933657?format=api", "purl": "pkg:deb/debian/openjdk-21@21.0.3%2B9-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-21@21.0.3%252B9-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933654?format=api", "purl": "pkg:deb/debian/openjdk-21@21.0.10%2B7-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-21@21.0.10%252B7-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933651?format=api", "purl": "pkg:deb/debian/openjdk-21@21.0.11~6ea-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-21@21.0.11~6ea-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933653?format=api", "purl": "pkg:deb/debian/openjdk-21@21.0.11~8ea-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-21@21.0.11~8ea-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1062512?format=api", "purl": "pkg:deb/debian/openjdk-21@21.0.11~9ea-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-21@21.0.11~9ea-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2024-21094" ], "risk_score": 1.6, "exploitability": "0.5", "weighted_severity": "3.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2tju-1r8k-sbf9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/34432?format=api", "vulnerability_id": "VCID-3tav-ffar-hfhb", "summary": "Multiple vulnerabilities have been found in IcedTea, the worst of which could result in arbitrary code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-21843.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-21843.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-21843", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00117", "scoring_system": "epss", "scoring_elements": "0.30703", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00117", "scoring_system": "epss", "scoring_elements": "0.30566", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00117", "scoring_system": "epss", "scoring_elements": "0.30561", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00117", "scoring_system": "epss", "scoring_elements": "0.30619", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00117", "scoring_system": "epss", "scoring_elements": "0.30653", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00117", "scoring_system": "epss", "scoring_elements": "0.30658", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00117", "scoring_system": "epss", "scoring_elements": "0.30613", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00117", "scoring_system": "epss", "scoring_elements": "0.3075", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-21843" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21618", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21618" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21619", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21619" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21624", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21624" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21626", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21626" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21628", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21628" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39399", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39399" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21835", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21835" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21843", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21843" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2160475", "reference_id": "2160475", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2160475" }, { "reference_url": "https://security.gentoo.org/glsa/202409-26", "reference_id": "GLSA-202409-26", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202409-26" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0190", "reference_id": "RHSA-2023:0190", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0190" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0191", "reference_id": "RHSA-2023:0191", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0191" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0192", "reference_id": "RHSA-2023:0192", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0192" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0193", "reference_id": "RHSA-2023:0193", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0193" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0194", "reference_id": "RHSA-2023:0194", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0194" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0195", "reference_id": "RHSA-2023:0195", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0195" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0196", "reference_id": "RHSA-2023:0196", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0196" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0197", "reference_id": "RHSA-2023:0197", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0197" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0198", "reference_id": "RHSA-2023:0198", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0198" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0199", "reference_id": "RHSA-2023:0199", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0199" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0200", "reference_id": "RHSA-2023:0200", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0200" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0201", "reference_id": "RHSA-2023:0201", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0201" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0202", "reference_id": "RHSA-2023:0202", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0202" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0203", "reference_id": "RHSA-2023:0203", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0203" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0204", "reference_id": "RHSA-2023:0204", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0204" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0205", "reference_id": "RHSA-2023:0205", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0205" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0206", "reference_id": "RHSA-2023:0206", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0206" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0207", "reference_id": "RHSA-2023:0207", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0207" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0208", "reference_id": "RHSA-2023:0208", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0208" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0209", "reference_id": "RHSA-2023:0209", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0209" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0210", "reference_id": "RHSA-2023:0210", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0210" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0352", "reference_id": "RHSA-2023:0352", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0352" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0353", "reference_id": "RHSA-2023:0353", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0353" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0354", "reference_id": "RHSA-2023:0354", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0354" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0387", "reference_id": "RHSA-2023:0387", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0387" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0388", "reference_id": "RHSA-2023:0388", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0388" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0389", "reference_id": "RHSA-2023:0389", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0389" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3136", "reference_id": "RHSA-2023:3136", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3136" }, { "reference_url": "https://usn.ubuntu.com/5897-1/", "reference_id": "USN-5897-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5897-1/" }, { "reference_url": "https://usn.ubuntu.com/5898-1/", "reference_id": "USN-5898-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5898-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/933652?format=api", "purl": "pkg:deb/debian/openjdk-21@21~7ea-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-21@21~7ea-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933654?format=api", "purl": "pkg:deb/debian/openjdk-21@21.0.10%2B7-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-21@21.0.10%252B7-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933651?format=api", "purl": "pkg:deb/debian/openjdk-21@21.0.11~6ea-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-21@21.0.11~6ea-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933653?format=api", "purl": "pkg:deb/debian/openjdk-21@21.0.11~8ea-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-21@21.0.11~8ea-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1062512?format=api", "purl": "pkg:deb/debian/openjdk-21@21.0.11~9ea-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-21@21.0.11~9ea-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2023-21843" ], "risk_score": 1.6, "exploitability": "0.5", "weighted_severity": "3.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3tav-ffar-hfhb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/64943?format=api", "vulnerability_id": "VCID-4snj-etwf-eqe8", "summary": "openjdk: Improve HttpServer Request handling (Oracle CPU 2026-01)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-21933.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-21933.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-21933", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00032", "scoring_system": "epss", "scoring_elements": "0.09035", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00032", "scoring_system": "epss", "scoring_elements": "0.09077", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00032", "scoring_system": "epss", "scoring_elements": "0.09121", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00032", "scoring_system": "epss", "scoring_elements": "0.09122", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00032", "scoring_system": "epss", "scoring_elements": "0.09091", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00032", "scoring_system": "epss", "scoring_elements": "0.09086", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00032", "scoring_system": "epss", "scoring_elements": "0.0901", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00032", "scoring_system": "epss", "scoring_elements": "0.0909", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-21933" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-21933", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-21933" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1126119", "reference_id": "1126119", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1126119" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2429926", "reference_id": "2429926", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2429926" }, { "reference_url": "https://www.oracle.com/security-alerts/cpujan2026.html", "reference_id": "cpujan2026.html", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-21T20:56:13Z/" } ], "url": "https://www.oracle.com/security-alerts/cpujan2026.html" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0847", "reference_id": "RHSA-2026:0847", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0847" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0848", "reference_id": "RHSA-2026:0848", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0848" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0849", "reference_id": "RHSA-2026:0849", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0849" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0895", "reference_id": "RHSA-2026:0895", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0895" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0896", "reference_id": "RHSA-2026:0896", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0896" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0897", "reference_id": "RHSA-2026:0897", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0897" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0898", "reference_id": "RHSA-2026:0898", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0898" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0899", "reference_id": "RHSA-2026:0899", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0899" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0900", "reference_id": "RHSA-2026:0900", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0900" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0901", "reference_id": "RHSA-2026:0901", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0901" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0927", "reference_id": "RHSA-2026:0927", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0927" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0928", "reference_id": "RHSA-2026:0928", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0928" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0931", "reference_id": "RHSA-2026:0931", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0931" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0932", "reference_id": "RHSA-2026:0932", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0932" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0933", "reference_id": "RHSA-2026:0933", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0933" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1606", "reference_id": "RHSA-2026:1606", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1606" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4832", "reference_id": "RHSA-2026:4832", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4832" }, { "reference_url": "https://usn.ubuntu.com/7995-1/", "reference_id": "USN-7995-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7995-1/" }, { "reference_url": "https://usn.ubuntu.com/7996-1/", "reference_id": "USN-7996-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7996-1/" }, { "reference_url": "https://usn.ubuntu.com/7997-1/", "reference_id": "USN-7997-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7997-1/" }, { "reference_url": "https://usn.ubuntu.com/7998-1/", "reference_id": "USN-7998-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7998-1/" }, { "reference_url": "https://usn.ubuntu.com/8000-1/", "reference_id": "USN-8000-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8000-1/" }, { "reference_url": "https://usn.ubuntu.com/8001-1/", "reference_id": "USN-8001-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8001-1/" }, { "reference_url": "https://usn.ubuntu.com/8002-1/", "reference_id": "USN-8002-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8002-1/" }, { "reference_url": "https://usn.ubuntu.com/8003-1/", "reference_id": "USN-8003-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8003-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/933654?format=api", "purl": "pkg:deb/debian/openjdk-21@21.0.10%2B7-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-21@21.0.10%252B7-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933664?format=api", "purl": "pkg:deb/debian/openjdk-21@21.0.10%2B7-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-21@21.0.10%252B7-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933651?format=api", "purl": "pkg:deb/debian/openjdk-21@21.0.11~6ea-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-21@21.0.11~6ea-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933653?format=api", "purl": "pkg:deb/debian/openjdk-21@21.0.11~8ea-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-21@21.0.11~8ea-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1062512?format=api", "purl": "pkg:deb/debian/openjdk-21@21.0.11~9ea-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-21@21.0.11~9ea-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-21933" ], "risk_score": 2.8, "exploitability": "0.5", "weighted_severity": "5.5", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4snj-etwf-eqe8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/74702?format=api", "vulnerability_id": "VCID-5et1-ytak-xqh7", "summary": "OpenJDK: Excessive symbol length can lead to infinite loop (8319859)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21138.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21138.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-21138", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00333", "scoring_system": "epss", "scoring_elements": "0.5617", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00333", "scoring_system": "epss", "scoring_elements": "0.56165", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00333", "scoring_system": "epss", "scoring_elements": "0.56195", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00333", "scoring_system": "epss", "scoring_elements": "0.56201", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00333", "scoring_system": "epss", "scoring_elements": "0.5621", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00333", "scoring_system": "epss", "scoring_elements": "0.56186", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00333", "scoring_system": "epss", "scoring_elements": "0.56144", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-21138" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21131", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21131" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21138", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21138" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21140", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21140" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21144", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21144" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21145", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21145" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21147", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21147" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2297962", "reference_id": "2297962", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2297962" }, { "reference_url": "https://www.oracle.com/security-alerts/cpujul2024.html", "reference_id": "cpujul2024.html", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-17T13:32:40Z/" } ], "url": "https://www.oracle.com/security-alerts/cpujul2024.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20240719-0008/", "reference_id": "ntap-20240719-0008", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-17T13:32:40Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20240719-0008/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4560", "reference_id": "RHSA-2024:4560", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4560" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4561", "reference_id": "RHSA-2024:4561", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4561" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4562", "reference_id": "RHSA-2024:4562", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4562" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4563", "reference_id": "RHSA-2024:4563", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4563" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4564", "reference_id": "RHSA-2024:4564", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4564" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4565", "reference_id": "RHSA-2024:4565", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4565" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4566", "reference_id": "RHSA-2024:4566", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4566" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4567", "reference_id": "RHSA-2024:4567", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4567" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4568", "reference_id": "RHSA-2024:4568", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4568" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4569", "reference_id": "RHSA-2024:4569", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4569" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4570", "reference_id": "RHSA-2024:4570", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4570" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4571", "reference_id": "RHSA-2024:4571", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4571" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4572", "reference_id": "RHSA-2024:4572", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4572" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4573", "reference_id": "RHSA-2024:4573", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4573" }, { "reference_url": "https://usn.ubuntu.com/6929-1/", "reference_id": "USN-6929-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6929-1/" }, { "reference_url": "https://usn.ubuntu.com/6930-1/", "reference_id": "USN-6930-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6930-1/" }, { "reference_url": "https://usn.ubuntu.com/6931-1/", "reference_id": "USN-6931-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6931-1/" }, { "reference_url": "https://usn.ubuntu.com/6932-1/", "reference_id": "USN-6932-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6932-1/" }, { "reference_url": "https://usn.ubuntu.com/7096-1/", "reference_id": "USN-7096-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7096-1/" }, { "reference_url": "https://usn.ubuntu.com/7097-1/", "reference_id": "USN-7097-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7097-1/" }, { "reference_url": "https://usn.ubuntu.com/7098-1/", "reference_id": "USN-7098-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7098-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/933657?format=api", "purl": "pkg:deb/debian/openjdk-21@21.0.3%2B9-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-21@21.0.3%252B9-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933654?format=api", "purl": "pkg:deb/debian/openjdk-21@21.0.10%2B7-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-21@21.0.10%252B7-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933651?format=api", "purl": "pkg:deb/debian/openjdk-21@21.0.11~6ea-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-21@21.0.11~6ea-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933653?format=api", "purl": "pkg:deb/debian/openjdk-21@21.0.11~8ea-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-21@21.0.11~8ea-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1062512?format=api", "purl": "pkg:deb/debian/openjdk-21@21.0.11~9ea-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-21@21.0.11~9ea-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2024-21138" ], "risk_score": 1.6, "exploitability": "0.5", "weighted_severity": "3.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5et1-ytak-xqh7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31982?format=api", "vulnerability_id": "VCID-6196-gvhx-ruh8", "summary": "Multiple vulnerabilities have been discovered in OpenJDK, the worst of which could lead to remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21235.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21235.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-21235", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00171", "scoring_system": "epss", "scoring_elements": "0.38305", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00171", "scoring_system": "epss", "scoring_elements": "0.38417", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00171", "scoring_system": "epss", "scoring_elements": "0.38441", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00171", "scoring_system": "epss", "scoring_elements": "0.38355", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00171", "scoring_system": "epss", "scoring_elements": "0.38363", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00171", "scoring_system": "epss", "scoring_elements": "0.3838", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00216", "scoring_system": "epss", "scoring_elements": "0.44159", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00216", "scoring_system": "epss", "scoring_elements": "0.44158", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-21235" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21235", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21235" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1085696", "reference_id": "1085696", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1085696" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2318534", "reference_id": "2318534", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2318534" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm:20.3.15:*:*:*:enterprise:*:*:*", "reference_id": "cpe:2.3:a:oracle:graalvm:20.3.15:*:*:*:enterprise:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm:20.3.15:*:*:*:enterprise:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm:21.3.11:*:*:*:enterprise:*:*:*", "reference_id": "cpe:2.3:a:oracle:graalvm:21.3.11:*:*:*:enterprise:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm:21.3.11:*:*:*:enterprise:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:17.0.12:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:graalvm_for_jdk:17.0.12:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:17.0.12:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:21.0.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:graalvm_for_jdk:21.0.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:21.0.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:23:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:graalvm_for_jdk:23:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:23:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:11.0.24:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:java_se:11.0.24:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:11.0.24:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:17.0.12:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:java_se:17.0.12:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:17.0.12:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:21.0.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:java_se:21.0.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:21.0.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:23:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:java_se:23:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:23:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:8u421:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:java_se:8u421:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:8u421:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:8u421:*:*:*:enterprise_performance:*:*:*", "reference_id": "cpe:2.3:a:oracle:java_se:8u421:*:*:*:enterprise_performance:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:8u421:*:*:*:enterprise_performance:*:*:*" }, { "reference_url": "https://security.gentoo.org/glsa/202412-07", "reference_id": "GLSA-202412-07", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-07" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10926", "reference_id": "RHSA-2024:10926", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10926" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8116", "reference_id": "RHSA-2024:8116", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8116" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8117", "reference_id": "RHSA-2024:8117", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8117" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8118", "reference_id": "RHSA-2024:8118", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8118" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8119", "reference_id": "RHSA-2024:8119", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8119" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8120", "reference_id": "RHSA-2024:8120", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8120" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8121", "reference_id": "RHSA-2024:8121", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8121" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8122", "reference_id": "RHSA-2024:8122", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8122" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8123", "reference_id": "RHSA-2024:8123", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8123" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8124", "reference_id": "RHSA-2024:8124", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8124" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8125", "reference_id": "RHSA-2024:8125", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8125" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8126", "reference_id": "RHSA-2024:8126", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8126" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8127", "reference_id": "RHSA-2024:8127", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8127" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8128", "reference_id": "RHSA-2024:8128", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8128" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8129", "reference_id": "RHSA-2024:8129", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8129" }, { "reference_url": "https://usn.ubuntu.com/7096-1/", "reference_id": "USN-7096-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7096-1/" }, { "reference_url": "https://usn.ubuntu.com/7097-1/", "reference_id": "USN-7097-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7097-1/" }, { "reference_url": "https://usn.ubuntu.com/7098-1/", "reference_id": "USN-7098-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7098-1/" }, { "reference_url": "https://usn.ubuntu.com/7099-1/", "reference_id": "USN-7099-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7099-1/" }, { "reference_url": "https://usn.ubuntu.com/7124-1/", "reference_id": "USN-7124-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7124-1/" }, { "reference_url": "https://usn.ubuntu.com/7338-1/", "reference_id": "USN-7338-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7338-1/" }, { "reference_url": "https://usn.ubuntu.com/7339-1/", "reference_id": "USN-7339-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7339-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/933658?format=api", "purl": "pkg:deb/debian/openjdk-21@21.0.5%2B11-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-21@21.0.5%252B11-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933654?format=api", "purl": "pkg:deb/debian/openjdk-21@21.0.10%2B7-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-21@21.0.10%252B7-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933651?format=api", "purl": "pkg:deb/debian/openjdk-21@21.0.11~6ea-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-21@21.0.11~6ea-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933653?format=api", "purl": "pkg:deb/debian/openjdk-21@21.0.11~8ea-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-21@21.0.11~8ea-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1062512?format=api", "purl": "pkg:deb/debian/openjdk-21@21.0.11~9ea-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-21@21.0.11~9ea-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2024-21235" ], "risk_score": 2.1, "exploitability": "0.5", "weighted_severity": "4.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6196-gvhx-ruh8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/74699?format=api", "vulnerability_id": "VCID-76rb-sg3r-bqce", "summary": "OpenJDK: potential UTF8 size overflow (8314794)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21131.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21131.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-21131", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00442", "scoring_system": "epss", "scoring_elements": "0.63286", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00442", "scoring_system": "epss", "scoring_elements": "0.63252", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00442", "scoring_system": "epss", "scoring_elements": "0.63303", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00442", "scoring_system": "epss", "scoring_elements": "0.63321", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00442", "scoring_system": "epss", "scoring_elements": "0.63338", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00442", "scoring_system": "epss", "scoring_elements": "0.63322", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00442", "scoring_system": "epss", "scoring_elements": "0.63258", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00442", "scoring_system": "epss", "scoring_elements": "0.63287", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-21131" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21131", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21131" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21138", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21138" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21140", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21140" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21144", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21144" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21145", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21145" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21147", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21147" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2297961", "reference_id": "2297961", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2297961" }, { "reference_url": "https://www.oracle.com/security-alerts/cpujul2024.html", "reference_id": "cpujul2024.html", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-17T13:34:16Z/" } ], "url": "https://www.oracle.com/security-alerts/cpujul2024.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20240719-0008/", "reference_id": "ntap-20240719-0008", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-17T13:34:16Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20240719-0008/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4560", "reference_id": "RHSA-2024:4560", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4560" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4561", "reference_id": "RHSA-2024:4561", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4561" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4562", "reference_id": "RHSA-2024:4562", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4562" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4563", "reference_id": "RHSA-2024:4563", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4563" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4564", "reference_id": "RHSA-2024:4564", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4564" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4565", "reference_id": "RHSA-2024:4565", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4565" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4566", "reference_id": "RHSA-2024:4566", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4566" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4567", "reference_id": "RHSA-2024:4567", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4567" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4568", "reference_id": "RHSA-2024:4568", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4568" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4569", "reference_id": "RHSA-2024:4569", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4569" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4570", "reference_id": "RHSA-2024:4570", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4570" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4571", "reference_id": "RHSA-2024:4571", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4571" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4572", "reference_id": "RHSA-2024:4572", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4572" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4573", "reference_id": "RHSA-2024:4573", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4573" }, { "reference_url": "https://usn.ubuntu.com/6929-1/", "reference_id": "USN-6929-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6929-1/" }, { "reference_url": "https://usn.ubuntu.com/6930-1/", "reference_id": "USN-6930-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6930-1/" }, { "reference_url": "https://usn.ubuntu.com/6931-1/", "reference_id": "USN-6931-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6931-1/" }, { "reference_url": "https://usn.ubuntu.com/6932-1/", "reference_id": "USN-6932-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6932-1/" }, { "reference_url": "https://usn.ubuntu.com/7096-1/", "reference_id": "USN-7096-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7096-1/" }, { "reference_url": "https://usn.ubuntu.com/7097-1/", "reference_id": "USN-7097-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7097-1/" }, { "reference_url": "https://usn.ubuntu.com/7098-1/", "reference_id": "USN-7098-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7098-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/933657?format=api", "purl": "pkg:deb/debian/openjdk-21@21.0.3%2B9-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-21@21.0.3%252B9-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933654?format=api", "purl": "pkg:deb/debian/openjdk-21@21.0.10%2B7-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-21@21.0.10%252B7-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933651?format=api", "purl": "pkg:deb/debian/openjdk-21@21.0.11~6ea-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-21@21.0.11~6ea-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933653?format=api", "purl": "pkg:deb/debian/openjdk-21@21.0.11~8ea-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-21@21.0.11~8ea-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1062512?format=api", "purl": "pkg:deb/debian/openjdk-21@21.0.11~9ea-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-21@21.0.11~9ea-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2024-21131" ], "risk_score": 1.6, "exploitability": "0.5", "weighted_severity": "3.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-76rb-sg3r-bqce" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31977?format=api", "vulnerability_id": "VCID-8cup-qnc8-wudx", "summary": "Multiple vulnerabilities have been discovered in OpenJDK, the worst of which could lead to remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-20952.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-20952.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-20952", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00324", "scoring_system": "epss", "scoring_elements": "0.55466", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00324", "scoring_system": "epss", "scoring_elements": "0.55441", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00324", "scoring_system": "epss", "scoring_elements": "0.55465", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00324", "scoring_system": "epss", "scoring_elements": "0.55444", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00324", "scoring_system": "epss", "scoring_elements": "0.55495", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00324", "scoring_system": "epss", "scoring_elements": "0.55505", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00324", "scoring_system": "epss", "scoring_elements": "0.55483", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-20952" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20918", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20918" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20919", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20919" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20921", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20921" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20926", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20926" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20932", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20932" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20945", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20945" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20952", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20952" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2257837", "reference_id": "2257837", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2257837" }, { "reference_url": "https://security.gentoo.org/glsa/202412-07", "reference_id": "GLSA-202412-07", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-07" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2024/01/msg00023.html", "reference_id": "msg00023.html", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-01-25T05:01:04Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2024/01/msg00023.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20240201-0002/", "reference_id": "ntap-20240201-0002", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-01-25T05:01:04Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20240201-0002/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0222", "reference_id": "RHSA-2024:0222", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0222" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0223", "reference_id": "RHSA-2024:0223", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0223" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0224", "reference_id": "RHSA-2024:0224", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0224" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0225", "reference_id": "RHSA-2024:0225", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0225" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0226", "reference_id": "RHSA-2024:0226", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0226" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0228", "reference_id": "RHSA-2024:0228", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0228" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0230", "reference_id": "RHSA-2024:0230", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0230" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0231", "reference_id": "RHSA-2024:0231", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0231" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0232", "reference_id": "RHSA-2024:0232", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0232" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0233", "reference_id": "RHSA-2024:0233", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0233" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0234", "reference_id": "RHSA-2024:0234", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0234" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0235", "reference_id": "RHSA-2024:0235", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0235" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0237", "reference_id": "RHSA-2024:0237", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0237" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0239", "reference_id": "RHSA-2024:0239", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0239" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0240", "reference_id": "RHSA-2024:0240", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0240" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0241", "reference_id": "RHSA-2024:0241", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0241" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0242", "reference_id": "RHSA-2024:0242", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0242" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0244", "reference_id": "RHSA-2024:0244", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0244" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0246", "reference_id": "RHSA-2024:0246", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0246" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0247", "reference_id": "RHSA-2024:0247", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0247" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0248", "reference_id": "RHSA-2024:0248", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0248" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0249", "reference_id": "RHSA-2024:0249", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0249" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0250", "reference_id": "RHSA-2024:0250", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0250" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0265", "reference_id": "RHSA-2024:0265", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0265" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0266", "reference_id": "RHSA-2024:0266", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0266" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0267", "reference_id": "RHSA-2024:0267", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0267" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1481", "reference_id": "RHSA-2024:1481", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1481" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1482", "reference_id": "RHSA-2024:1482", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1482" }, { "reference_url": "https://usn.ubuntu.com/6660-1/", "reference_id": "USN-6660-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6660-1/" }, { "reference_url": "https://usn.ubuntu.com/6661-1/", "reference_id": "USN-6661-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6661-1/" }, { "reference_url": "https://usn.ubuntu.com/6662-1/", "reference_id": "USN-6662-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6662-1/" }, { "reference_url": "https://usn.ubuntu.com/6696-1/", "reference_id": "USN-6696-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6696-1/" }, { "reference_url": "https://usn.ubuntu.com/7096-1/", "reference_id": "USN-7096-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7096-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/933656?format=api", "purl": "pkg:deb/debian/openjdk-21@21.0.2%2B13-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-21@21.0.2%252B13-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933654?format=api", "purl": "pkg:deb/debian/openjdk-21@21.0.10%2B7-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-21@21.0.10%252B7-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933651?format=api", "purl": "pkg:deb/debian/openjdk-21@21.0.11~6ea-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-21@21.0.11~6ea-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933653?format=api", "purl": "pkg:deb/debian/openjdk-21@21.0.11~8ea-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-21@21.0.11~8ea-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1062512?format=api", "purl": "pkg:deb/debian/openjdk-21@21.0.11~9ea-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-21@21.0.11~9ea-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2024-20952" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.7", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8cup-qnc8-wudx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31980?format=api", "vulnerability_id": "VCID-9n5v-4daz-eyc2", "summary": "Multiple vulnerabilities have been discovered in OpenJDK, the worst of which could lead to remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21217.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21217.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-21217", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00096", "scoring_system": "epss", "scoring_elements": "0.26611", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00096", "scoring_system": "epss", "scoring_elements": "0.26708", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00096", "scoring_system": "epss", "scoring_elements": "0.26713", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00096", "scoring_system": "epss", "scoring_elements": "0.26668", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00096", "scoring_system": "epss", "scoring_elements": "0.26767", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00096", "scoring_system": "epss", "scoring_elements": "0.26807", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00096", "scoring_system": "epss", "scoring_elements": "0.26591", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00096", "scoring_system": "epss", "scoring_elements": "0.26658", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-21217" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21217", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21217" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1085696", "reference_id": "1085696", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1085696" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2318530", "reference_id": "2318530", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2318530" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm:20.3.15:*:*:*:enterprise:*:*:*", "reference_id": "cpe:2.3:a:oracle:graalvm:20.3.15:*:*:*:enterprise:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm:20.3.15:*:*:*:enterprise:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm:21.3.11:*:*:*:enterprise:*:*:*", "reference_id": "cpe:2.3:a:oracle:graalvm:21.3.11:*:*:*:enterprise:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm:21.3.11:*:*:*:enterprise:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:17.0.12:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:graalvm_for_jdk:17.0.12:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:17.0.12:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:21.0.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:graalvm_for_jdk:21.0.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:21.0.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:23:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:graalvm_for_jdk:23:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:23:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:11.0.24:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:java_se:11.0.24:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:11.0.24:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:17.0.12:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:java_se:17.0.12:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:17.0.12:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:21.0.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:java_se:21.0.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:21.0.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:23:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:java_se:23:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:23:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:8u421:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:java_se:8u421:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:8u421:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:8u421:*:*:*:enterprise_performance:*:*:*", "reference_id": "cpe:2.3:a:oracle:java_se:8u421:*:*:*:enterprise_performance:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:8u421:*:*:*:enterprise_performance:*:*:*" }, { "reference_url": "https://security.gentoo.org/glsa/202412-07", "reference_id": "GLSA-202412-07", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-07" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10926", "reference_id": "RHSA-2024:10926", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10926" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8116", "reference_id": "RHSA-2024:8116", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8116" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8117", "reference_id": "RHSA-2024:8117", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8117" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8118", "reference_id": "RHSA-2024:8118", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8118" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8119", "reference_id": "RHSA-2024:8119", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8119" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8120", "reference_id": "RHSA-2024:8120", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8120" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8121", "reference_id": "RHSA-2024:8121", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8121" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8122", "reference_id": "RHSA-2024:8122", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8122" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8123", "reference_id": "RHSA-2024:8123", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8123" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8124", "reference_id": "RHSA-2024:8124", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8124" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8125", "reference_id": "RHSA-2024:8125", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8125" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8126", "reference_id": "RHSA-2024:8126", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8126" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8127", "reference_id": "RHSA-2024:8127", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8127" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8128", "reference_id": "RHSA-2024:8128", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8128" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8129", "reference_id": "RHSA-2024:8129", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8129" }, { "reference_url": "https://usn.ubuntu.com/7096-1/", "reference_id": "USN-7096-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7096-1/" }, { "reference_url": "https://usn.ubuntu.com/7097-1/", "reference_id": "USN-7097-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7097-1/" }, { "reference_url": "https://usn.ubuntu.com/7098-1/", "reference_id": "USN-7098-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7098-1/" }, { "reference_url": "https://usn.ubuntu.com/7099-1/", "reference_id": "USN-7099-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7099-1/" }, { "reference_url": "https://usn.ubuntu.com/7124-1/", "reference_id": "USN-7124-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7124-1/" }, { "reference_url": "https://usn.ubuntu.com/7338-1/", "reference_id": "USN-7338-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7338-1/" }, { "reference_url": "https://usn.ubuntu.com/7339-1/", "reference_id": "USN-7339-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7339-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/933658?format=api", "purl": "pkg:deb/debian/openjdk-21@21.0.5%2B11-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-21@21.0.5%252B11-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933654?format=api", "purl": "pkg:deb/debian/openjdk-21@21.0.10%2B7-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-21@21.0.10%252B7-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933651?format=api", "purl": "pkg:deb/debian/openjdk-21@21.0.11~6ea-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-21@21.0.11~6ea-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933653?format=api", "purl": "pkg:deb/debian/openjdk-21@21.0.11~8ea-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-21@21.0.11~8ea-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1062512?format=api", "purl": "pkg:deb/debian/openjdk-21@21.0.11~9ea-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-21@21.0.11~9ea-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2024-21217" ], "risk_score": 1.6, "exploitability": "0.5", "weighted_severity": "3.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-9n5v-4daz-eyc2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/76841?format=api", "vulnerability_id": "VCID-9urr-3gt2-mfhe", "summary": "OpenJDK: long Exception message leading to crash (8319851)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21011.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21011.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-21011", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00339", "scoring_system": "epss", "scoring_elements": "0.567", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00339", "scoring_system": "epss", "scoring_elements": "0.5668", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00339", "scoring_system": "epss", "scoring_elements": "0.56701", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00339", "scoring_system": "epss", "scoring_elements": "0.56732", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00339", "scoring_system": "epss", "scoring_elements": "0.56736", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00339", "scoring_system": "epss", "scoring_elements": "0.56745", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00339", "scoring_system": "epss", "scoring_elements": "0.56721", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-21011" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21011", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21011" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21012", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21012" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21068", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21068" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21085", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21085" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21094", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21094" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1069678", "reference_id": "1069678", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1069678" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2274977", "reference_id": "2274977", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2274977" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm:20.3.13:*:*:*:enterprise:*:*:*", "reference_id": "cpe:2.3:a:oracle:graalvm:20.3.13:*:*:*:enterprise:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm:20.3.13:*:*:*:enterprise:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm:21.3.9:*:*:*:enterprise:*:*:*", "reference_id": "cpe:2.3:a:oracle:graalvm:21.3.9:*:*:*:enterprise:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm:21.3.9:*:*:*:enterprise:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:17.0.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:graalvm_for_jdk:17.0.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:17.0.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:21.0.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:graalvm_for_jdk:21.0.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:21.0.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:22:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:graalvm_for_jdk:22:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:22:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:11.0.22:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:java_se:11.0.22:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:11.0.22:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:17.0.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:java_se:17.0.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:17.0.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:21.0.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:java_se:21.0.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:21.0.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:22:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:java_se:22:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:22:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:8u401:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:java_se:8u401:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:8u401:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:8u401:*:*:*:enterprise_performance:*:*:*", "reference_id": "cpe:2.3:a:oracle:java_se:8u401:*:*:*:enterprise_performance:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:8u401:*:*:*:enterprise_performance:*:*:*" }, { "reference_url": "https://www.oracle.com/security-alerts/cpuapr2024.html", "reference_id": "cpuapr2024.html", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-26T15:16:14Z/" } ], "url": "https://www.oracle.com/security-alerts/cpuapr2024.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00014.html", "reference_id": "msg00014.html", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-26T15:16:14Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00014.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20240426-0004/", "reference_id": "ntap-20240426-0004", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-26T15:16:14Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20240426-0004/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1815", "reference_id": "RHSA-2024:1815", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1815" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1816", "reference_id": "RHSA-2024:1816", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1816" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1817", "reference_id": "RHSA-2024:1817", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1817" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1818", "reference_id": "RHSA-2024:1818", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1818" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1819", "reference_id": "RHSA-2024:1819", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1819" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1820", "reference_id": "RHSA-2024:1820", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1820" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1821", "reference_id": "RHSA-2024:1821", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1821" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1822", "reference_id": "RHSA-2024:1822", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1822" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1823", "reference_id": "RHSA-2024:1823", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1823" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1824", "reference_id": "RHSA-2024:1824", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1824" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1825", "reference_id": "RHSA-2024:1825", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1825" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1826", "reference_id": "RHSA-2024:1826", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1826" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1827", "reference_id": "RHSA-2024:1827", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1827" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1828", "reference_id": "RHSA-2024:1828", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1828" }, { "reference_url": "https://usn.ubuntu.com/6810-1/", "reference_id": "USN-6810-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6810-1/" }, { "reference_url": "https://usn.ubuntu.com/6811-1/", "reference_id": "USN-6811-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6811-1/" }, { "reference_url": "https://usn.ubuntu.com/6812-1/", "reference_id": "USN-6812-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6812-1/" }, { "reference_url": "https://usn.ubuntu.com/6813-1/", "reference_id": "USN-6813-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6813-1/" }, { "reference_url": "https://usn.ubuntu.com/7096-1/", "reference_id": "USN-7096-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7096-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/933657?format=api", "purl": "pkg:deb/debian/openjdk-21@21.0.3%2B9-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-21@21.0.3%252B9-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933654?format=api", "purl": "pkg:deb/debian/openjdk-21@21.0.10%2B7-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-21@21.0.10%252B7-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933651?format=api", "purl": "pkg:deb/debian/openjdk-21@21.0.11~6ea-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-21@21.0.11~6ea-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933653?format=api", "purl": "pkg:deb/debian/openjdk-21@21.0.11~8ea-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-21@21.0.11~8ea-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1062512?format=api", "purl": "pkg:deb/debian/openjdk-21@21.0.11~9ea-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-21@21.0.11~9ea-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2024-21011" ], "risk_score": 1.6, "exploitability": "0.5", "weighted_severity": "3.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-9urr-3gt2-mfhe" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31968?format=api", "vulnerability_id": "VCID-a282-ksr4-j3cu", "summary": "Multiple vulnerabilities have been discovered in OpenJDK, the worst of which could lead to remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-22081.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-22081.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-22081", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00097", "scoring_system": "epss", "scoring_elements": "0.26809", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00097", "scoring_system": "epss", "scoring_elements": "0.26849", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00097", "scoring_system": "epss", "scoring_elements": "0.26634", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00097", "scoring_system": "epss", "scoring_elements": "0.26702", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00097", "scoring_system": "epss", "scoring_elements": "0.26753", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00097", "scoring_system": "epss", "scoring_elements": "0.26756", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00097", "scoring_system": "epss", "scoring_elements": "0.26712", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00097", "scoring_system": "epss", "scoring_elements": "0.26655", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-22081" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22025", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22025" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22081", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22081" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243627", "reference_id": "2243627", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243627" }, { "reference_url": "https://security.gentoo.org/glsa/202412-07", "reference_id": "GLSA-202412-07", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-07" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5725", "reference_id": "RHSA-2023:5725", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5725" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5726", "reference_id": "RHSA-2023:5726", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5726" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5727", "reference_id": "RHSA-2023:5727", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5727" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5728", "reference_id": "RHSA-2023:5728", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5728" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5729", "reference_id": "RHSA-2023:5729", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5729" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5730", "reference_id": "RHSA-2023:5730", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5730" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5731", "reference_id": "RHSA-2023:5731", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5731" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5732", "reference_id": "RHSA-2023:5732", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5732" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5733", "reference_id": "RHSA-2023:5733", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5733" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5734", "reference_id": "RHSA-2023:5734", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5734" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5735", "reference_id": "RHSA-2023:5735", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5735" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5736", "reference_id": "RHSA-2023:5736", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5736" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5737", "reference_id": "RHSA-2023:5737", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5737" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5739", "reference_id": "RHSA-2023:5739", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5739" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5740", "reference_id": "RHSA-2023:5740", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5740" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5741", "reference_id": "RHSA-2023:5741", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5741" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5742", "reference_id": "RHSA-2023:5742", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5742" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5743", "reference_id": "RHSA-2023:5743", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5743" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5744", "reference_id": "RHSA-2023:5744", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5744" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5745", "reference_id": "RHSA-2023:5745", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5745" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5746", "reference_id": "RHSA-2023:5746", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5746" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5747", "reference_id": "RHSA-2023:5747", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5747" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5750", "reference_id": "RHSA-2023:5750", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5750" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5751", "reference_id": "RHSA-2023:5751", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5751" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5752", "reference_id": "RHSA-2023:5752", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5752" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5753", "reference_id": "RHSA-2023:5753", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5753" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5761", "reference_id": "RHSA-2023:5761", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5761" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6738", "reference_id": "RHSA-2023:6738", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6738" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6887", "reference_id": "RHSA-2023:6887", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6887" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0866", "reference_id": "RHSA-2024:0866", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0866" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0879", "reference_id": "RHSA-2024:0879", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0879" }, { "reference_url": "https://usn.ubuntu.com/6527-1/", "reference_id": "USN-6527-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6527-1/" }, { "reference_url": "https://usn.ubuntu.com/6528-1/", "reference_id": "USN-6528-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6528-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/933655?format=api", "purl": "pkg:deb/debian/openjdk-21@21.0.1%2B12-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-21@21.0.1%252B12-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933654?format=api", "purl": "pkg:deb/debian/openjdk-21@21.0.10%2B7-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-21@21.0.10%252B7-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933651?format=api", "purl": "pkg:deb/debian/openjdk-21@21.0.11~6ea-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-21@21.0.11~6ea-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933653?format=api", "purl": "pkg:deb/debian/openjdk-21@21.0.11~8ea-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-21@21.0.11~8ea-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1062512?format=api", "purl": "pkg:deb/debian/openjdk-21@21.0.11~9ea-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-21@21.0.11~9ea-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2023-22081" ], "risk_score": 2.4, "exploitability": "0.5", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-a282-ksr4-j3cu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/34431?format=api", "vulnerability_id": "VCID-a3xk-3wya-s3gm", "summary": "Multiple vulnerabilities have been found in IcedTea, the worst of which could result in arbitrary code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-21835.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-21835.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-21835", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00077", "scoring_system": "epss", "scoring_elements": "0.23206", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00077", "scoring_system": "epss", "scoring_elements": "0.2325", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00077", "scoring_system": "epss", "scoring_elements": "0.23039", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00077", "scoring_system": "epss", "scoring_elements": "0.23112", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00077", "scoring_system": "epss", "scoring_elements": "0.23165", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00077", "scoring_system": "epss", "scoring_elements": "0.23185", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00077", "scoring_system": "epss", "scoring_elements": "0.23147", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00077", "scoring_system": "epss", "scoring_elements": "0.23089", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-21835" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21618", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21618" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21619", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21619" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21624", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21624" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21626", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21626" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21628", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21628" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39399", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39399" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21835", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21835" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21843", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21843" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2160421", "reference_id": "2160421", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2160421" }, { "reference_url": "https://security.gentoo.org/glsa/202409-26", "reference_id": "GLSA-202409-26", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202409-26" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0190", "reference_id": "RHSA-2023:0190", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0190" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0191", "reference_id": "RHSA-2023:0191", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0191" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0192", "reference_id": "RHSA-2023:0192", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0192" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0193", "reference_id": "RHSA-2023:0193", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0193" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0194", "reference_id": "RHSA-2023:0194", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0194" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0195", "reference_id": "RHSA-2023:0195", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0195" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0196", "reference_id": "RHSA-2023:0196", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0196" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0197", "reference_id": "RHSA-2023:0197", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0197" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0198", "reference_id": "RHSA-2023:0198", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0198" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0199", "reference_id": "RHSA-2023:0199", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0199" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0200", "reference_id": "RHSA-2023:0200", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0200" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0201", "reference_id": "RHSA-2023:0201", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0201" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0202", "reference_id": "RHSA-2023:0202", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0202" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0352", "reference_id": "RHSA-2023:0352", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0352" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0353", "reference_id": "RHSA-2023:0353", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0353" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0388", "reference_id": "RHSA-2023:0388", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0388" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0389", "reference_id": "RHSA-2023:0389", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0389" }, { "reference_url": "https://usn.ubuntu.com/5897-1/", "reference_id": "USN-5897-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5897-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/933652?format=api", "purl": "pkg:deb/debian/openjdk-21@21~7ea-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-21@21~7ea-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933654?format=api", "purl": "pkg:deb/debian/openjdk-21@21.0.10%2B7-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-21@21.0.10%252B7-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933651?format=api", "purl": "pkg:deb/debian/openjdk-21@21.0.11~6ea-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-21@21.0.11~6ea-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933653?format=api", "purl": "pkg:deb/debian/openjdk-21@21.0.11~8ea-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-21@21.0.11~8ea-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1062512?format=api", "purl": "pkg:deb/debian/openjdk-21@21.0.11~9ea-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-21@21.0.11~9ea-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2023-21835" ], "risk_score": 2.4, "exploitability": "0.5", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-a3xk-3wya-s3gm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/64944?format=api", "vulnerability_id": "VCID-apsn-z1br-3bdy", "summary": "openjdk: Enhance Certificate Checking (Oracle CPU 2026-01)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-21945.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-21945.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-21945", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00053", "scoring_system": "epss", "scoring_elements": "0.16874", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00053", "scoring_system": "epss", "scoring_elements": "0.16728", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00053", "scoring_system": "epss", "scoring_elements": "0.16854", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00053", "scoring_system": "epss", "scoring_elements": "0.16832", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00053", "scoring_system": "epss", "scoring_elements": "0.16786", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00053", "scoring_system": "epss", "scoring_elements": "0.1693", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00053", "scoring_system": "epss", "scoring_elements": "0.16714", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00053", "scoring_system": "epss", "scoring_elements": "0.16799", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-21945" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-21945", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-21945" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1126119", "reference_id": "1126119", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1126119" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2429927", "reference_id": "2429927", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2429927" }, { "reference_url": "https://www.oracle.com/security-alerts/cpujan2026.html", "reference_id": "cpujan2026.html", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-01-21T15:04:39Z/" } ], "url": "https://www.oracle.com/security-alerts/cpujan2026.html" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0847", "reference_id": "RHSA-2026:0847", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0847" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0848", "reference_id": "RHSA-2026:0848", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0848" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0849", "reference_id": "RHSA-2026:0849", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0849" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0895", "reference_id": "RHSA-2026:0895", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0895" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0896", "reference_id": "RHSA-2026:0896", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0896" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0897", "reference_id": "RHSA-2026:0897", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0897" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0898", "reference_id": "RHSA-2026:0898", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0898" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0899", "reference_id": "RHSA-2026:0899", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0899" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0900", "reference_id": "RHSA-2026:0900", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0900" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0901", "reference_id": "RHSA-2026:0901", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0901" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0927", "reference_id": "RHSA-2026:0927", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0927" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0928", "reference_id": "RHSA-2026:0928", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0928" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0931", "reference_id": "RHSA-2026:0931", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0931" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0932", "reference_id": "RHSA-2026:0932", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0932" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0933", "reference_id": "RHSA-2026:0933", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0933" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1606", "reference_id": "RHSA-2026:1606", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1606" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4832", "reference_id": "RHSA-2026:4832", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4832" }, { "reference_url": "https://usn.ubuntu.com/7995-1/", "reference_id": "USN-7995-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7995-1/" }, { "reference_url": "https://usn.ubuntu.com/7996-1/", "reference_id": "USN-7996-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7996-1/" }, { "reference_url": "https://usn.ubuntu.com/7997-1/", "reference_id": "USN-7997-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7997-1/" }, { "reference_url": "https://usn.ubuntu.com/7998-1/", "reference_id": "USN-7998-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7998-1/" }, { "reference_url": "https://usn.ubuntu.com/8000-1/", "reference_id": "USN-8000-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8000-1/" }, { "reference_url": "https://usn.ubuntu.com/8001-1/", "reference_id": "USN-8001-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8001-1/" }, { "reference_url": "https://usn.ubuntu.com/8002-1/", "reference_id": "USN-8002-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8002-1/" }, { "reference_url": "https://usn.ubuntu.com/8003-1/", "reference_id": "USN-8003-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8003-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/933654?format=api", "purl": "pkg:deb/debian/openjdk-21@21.0.10%2B7-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-21@21.0.10%252B7-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933664?format=api", "purl": "pkg:deb/debian/openjdk-21@21.0.10%2B7-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-21@21.0.10%252B7-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933651?format=api", "purl": "pkg:deb/debian/openjdk-21@21.0.11~6ea-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-21@21.0.11~6ea-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933653?format=api", "purl": "pkg:deb/debian/openjdk-21@21.0.11~8ea-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-21@21.0.11~8ea-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1062512?format=api", "purl": "pkg:deb/debian/openjdk-21@21.0.11~9ea-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-21@21.0.11~9ea-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-21945" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-apsn-z1br-3bdy" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/68623?format=api", "vulnerability_id": "VCID-b32x-4pu4-jkh4", "summary": "openjdk: Better Glyph drawing (Oracle CPU 2025-07)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-30749.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-30749.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-30749", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00508", "scoring_system": "epss", "scoring_elements": "0.6625", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00508", "scoring_system": "epss", "scoring_elements": "0.66247", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00508", "scoring_system": "epss", "scoring_elements": "0.66277", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00508", "scoring_system": "epss", "scoring_elements": "0.66294", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00508", "scoring_system": "epss", "scoring_elements": "0.66307", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00672", "scoring_system": "epss", "scoring_elements": "0.71372", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00672", "scoring_system": "epss", "scoring_elements": "0.71355", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00672", "scoring_system": "epss", "scoring_elements": "0.71388", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-30749" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-30749", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-30749" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2376783", "reference_id": "2376783", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2376783" }, { "reference_url": "https://www.oracle.com/security-alerts/cpujul2025.html", "reference_id": "cpujul2025.html", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-07-15T20:23:21Z/" } ], "url": "https://www.oracle.com/security-alerts/cpujul2025.html" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10861", "reference_id": "RHSA-2025:10861", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10861" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10862", "reference_id": "RHSA-2025:10862", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10862" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10863", "reference_id": "RHSA-2025:10863", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10863" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10864", "reference_id": "RHSA-2025:10864", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10864" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10865", "reference_id": "RHSA-2025:10865", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10865" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10866", "reference_id": "RHSA-2025:10866", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10866" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10867", "reference_id": "RHSA-2025:10867", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10867" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10868", "reference_id": "RHSA-2025:10868", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10868" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10869", "reference_id": "RHSA-2025:10869", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10869" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10870", "reference_id": "RHSA-2025:10870", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10870" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10873", "reference_id": "RHSA-2025:10873", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10873" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10874", "reference_id": "RHSA-2025:10874", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10874" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10875", "reference_id": "RHSA-2025:10875", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10875" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:13656", "reference_id": "RHSA-2025:13656", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:13656" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:13675", "reference_id": "RHSA-2025:13675", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:13675" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0934", "reference_id": "RHSA-2026:0934", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0934" }, { "reference_url": "https://usn.ubuntu.com/7667-1/", "reference_id": "USN-7667-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7667-1/" }, { "reference_url": "https://usn.ubuntu.com/7668-1/", "reference_id": "USN-7668-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7668-1/" }, { "reference_url": "https://usn.ubuntu.com/7669-1/", "reference_id": "USN-7669-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7669-1/" }, { "reference_url": "https://usn.ubuntu.com/7672-1/", "reference_id": "USN-7672-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7672-1/" }, { "reference_url": "https://usn.ubuntu.com/7673-1/", "reference_id": "USN-7673-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7673-1/" }, { "reference_url": "https://usn.ubuntu.com/7674-1/", "reference_id": "USN-7674-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7674-1/" }, { "reference_url": "https://usn.ubuntu.com/7690-1/", "reference_id": "USN-7690-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7690-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/933661?format=api", "purl": "pkg:deb/debian/openjdk-21@21.0.8%2B9-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-21@21.0.8%252B9-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933654?format=api", "purl": "pkg:deb/debian/openjdk-21@21.0.10%2B7-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-21@21.0.10%252B7-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933651?format=api", "purl": "pkg:deb/debian/openjdk-21@21.0.11~6ea-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-21@21.0.11~6ea-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933653?format=api", "purl": "pkg:deb/debian/openjdk-21@21.0.11~8ea-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-21@21.0.11~8ea-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1062512?format=api", "purl": "pkg:deb/debian/openjdk-21@21.0.11~9ea-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-21@21.0.11~9ea-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2025-30749" ], "risk_score": 3.6, "exploitability": "0.5", "weighted_severity": "7.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-b32x-4pu4-jkh4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/64942?format=api", "vulnerability_id": "VCID-duy9-6f1p-vqah", "summary": "openjdk: Enhance Handling of URIs (Oracle CPU 2026-01)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-21932.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-21932.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-21932", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00032", "scoring_system": "epss", "scoring_elements": "0.09259", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00032", "scoring_system": "epss", "scoring_elements": "0.09314", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00032", "scoring_system": "epss", "scoring_elements": "0.09346", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00032", "scoring_system": "epss", "scoring_elements": "0.09356", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00032", "scoring_system": "epss", "scoring_elements": "0.09328", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00032", "scoring_system": "epss", "scoring_elements": "0.0931", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00032", "scoring_system": "epss", "scoring_elements": "0.09227", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00032", "scoring_system": "epss", "scoring_elements": "0.09302", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-21932" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-21932", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-21932" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1126119", "reference_id": "1126119", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1126119" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2429925", "reference_id": "2429925", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2429925" }, { "reference_url": "https://www.oracle.com/security-alerts/cpujan2026.html", "reference_id": "cpujan2026.html", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-21T20:55:36Z/" } ], "url": "https://www.oracle.com/security-alerts/cpujan2026.html" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0849", "reference_id": "RHSA-2026:0849", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0849" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0896", "reference_id": "RHSA-2026:0896", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0896" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0898", "reference_id": "RHSA-2026:0898", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0898" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0900", "reference_id": "RHSA-2026:0900", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0900" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1606", "reference_id": "RHSA-2026:1606", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1606" }, { "reference_url": "https://usn.ubuntu.com/7995-1/", "reference_id": "USN-7995-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7995-1/" }, { "reference_url": "https://usn.ubuntu.com/7996-1/", "reference_id": "USN-7996-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7996-1/" }, { "reference_url": "https://usn.ubuntu.com/7997-1/", "reference_id": "USN-7997-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7997-1/" }, { "reference_url": "https://usn.ubuntu.com/7998-1/", "reference_id": "USN-7998-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7998-1/" }, { "reference_url": "https://usn.ubuntu.com/8000-1/", "reference_id": "USN-8000-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8000-1/" }, { "reference_url": "https://usn.ubuntu.com/8001-1/", "reference_id": "USN-8001-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8001-1/" }, { "reference_url": "https://usn.ubuntu.com/8002-1/", "reference_id": "USN-8002-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8002-1/" }, { "reference_url": "https://usn.ubuntu.com/8003-1/", "reference_id": "USN-8003-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8003-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/933654?format=api", "purl": "pkg:deb/debian/openjdk-21@21.0.10%2B7-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-21@21.0.10%252B7-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933664?format=api", "purl": "pkg:deb/debian/openjdk-21@21.0.10%2B7-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-21@21.0.10%252B7-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933651?format=api", "purl": "pkg:deb/debian/openjdk-21@21.0.11~6ea-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-21@21.0.11~6ea-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933653?format=api", "purl": "pkg:deb/debian/openjdk-21@21.0.11~8ea-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-21@21.0.11~8ea-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1062512?format=api", "purl": "pkg:deb/debian/openjdk-21@21.0.11~9ea-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-21@21.0.11~9ea-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-21932" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.7", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-duy9-6f1p-vqah" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/68625?format=api", "vulnerability_id": "VCID-e6dm-6767-9kdk", "summary": "openjdk: Improve HTTP client header handling (Oracle CPU 2025-07)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-50059.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.6", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-50059.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-50059", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00128", "scoring_system": "epss", "scoring_elements": "0.32274", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00128", "scoring_system": "epss", "scoring_elements": "0.32136", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00128", "scoring_system": "epss", "scoring_elements": "0.32311", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00128", "scoring_system": "epss", "scoring_elements": "0.32185", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00128", "scoring_system": "epss", "scoring_elements": "0.32212", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00131", "scoring_system": "epss", "scoring_elements": "0.32631", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00131", "scoring_system": "epss", "scoring_elements": "0.32603", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00131", "scoring_system": "epss", "scoring_elements": "0.32669", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-50059" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-50059", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-50059" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2376785", "reference_id": "2376785", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2376785" }, { "reference_url": "https://www.oracle.com/security-alerts/cpujul2025.html", "reference_id": "cpujul2025.html", "reference_type": "", "scores": [ { "value": "8.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-07-16T14:42:42Z/" } ], "url": "https://www.oracle.com/security-alerts/cpujul2025.html" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10865", "reference_id": "RHSA-2025:10865", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10865" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10866", "reference_id": "RHSA-2025:10866", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10866" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10867", "reference_id": "RHSA-2025:10867", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10867" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10868", "reference_id": "RHSA-2025:10868", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10868" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10869", "reference_id": "RHSA-2025:10869", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10869" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10870", "reference_id": "RHSA-2025:10870", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10870" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10873", "reference_id": "RHSA-2025:10873", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10873" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10874", "reference_id": "RHSA-2025:10874", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10874" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10875", "reference_id": "RHSA-2025:10875", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10875" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:13656", "reference_id": "RHSA-2025:13656", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:13656" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0934", "reference_id": "RHSA-2026:0934", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0934" }, { "reference_url": "https://usn.ubuntu.com/7668-1/", "reference_id": "USN-7668-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7668-1/" }, { "reference_url": "https://usn.ubuntu.com/7669-1/", "reference_id": "USN-7669-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7669-1/" }, { "reference_url": "https://usn.ubuntu.com/7672-1/", "reference_id": "USN-7672-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7672-1/" }, { "reference_url": "https://usn.ubuntu.com/7673-1/", "reference_id": "USN-7673-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7673-1/" }, { "reference_url": "https://usn.ubuntu.com/7674-1/", "reference_id": "USN-7674-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7674-1/" }, { "reference_url": "https://usn.ubuntu.com/7690-1/", "reference_id": "USN-7690-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7690-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/933661?format=api", "purl": "pkg:deb/debian/openjdk-21@21.0.8%2B9-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-21@21.0.8%252B9-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933654?format=api", "purl": "pkg:deb/debian/openjdk-21@21.0.10%2B7-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-21@21.0.10%252B7-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933651?format=api", "purl": "pkg:deb/debian/openjdk-21@21.0.11~6ea-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-21@21.0.11~6ea-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933653?format=api", "purl": "pkg:deb/debian/openjdk-21@21.0.11~8ea-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-21@21.0.11~8ea-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1062512?format=api", "purl": "pkg:deb/debian/openjdk-21@21.0.11~9ea-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-21@21.0.11~9ea-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2025-50059" ], "risk_score": 3.9, "exploitability": "0.5", "weighted_severity": "7.7", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-e6dm-6767-9kdk" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/34430?format=api", "vulnerability_id": "VCID-ecr4-rqud-gyhf", "summary": "Multiple vulnerabilities have been found in IcedTea, the worst of which could result in arbitrary code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-21830.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-21830.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-21830", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00126", "scoring_system": "epss", "scoring_elements": "0.3205", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00126", "scoring_system": "epss", "scoring_elements": "0.3209", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00126", "scoring_system": "epss", "scoring_elements": "0.31913", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00126", "scoring_system": "epss", "scoring_elements": "0.31964", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00126", "scoring_system": "epss", "scoring_elements": "0.31993", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00126", "scoring_system": "epss", "scoring_elements": "0.31997", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00126", "scoring_system": "epss", "scoring_elements": "0.31957", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00126", "scoring_system": "epss", "scoring_elements": "0.31923", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-21830" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2160490", "reference_id": "2160490", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2160490" }, { "reference_url": "https://security.gentoo.org/glsa/202409-26", "reference_id": "GLSA-202409-26", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202409-26" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0203", "reference_id": "RHSA-2023:0203", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0203" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0204", "reference_id": "RHSA-2023:0204", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0204" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0205", "reference_id": "RHSA-2023:0205", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0205" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0206", "reference_id": "RHSA-2023:0206", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0206" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0207", "reference_id": "RHSA-2023:0207", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0207" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0208", "reference_id": "RHSA-2023:0208", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0208" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0209", "reference_id": "RHSA-2023:0209", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0209" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0210", "reference_id": "RHSA-2023:0210", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0210" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0354", "reference_id": "RHSA-2023:0354", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0354" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0387", "reference_id": "RHSA-2023:0387", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0387" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3136", "reference_id": "RHSA-2023:3136", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3136" }, { "reference_url": "https://usn.ubuntu.com/5898-1/", "reference_id": "USN-5898-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5898-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/933652?format=api", "purl": "pkg:deb/debian/openjdk-21@21~7ea-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-21@21~7ea-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933654?format=api", "purl": "pkg:deb/debian/openjdk-21@21.0.10%2B7-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-21@21.0.10%252B7-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933651?format=api", "purl": "pkg:deb/debian/openjdk-21@21.0.11~6ea-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-21@21.0.11~6ea-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933653?format=api", "purl": "pkg:deb/debian/openjdk-21@21.0.11~8ea-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-21@21.0.11~8ea-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1062512?format=api", "purl": "pkg:deb/debian/openjdk-21@21.0.11~9ea-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-21@21.0.11~9ea-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2023-21830" ], "risk_score": 2.4, "exploitability": "0.5", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ecr4-rqud-gyhf" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31971?format=api", "vulnerability_id": "VCID-fau4-ajny-nfbd", "summary": "Multiple vulnerabilities have been discovered in OpenJDK, the worst of which could lead to remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-20921.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-20921.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-20921", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00187", "scoring_system": "epss", "scoring_elements": "0.40536", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00187", "scoring_system": "epss", "scoring_elements": "0.40563", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00187", "scoring_system": "epss", "scoring_elements": "0.40574", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00187", "scoring_system": "epss", "scoring_elements": "0.40556", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00187", "scoring_system": "epss", "scoring_elements": "0.40564", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00187", "scoring_system": "epss", "scoring_elements": "0.40592", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00187", "scoring_system": "epss", "scoring_elements": "0.40513", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-20921" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20918", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20918" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20919", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20919" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20921", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20921" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20926", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20926" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20932", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20932" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20945", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20945" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20952", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20952" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2257859", "reference_id": "2257859", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2257859" }, { "reference_url": "https://security.gentoo.org/glsa/202412-07", "reference_id": "GLSA-202412-07", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-07" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0222", "reference_id": "RHSA-2024:0222", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0222" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0223", "reference_id": "RHSA-2024:0223", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0223" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0224", "reference_id": "RHSA-2024:0224", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0224" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0225", "reference_id": "RHSA-2024:0225", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0225" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0226", "reference_id": "RHSA-2024:0226", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0226" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0228", "reference_id": "RHSA-2024:0228", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0228" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0230", "reference_id": "RHSA-2024:0230", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0230" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0231", "reference_id": "RHSA-2024:0231", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0231" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0232", "reference_id": "RHSA-2024:0232", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0232" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0233", "reference_id": "RHSA-2024:0233", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0233" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0234", "reference_id": "RHSA-2024:0234", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0234" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0235", "reference_id": "RHSA-2024:0235", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0235" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0237", "reference_id": "RHSA-2024:0237", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0237" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0239", "reference_id": "RHSA-2024:0239", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0239" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0240", "reference_id": "RHSA-2024:0240", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0240" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0241", "reference_id": "RHSA-2024:0241", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0241" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0242", "reference_id": "RHSA-2024:0242", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0242" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0244", "reference_id": "RHSA-2024:0244", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0244" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0246", "reference_id": "RHSA-2024:0246", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0246" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0247", "reference_id": "RHSA-2024:0247", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0247" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0248", "reference_id": "RHSA-2024:0248", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0248" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0249", "reference_id": "RHSA-2024:0249", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0249" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0250", "reference_id": "RHSA-2024:0250", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0250" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0265", "reference_id": "RHSA-2024:0265", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0265" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0266", "reference_id": "RHSA-2024:0266", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0266" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0267", "reference_id": "RHSA-2024:0267", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0267" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1481", "reference_id": "RHSA-2024:1481", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1481" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1482", "reference_id": "RHSA-2024:1482", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1482" }, { "reference_url": "https://usn.ubuntu.com/6660-1/", "reference_id": "USN-6660-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6660-1/" }, { "reference_url": "https://usn.ubuntu.com/6661-1/", "reference_id": "USN-6661-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6661-1/" }, { "reference_url": "https://usn.ubuntu.com/6662-1/", "reference_id": "USN-6662-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6662-1/" }, { "reference_url": "https://usn.ubuntu.com/6696-1/", "reference_id": "USN-6696-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6696-1/" }, { "reference_url": "https://usn.ubuntu.com/7096-1/", "reference_id": "USN-7096-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7096-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/933656?format=api", "purl": "pkg:deb/debian/openjdk-21@21.0.2%2B13-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-21@21.0.2%252B13-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933654?format=api", "purl": "pkg:deb/debian/openjdk-21@21.0.10%2B7-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-21@21.0.10%252B7-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933651?format=api", "purl": "pkg:deb/debian/openjdk-21@21.0.11~6ea-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-21@21.0.11~6ea-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933653?format=api", "purl": "pkg:deb/debian/openjdk-21@21.0.11~8ea-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-21@21.0.11~8ea-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1062512?format=api", "purl": "pkg:deb/debian/openjdk-21@21.0.11~9ea-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-21@21.0.11~9ea-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2024-20921" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fau4-ajny-nfbd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31974?format=api", "vulnerability_id": "VCID-fwk5-wqvn-4qaz", "summary": "Multiple vulnerabilities have been discovered in OpenJDK, the worst of which could lead to remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-20926.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-20926.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-20926", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00211", "scoring_system": "epss", "scoring_elements": "0.43651", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00211", "scoring_system": "epss", "scoring_elements": "0.43665", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00211", "scoring_system": "epss", "scoring_elements": "0.4369", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00211", "scoring_system": "epss", "scoring_elements": "0.43625", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00211", "scoring_system": "epss", "scoring_elements": "0.43676", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00211", "scoring_system": "epss", "scoring_elements": "0.4368", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00211", "scoring_system": "epss", "scoring_elements": "0.437", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00211", "scoring_system": "epss", "scoring_elements": "0.43668", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-20926" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20918", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20918" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20919", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20919" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20921", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20921" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20926", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20926" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20932", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20932" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20945", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20945" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20952", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20952" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2257850", "reference_id": "2257850", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2257850" }, { "reference_url": "https://security.gentoo.org/glsa/202412-07", "reference_id": "GLSA-202412-07", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-07" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2024/01/msg00023.html", "reference_id": "msg00023.html", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-15T16:03:46Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2024/01/msg00023.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20240201-0002/", "reference_id": "ntap-20240201-0002", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-15T16:03:46Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20240201-0002/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0222", "reference_id": "RHSA-2024:0222", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0222" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0223", "reference_id": "RHSA-2024:0223", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0223" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0224", "reference_id": "RHSA-2024:0224", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0224" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0225", "reference_id": "RHSA-2024:0225", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0225" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0226", "reference_id": "RHSA-2024:0226", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0226" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0228", "reference_id": "RHSA-2024:0228", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0228" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0230", "reference_id": "RHSA-2024:0230", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0230" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0231", "reference_id": "RHSA-2024:0231", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0231" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0232", "reference_id": "RHSA-2024:0232", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0232" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0233", "reference_id": "RHSA-2024:0233", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0233" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0234", "reference_id": "RHSA-2024:0234", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0234" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0235", "reference_id": "RHSA-2024:0235", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0235" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0237", "reference_id": "RHSA-2024:0237", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0237" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0239", "reference_id": "RHSA-2024:0239", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0239" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0265", "reference_id": "RHSA-2024:0265", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0265" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0266", "reference_id": "RHSA-2024:0266", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0266" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1481", "reference_id": "RHSA-2024:1481", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1481" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1482", "reference_id": "RHSA-2024:1482", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1482" }, { "reference_url": "https://usn.ubuntu.com/6660-1/", "reference_id": "USN-6660-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6660-1/" }, { "reference_url": "https://usn.ubuntu.com/6696-1/", "reference_id": "USN-6696-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6696-1/" }, { "reference_url": "https://usn.ubuntu.com/7096-1/", "reference_id": "USN-7096-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7096-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/933656?format=api", "purl": "pkg:deb/debian/openjdk-21@21.0.2%2B13-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-21@21.0.2%252B13-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933654?format=api", "purl": "pkg:deb/debian/openjdk-21@21.0.10%2B7-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-21@21.0.10%252B7-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933651?format=api", "purl": "pkg:deb/debian/openjdk-21@21.0.11~6ea-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-21@21.0.11~6ea-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933653?format=api", "purl": "pkg:deb/debian/openjdk-21@21.0.11~8ea-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-21@21.0.11~8ea-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1062512?format=api", "purl": "pkg:deb/debian/openjdk-21@21.0.11~9ea-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-21@21.0.11~9ea-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2024-20926" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fwk5-wqvn-4qaz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/66832?format=api", "vulnerability_id": "VCID-gwnq-we51-3bey", "summary": "openjdk: Enhance String handling (Oracle CPU 2025-10)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-61748.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-61748.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-61748", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00034", "scoring_system": "epss", "scoring_elements": "0.0979", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00034", "scoring_system": "epss", "scoring_elements": "0.09821", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00034", "scoring_system": "epss", "scoring_elements": "0.09865", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00034", "scoring_system": "epss", "scoring_elements": "0.09872", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00034", "scoring_system": "epss", "scoring_elements": "0.09837", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00034", "scoring_system": "epss", "scoring_elements": "0.0984", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00034", "scoring_system": "epss", "scoring_elements": "0.09741", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00034", "scoring_system": "epss", "scoring_elements": "0.09812", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-61748" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2403064", "reference_id": "2403064", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2403064" }, { "reference_url": "https://www.oracle.com/security-alerts/cpuoct2025.html", "reference_id": "cpuoct2025.html", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-22T16:58:40Z/" } ], "url": "https://www.oracle.com/security-alerts/cpuoct2025.html" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:18824", "reference_id": "RHSA-2025:18824", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:18824" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:18825", "reference_id": "RHSA-2025:18825", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:18825" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:18826", "reference_id": "RHSA-2025:18826", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:18826" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21485", "reference_id": "RHSA-2025:21485", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21485" }, { "reference_url": "https://usn.ubuntu.com/7884-1/", "reference_id": "USN-7884-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7884-1/" }, { "reference_url": "https://usn.ubuntu.com/7885-1/", "reference_id": "USN-7885-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7885-1/" }, { "reference_url": "https://usn.ubuntu.com/7901-1/", "reference_id": "USN-7901-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7901-1/" }, { "reference_url": "https://usn.ubuntu.com/7902-1/", "reference_id": "USN-7902-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7902-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/933663?format=api", "purl": "pkg:deb/debian/openjdk-21@21.0.9%2B10-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-21@21.0.9%252B10-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933662?format=api", "purl": "pkg:deb/debian/openjdk-21@21.0.9%2B10-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-21@21.0.9%252B10-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933654?format=api", "purl": "pkg:deb/debian/openjdk-21@21.0.10%2B7-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-21@21.0.10%252B7-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933651?format=api", "purl": "pkg:deb/debian/openjdk-21@21.0.11~6ea-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-21@21.0.11~6ea-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933653?format=api", "purl": "pkg:deb/debian/openjdk-21@21.0.11~8ea-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-21@21.0.11~8ea-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1062512?format=api", "purl": "pkg:deb/debian/openjdk-21@21.0.11~9ea-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-21@21.0.11~9ea-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2025-61748" ], "risk_score": 1.6, "exploitability": "0.5", "weighted_severity": "3.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-gwnq-we51-3bey" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/76840?format=api", "vulnerability_id": "VCID-h7n1-qfs3-v3fw", "summary": "OpenJDK: HTTP/2 client improper reverse DNS lookup (8315708)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21012.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21012.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-21012", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00146", "scoring_system": "epss", "scoring_elements": "0.3498", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00146", "scoring_system": "epss", "scoring_elements": "0.35055", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00146", "scoring_system": "epss", "scoring_elements": "0.35082", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00146", "scoring_system": "epss", "scoring_elements": "0.34962", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00146", "scoring_system": "epss", "scoring_elements": "0.35007", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00146", "scoring_system": "epss", "scoring_elements": "0.35036", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00146", "scoring_system": "epss", "scoring_elements": "0.3504", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00146", "scoring_system": "epss", "scoring_elements": "0.35004", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-21012" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21011", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21011" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21012", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21012" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21068", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21068" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21085", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21085" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21094", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21094" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2274975", "reference_id": "2274975", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2274975" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm:20.3.13:*:*:*:enterprise:*:*:*", "reference_id": "cpe:2.3:a:oracle:graalvm:20.3.13:*:*:*:enterprise:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm:20.3.13:*:*:*:enterprise:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm:21.3.9:*:*:*:enterprise:*:*:*", "reference_id": "cpe:2.3:a:oracle:graalvm:21.3.9:*:*:*:enterprise:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm:21.3.9:*:*:*:enterprise:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:17.0.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:graalvm_for_jdk:17.0.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:17.0.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:21.0.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:graalvm_for_jdk:21.0.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:21.0.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:22:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:graalvm_for_jdk:22:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:22:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:11.0.22:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:java_se:11.0.22:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:11.0.22:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:17.0.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:java_se:17.0.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:17.0.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:21.0.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:java_se:21.0.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:21.0.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:22:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:java_se:22:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:22:*:*:*:*:*:*:*" }, { "reference_url": "https://www.oracle.com/security-alerts/cpuapr2024.html", "reference_id": "cpuapr2024.html", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-26T15:15:43Z/" } ], "url": "https://www.oracle.com/security-alerts/cpuapr2024.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00014.html", "reference_id": "msg00014.html", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-26T15:15:43Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00014.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20240426-0004/", "reference_id": "ntap-20240426-0004", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-26T15:15:43Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20240426-0004/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1819", "reference_id": "RHSA-2024:1819", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1819" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1820", "reference_id": "RHSA-2024:1820", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1820" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1821", "reference_id": "RHSA-2024:1821", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1821" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1822", "reference_id": "RHSA-2024:1822", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1822" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1823", "reference_id": "RHSA-2024:1823", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1823" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1824", "reference_id": "RHSA-2024:1824", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1824" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1825", "reference_id": "RHSA-2024:1825", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1825" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1826", "reference_id": "RHSA-2024:1826", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1826" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1827", "reference_id": "RHSA-2024:1827", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1827" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1828", "reference_id": "RHSA-2024:1828", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1828" }, { "reference_url": "https://usn.ubuntu.com/6811-1/", "reference_id": "USN-6811-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6811-1/" }, { "reference_url": "https://usn.ubuntu.com/6812-1/", "reference_id": "USN-6812-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6812-1/" }, { "reference_url": "https://usn.ubuntu.com/6813-1/", "reference_id": "USN-6813-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6813-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/933657?format=api", "purl": "pkg:deb/debian/openjdk-21@21.0.3%2B9-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-21@21.0.3%252B9-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933654?format=api", "purl": "pkg:deb/debian/openjdk-21@21.0.10%2B7-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-21@21.0.10%252B7-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933651?format=api", "purl": "pkg:deb/debian/openjdk-21@21.0.11~6ea-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-21@21.0.11~6ea-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933653?format=api", "purl": "pkg:deb/debian/openjdk-21@21.0.11~8ea-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-21@21.0.11~8ea-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1062512?format=api", "purl": "pkg:deb/debian/openjdk-21@21.0.11~9ea-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-21@21.0.11~9ea-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2024-21012" ], "risk_score": 1.6, "exploitability": "0.5", "weighted_severity": "3.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-h7n1-qfs3-v3fw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31976?format=api", "vulnerability_id": "VCID-jztz-7cuw-t7ep", "summary": "Multiple vulnerabilities have been discovered in OpenJDK, the worst of which could lead to remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-20945.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-20945.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-20945", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0004", "scoring_system": "epss", "scoring_elements": "0.12193", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0004", "scoring_system": "epss", "scoring_elements": "0.1226", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0004", "scoring_system": "epss", "scoring_elements": "0.12267", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0004", "scoring_system": "epss", "scoring_elements": "0.12229", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0004", "scoring_system": "epss", "scoring_elements": "0.12285", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0004", "scoring_system": "epss", "scoring_elements": "0.12331", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0004", "scoring_system": "epss", "scoring_elements": "0.1213", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0004", "scoring_system": "epss", "scoring_elements": "0.12211", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-20945" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20918", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20918" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20919", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20919" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20921", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20921" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20926", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20926" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20932", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20932" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20945", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20945" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20952", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20952" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2257874", "reference_id": "2257874", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2257874" }, { "reference_url": "https://security.gentoo.org/glsa/202412-07", "reference_id": "GLSA-202412-07", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-07" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0222", "reference_id": "RHSA-2024:0222", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0222" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0223", "reference_id": "RHSA-2024:0223", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0223" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0224", "reference_id": "RHSA-2024:0224", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0224" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0225", "reference_id": "RHSA-2024:0225", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0225" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0226", "reference_id": "RHSA-2024:0226", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0226" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0228", "reference_id": "RHSA-2024:0228", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0228" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0230", "reference_id": "RHSA-2024:0230", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0230" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0231", "reference_id": "RHSA-2024:0231", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0231" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0232", "reference_id": "RHSA-2024:0232", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0232" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0233", "reference_id": "RHSA-2024:0233", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0233" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0234", "reference_id": "RHSA-2024:0234", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0234" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0235", "reference_id": "RHSA-2024:0235", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0235" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0237", "reference_id": "RHSA-2024:0237", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0237" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0239", "reference_id": "RHSA-2024:0239", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0239" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0240", "reference_id": "RHSA-2024:0240", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0240" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0241", "reference_id": "RHSA-2024:0241", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0241" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0242", "reference_id": "RHSA-2024:0242", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0242" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0244", "reference_id": "RHSA-2024:0244", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0244" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0246", "reference_id": "RHSA-2024:0246", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0246" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0247", "reference_id": "RHSA-2024:0247", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0247" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0248", "reference_id": "RHSA-2024:0248", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0248" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0249", "reference_id": "RHSA-2024:0249", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0249" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0250", "reference_id": "RHSA-2024:0250", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0250" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0265", "reference_id": "RHSA-2024:0265", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0265" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0266", "reference_id": "RHSA-2024:0266", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0266" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0267", "reference_id": "RHSA-2024:0267", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0267" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1481", "reference_id": "RHSA-2024:1481", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1481" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1482", "reference_id": "RHSA-2024:1482", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1482" }, { "reference_url": "https://usn.ubuntu.com/6660-1/", "reference_id": "USN-6660-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6660-1/" }, { "reference_url": "https://usn.ubuntu.com/6661-1/", "reference_id": "USN-6661-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6661-1/" }, { "reference_url": "https://usn.ubuntu.com/6662-1/", "reference_id": "USN-6662-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6662-1/" }, { "reference_url": "https://usn.ubuntu.com/6696-1/", "reference_id": "USN-6696-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6696-1/" }, { "reference_url": "https://usn.ubuntu.com/7096-1/", "reference_id": "USN-7096-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7096-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/933656?format=api", "purl": "pkg:deb/debian/openjdk-21@21.0.2%2B13-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-21@21.0.2%252B13-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933654?format=api", "purl": "pkg:deb/debian/openjdk-21@21.0.10%2B7-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-21@21.0.10%252B7-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933651?format=api", "purl": "pkg:deb/debian/openjdk-21@21.0.11~6ea-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-21@21.0.11~6ea-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933653?format=api", "purl": "pkg:deb/debian/openjdk-21@21.0.11~8ea-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-21@21.0.11~8ea-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1062512?format=api", "purl": "pkg:deb/debian/openjdk-21@21.0.11~9ea-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-21@21.0.11~9ea-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2024-20945" ], "risk_score": 2.1, "exploitability": "0.5", "weighted_severity": "4.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jztz-7cuw-t7ep" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/64941?format=api", "vulnerability_id": "VCID-mt9c-tby1-wqe9", "summary": "openjdk: Improve JMX connections (Oracle CPU 2026-01)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-21925.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-21925.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-21925", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00035", "scoring_system": "epss", "scoring_elements": "0.10163", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00035", "scoring_system": "epss", "scoring_elements": "0.10232", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00035", "scoring_system": "epss", "scoring_elements": "0.1026", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00035", "scoring_system": "epss", "scoring_elements": "0.10292", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00035", "scoring_system": "epss", "scoring_elements": "0.10251", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00035", "scoring_system": "epss", "scoring_elements": "0.10229", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00035", "scoring_system": "epss", "scoring_elements": "0.10125", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00035", "scoring_system": "epss", "scoring_elements": "0.102", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-21925" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-21925", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-21925" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1126119", "reference_id": "1126119", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1126119" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2429924", "reference_id": "2429924", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2429924" }, { "reference_url": "https://www.oracle.com/security-alerts/cpujan2026.html", "reference_id": "cpujan2026.html", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-21T20:50:27Z/" } ], "url": "https://www.oracle.com/security-alerts/cpujan2026.html" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0847", "reference_id": "RHSA-2026:0847", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0847" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0848", "reference_id": "RHSA-2026:0848", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0848" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0849", "reference_id": "RHSA-2026:0849", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0849" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0895", "reference_id": "RHSA-2026:0895", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0895" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0896", "reference_id": "RHSA-2026:0896", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0896" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0897", "reference_id": "RHSA-2026:0897", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0897" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0898", "reference_id": "RHSA-2026:0898", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0898" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0899", "reference_id": "RHSA-2026:0899", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0899" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0900", "reference_id": "RHSA-2026:0900", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0900" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0901", "reference_id": "RHSA-2026:0901", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0901" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0927", "reference_id": "RHSA-2026:0927", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0927" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0928", "reference_id": "RHSA-2026:0928", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0928" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0931", "reference_id": "RHSA-2026:0931", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0931" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0932", "reference_id": "RHSA-2026:0932", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0932" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0933", "reference_id": "RHSA-2026:0933", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0933" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1606", "reference_id": "RHSA-2026:1606", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1606" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4832", "reference_id": "RHSA-2026:4832", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4832" }, { "reference_url": "https://usn.ubuntu.com/7995-1/", "reference_id": "USN-7995-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7995-1/" }, { "reference_url": "https://usn.ubuntu.com/7996-1/", "reference_id": "USN-7996-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7996-1/" }, { "reference_url": "https://usn.ubuntu.com/7997-1/", "reference_id": "USN-7997-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7997-1/" }, { "reference_url": "https://usn.ubuntu.com/7998-1/", "reference_id": "USN-7998-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7998-1/" }, { "reference_url": "https://usn.ubuntu.com/8000-1/", "reference_id": "USN-8000-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8000-1/" }, { "reference_url": "https://usn.ubuntu.com/8001-1/", "reference_id": "USN-8001-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8001-1/" }, { "reference_url": "https://usn.ubuntu.com/8002-1/", "reference_id": "USN-8002-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8002-1/" }, { "reference_url": "https://usn.ubuntu.com/8003-1/", "reference_id": "USN-8003-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8003-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/933654?format=api", "purl": "pkg:deb/debian/openjdk-21@21.0.10%2B7-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-21@21.0.10%252B7-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933664?format=api", "purl": "pkg:deb/debian/openjdk-21@21.0.10%2B7-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-21@21.0.10%252B7-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933651?format=api", "purl": "pkg:deb/debian/openjdk-21@21.0.11~6ea-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-21@21.0.11~6ea-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933653?format=api", "purl": "pkg:deb/debian/openjdk-21@21.0.11~8ea-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-21@21.0.11~8ea-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1062512?format=api", "purl": "pkg:deb/debian/openjdk-21@21.0.11~9ea-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-21@21.0.11~9ea-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-21925" ], "risk_score": 2.1, "exploitability": "0.5", "weighted_severity": "4.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-mt9c-tby1-wqe9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/74710?format=api", "vulnerability_id": "VCID-n71d-tx76-vbbd", "summary": "OpenJDK: Out-of-bounds access in 2D image handling (8324559)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21145.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21145.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-21145", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0045", "scoring_system": "epss", "scoring_elements": "0.6363", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0045", "scoring_system": "epss", "scoring_elements": "0.63636", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0045", "scoring_system": "epss", "scoring_elements": "0.63595", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0045", "scoring_system": "epss", "scoring_elements": "0.63647", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0045", "scoring_system": "epss", "scoring_elements": "0.63663", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0045", "scoring_system": "epss", "scoring_elements": "0.63678", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0045", "scoring_system": "epss", "scoring_elements": "0.63609", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-21145" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21131", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21131" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21138", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21138" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21140", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21140" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21144", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21144" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21145", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21145" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21147", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21147" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2297976", "reference_id": "2297976", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2297976" }, { "reference_url": "https://www.oracle.com/security-alerts/cpujul2024.html", "reference_id": "cpujul2024.html", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-17T13:58:12Z/" } ], "url": "https://www.oracle.com/security-alerts/cpujul2024.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20240719-0008/", "reference_id": "ntap-20240719-0008", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-17T13:58:12Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20240719-0008/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4560", "reference_id": "RHSA-2024:4560", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4560" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4561", "reference_id": "RHSA-2024:4561", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4561" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4562", "reference_id": "RHSA-2024:4562", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4562" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4563", "reference_id": "RHSA-2024:4563", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4563" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4564", "reference_id": "RHSA-2024:4564", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4564" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4565", "reference_id": "RHSA-2024:4565", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4565" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4566", "reference_id": "RHSA-2024:4566", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4566" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4567", "reference_id": "RHSA-2024:4567", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4567" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4568", "reference_id": "RHSA-2024:4568", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4568" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4569", "reference_id": "RHSA-2024:4569", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4569" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4570", "reference_id": "RHSA-2024:4570", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4570" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4571", "reference_id": "RHSA-2024:4571", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4571" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4572", "reference_id": "RHSA-2024:4572", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4572" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4573", "reference_id": "RHSA-2024:4573", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4573" }, { "reference_url": "https://usn.ubuntu.com/6929-1/", "reference_id": "USN-6929-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6929-1/" }, { "reference_url": "https://usn.ubuntu.com/6930-1/", "reference_id": "USN-6930-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6930-1/" }, { "reference_url": "https://usn.ubuntu.com/6931-1/", "reference_id": "USN-6931-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6931-1/" }, { "reference_url": "https://usn.ubuntu.com/6932-1/", "reference_id": "USN-6932-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6932-1/" }, { "reference_url": "https://usn.ubuntu.com/7096-1/", "reference_id": "USN-7096-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7096-1/" }, { "reference_url": "https://usn.ubuntu.com/7097-1/", "reference_id": "USN-7097-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7097-1/" }, { "reference_url": "https://usn.ubuntu.com/7098-1/", "reference_id": "USN-7098-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7098-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/933657?format=api", "purl": "pkg:deb/debian/openjdk-21@21.0.3%2B9-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-21@21.0.3%252B9-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933654?format=api", "purl": "pkg:deb/debian/openjdk-21@21.0.10%2B7-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-21@21.0.10%252B7-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933651?format=api", "purl": "pkg:deb/debian/openjdk-21@21.0.11~6ea-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-21@21.0.11~6ea-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933653?format=api", "purl": "pkg:deb/debian/openjdk-21@21.0.11~8ea-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-21@21.0.11~8ea-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1062512?format=api", "purl": "pkg:deb/debian/openjdk-21@21.0.11~9ea-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-21@21.0.11~9ea-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2024-21145" ], "risk_score": 2.1, "exploitability": "0.5", "weighted_severity": "4.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-n71d-tx76-vbbd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31970?format=api", "vulnerability_id": "VCID-nr6u-aysf-7kgk", "summary": "Multiple vulnerabilities have been discovered in OpenJDK, the worst of which could lead to remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-20919.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-20919.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-20919", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0017", "scoring_system": "epss", "scoring_elements": "0.38196", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0017", "scoring_system": "epss", "scoring_elements": "0.38237", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0017", "scoring_system": "epss", "scoring_elements": "0.38255", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0017", "scoring_system": "epss", "scoring_elements": "0.3822", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0017", "scoring_system": "epss", "scoring_elements": "0.38286", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0017", "scoring_system": "epss", "scoring_elements": "0.38309", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0017", "scoring_system": "epss", "scoring_elements": "0.38178", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0017", "scoring_system": "epss", "scoring_elements": "0.38228", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-20919" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20918", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20918" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20919", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20919" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20921", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20921" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20926", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20926" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20932", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20932" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20945", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20945" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20952", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20952" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2257853", "reference_id": "2257853", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2257853" }, { "reference_url": "https://security.gentoo.org/glsa/202412-07", "reference_id": "GLSA-202412-07", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-07" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0222", "reference_id": "RHSA-2024:0222", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0222" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0223", "reference_id": "RHSA-2024:0223", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0223" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0224", "reference_id": "RHSA-2024:0224", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0224" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0225", "reference_id": "RHSA-2024:0225", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0225" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0226", "reference_id": "RHSA-2024:0226", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0226" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0228", "reference_id": "RHSA-2024:0228", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0228" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0230", "reference_id": "RHSA-2024:0230", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0230" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0231", "reference_id": "RHSA-2024:0231", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0231" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0232", "reference_id": "RHSA-2024:0232", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0232" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0233", "reference_id": "RHSA-2024:0233", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0233" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0234", "reference_id": "RHSA-2024:0234", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0234" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0235", "reference_id": "RHSA-2024:0235", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0235" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0237", "reference_id": "RHSA-2024:0237", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0237" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0239", "reference_id": "RHSA-2024:0239", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0239" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0240", "reference_id": "RHSA-2024:0240", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0240" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0241", "reference_id": "RHSA-2024:0241", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0241" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0242", "reference_id": "RHSA-2024:0242", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0242" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0244", "reference_id": "RHSA-2024:0244", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0244" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0246", "reference_id": "RHSA-2024:0246", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0246" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0247", "reference_id": "RHSA-2024:0247", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0247" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0248", "reference_id": "RHSA-2024:0248", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0248" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0249", "reference_id": "RHSA-2024:0249", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0249" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0250", "reference_id": "RHSA-2024:0250", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0250" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0265", "reference_id": "RHSA-2024:0265", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0265" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0266", "reference_id": "RHSA-2024:0266", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0266" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0267", "reference_id": "RHSA-2024:0267", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0267" }, { "reference_url": "https://usn.ubuntu.com/6660-1/", "reference_id": "USN-6660-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6660-1/" }, { "reference_url": "https://usn.ubuntu.com/6661-1/", "reference_id": "USN-6661-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6661-1/" }, { "reference_url": "https://usn.ubuntu.com/6662-1/", "reference_id": "USN-6662-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6662-1/" }, { "reference_url": "https://usn.ubuntu.com/6696-1/", "reference_id": "USN-6696-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6696-1/" }, { "reference_url": "https://usn.ubuntu.com/7096-1/", "reference_id": "USN-7096-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7096-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/933656?format=api", "purl": "pkg:deb/debian/openjdk-21@21.0.2%2B13-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-21@21.0.2%252B13-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933654?format=api", "purl": "pkg:deb/debian/openjdk-21@21.0.10%2B7-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-21@21.0.10%252B7-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933651?format=api", "purl": "pkg:deb/debian/openjdk-21@21.0.11~6ea-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-21@21.0.11~6ea-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933653?format=api", "purl": "pkg:deb/debian/openjdk-21@21.0.11~8ea-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-21@21.0.11~8ea-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1062512?format=api", "purl": "pkg:deb/debian/openjdk-21@21.0.11~9ea-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-21@21.0.11~9ea-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2024-20919" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-nr6u-aysf-7kgk" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/71990?format=api", "vulnerability_id": "VCID-ntga-y6cv-a3df", "summary": "openjdk: Enhance array handling (Oracle CPU 2025-01)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-21502.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-21502.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-21502", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.002", "scoring_system": "epss", "scoring_elements": "0.42064", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.002", "scoring_system": "epss", "scoring_elements": "0.42054", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.002", "scoring_system": "epss", "scoring_elements": "0.42094", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.002", "scoring_system": "epss", "scoring_elements": "0.42116", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.002", "scoring_system": "epss", "scoring_elements": "0.42079", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.002", "scoring_system": "epss", "scoring_elements": "0.42092", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.002", "scoring_system": "epss", "scoring_elements": "0.42029", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.002", "scoring_system": "epss", "scoring_elements": "0.42081", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-21502" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21502", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21502" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2338992", "reference_id": "2338992", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2338992" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm:20.3.16:*:*:*:enterprise:*:*:*", "reference_id": "cpe:2.3:a:oracle:graalvm:20.3.16:*:*:*:enterprise:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm:20.3.16:*:*:*:enterprise:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm:21.3.12:*:*:*:enterprise:*:*:*", "reference_id": "cpe:2.3:a:oracle:graalvm:21.3.12:*:*:*:enterprise:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm:21.3.12:*:*:*:enterprise:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:17.0.13:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:graalvm_for_jdk:17.0.13:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:17.0.13:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:21.0.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:graalvm_for_jdk:21.0.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:21.0.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:23.0.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:graalvm_for_jdk:23.0.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:23.0.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:11.0.25:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:java_se:11.0.25:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:11.0.25:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:17.0.13:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:java_se:17.0.13:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:17.0.13:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:21.0.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:java_se:21.0.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:21.0.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:23.0.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:java_se:23.0.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:23.0.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:8u431:*:*:*:enterprise_performance:*:*:*", "reference_id": "cpe:2.3:a:oracle:java_se:8u431:*:*:*:enterprise_performance:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:8u431:*:*:*:enterprise_performance:*:*:*" }, { "reference_url": "https://www.oracle.com/security-alerts/cpujan2025.html", "reference_id": "cpujan2025.html", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T16:29:12Z/" } ], "url": "https://www.oracle.com/security-alerts/cpujan2025.html" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0421", "reference_id": "RHSA-2025:0421", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0421" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0422", "reference_id": "RHSA-2025:0422", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0422" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0423", "reference_id": "RHSA-2025:0423", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0423" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0424", "reference_id": "RHSA-2025:0424", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0424" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0425", "reference_id": "RHSA-2025:0425", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0425" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0426", "reference_id": "RHSA-2025:0426", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0426" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0427", "reference_id": "RHSA-2025:0427", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0427" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0428", "reference_id": "RHSA-2025:0428", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0428" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0429", "reference_id": "RHSA-2025:0429", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0429" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1154", "reference_id": "RHSA-2025:1154", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1154" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2615", "reference_id": "RHSA-2025:2615", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:2615" }, { "reference_url": "https://usn.ubuntu.com/7252-1/", "reference_id": "USN-7252-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7252-1/" }, { "reference_url": "https://usn.ubuntu.com/7253-1/", "reference_id": "USN-7253-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7253-1/" }, { "reference_url": "https://usn.ubuntu.com/7254-1/", "reference_id": "USN-7254-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7254-1/" }, { "reference_url": "https://usn.ubuntu.com/7255-1/", "reference_id": "USN-7255-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7255-1/" }, { "reference_url": "https://usn.ubuntu.com/7338-1/", "reference_id": "USN-7338-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7338-1/" }, { "reference_url": "https://usn.ubuntu.com/7339-1/", "reference_id": "USN-7339-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7339-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/933659?format=api", "purl": "pkg:deb/debian/openjdk-21@21.0.6%2B7-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-21@21.0.6%252B7-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933654?format=api", "purl": "pkg:deb/debian/openjdk-21@21.0.10%2B7-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-21@21.0.10%252B7-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933651?format=api", "purl": "pkg:deb/debian/openjdk-21@21.0.11~6ea-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-21@21.0.11~6ea-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933653?format=api", "purl": "pkg:deb/debian/openjdk-21@21.0.11~8ea-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-21@21.0.11~8ea-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1062512?format=api", "purl": "pkg:deb/debian/openjdk-21@21.0.11~9ea-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-21@21.0.11~9ea-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2025-21502" ], "risk_score": 2.1, "exploitability": "0.5", "weighted_severity": "4.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ntga-y6cv-a3df" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/66831?format=api", "vulnerability_id": "VCID-nxx8-nehy-qyhg", "summary": "openjdk: Enhance Path Factories (Oracle CPU 2025-10)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-53066.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-53066.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-53066", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00055", "scoring_system": "epss", "scoring_elements": "0.17286", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00055", "scoring_system": "epss", "scoring_elements": "0.17132", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00055", "scoring_system": "epss", "scoring_elements": "0.17263", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00055", "scoring_system": "epss", "scoring_elements": "0.17241", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00055", "scoring_system": "epss", "scoring_elements": "0.17193", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00055", "scoring_system": "epss", "scoring_elements": "0.17335", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00055", "scoring_system": "epss", "scoring_elements": "0.17115", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00055", "scoring_system": "epss", "scoring_elements": "0.17207", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-53066" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-53066", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-53066" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1118944", "reference_id": "1118944", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1118944" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2403063", "reference_id": "2403063", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2403063" }, { "reference_url": "https://www.oracle.com/security-alerts/cpuoct2025.html", "reference_id": "cpuoct2025.html", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-22T19:44:34Z/" } ], "url": "https://www.oracle.com/security-alerts/cpuoct2025.html" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:18814", "reference_id": "RHSA-2025:18814", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:18814" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:18815", "reference_id": "RHSA-2025:18815", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:18815" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:18816", "reference_id": "RHSA-2025:18816", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:18816" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:18817", "reference_id": "RHSA-2025:18817", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:18817" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:18818", "reference_id": "RHSA-2025:18818", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:18818" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:18819", "reference_id": "RHSA-2025:18819", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:18819" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:18820", "reference_id": "RHSA-2025:18820", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:18820" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:18821", "reference_id": "RHSA-2025:18821", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:18821" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:18822", "reference_id": "RHSA-2025:18822", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:18822" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:18823", "reference_id": "RHSA-2025:18823", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:18823" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:18824", "reference_id": "RHSA-2025:18824", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:18824" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:18825", "reference_id": "RHSA-2025:18825", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:18825" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:18826", "reference_id": "RHSA-2025:18826", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:18826" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21485", "reference_id": "RHSA-2025:21485", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21485" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22370", "reference_id": "RHSA-2025:22370", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22370" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22672", "reference_id": "RHSA-2025:22672", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22672" }, { "reference_url": "https://usn.ubuntu.com/7881-1/", "reference_id": "USN-7881-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7881-1/" }, { "reference_url": "https://usn.ubuntu.com/7882-1/", "reference_id": "USN-7882-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7882-1/" }, { "reference_url": "https://usn.ubuntu.com/7883-1/", "reference_id": "USN-7883-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7883-1/" }, { "reference_url": "https://usn.ubuntu.com/7884-1/", "reference_id": "USN-7884-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7884-1/" }, { "reference_url": "https://usn.ubuntu.com/7885-1/", "reference_id": "USN-7885-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7885-1/" }, { "reference_url": "https://usn.ubuntu.com/7900-1/", "reference_id": "USN-7900-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7900-1/" }, { "reference_url": "https://usn.ubuntu.com/7901-1/", "reference_id": "USN-7901-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7901-1/" }, { "reference_url": "https://usn.ubuntu.com/7902-1/", "reference_id": "USN-7902-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7902-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/933663?format=api", "purl": "pkg:deb/debian/openjdk-21@21.0.9%2B10-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-21@21.0.9%252B10-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933662?format=api", "purl": "pkg:deb/debian/openjdk-21@21.0.9%2B10-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-21@21.0.9%252B10-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933654?format=api", "purl": "pkg:deb/debian/openjdk-21@21.0.10%2B7-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-21@21.0.10%252B7-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933651?format=api", "purl": "pkg:deb/debian/openjdk-21@21.0.11~6ea-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-21@21.0.11~6ea-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933653?format=api", "purl": "pkg:deb/debian/openjdk-21@21.0.11~8ea-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-21@21.0.11~8ea-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1062512?format=api", "purl": "pkg:deb/debian/openjdk-21@21.0.11~9ea-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-21@21.0.11~9ea-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2025-53066" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-nxx8-nehy-qyhg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/68624?format=api", "vulnerability_id": "VCID-p9na-7jta-9yg4", "summary": "openjdk: Enhance TLS protocol support (Oracle CPU 2025-07)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-30754.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-30754.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-30754", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00114", "scoring_system": "epss", "scoring_elements": "0.3003", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00114", "scoring_system": "epss", "scoring_elements": "0.29891", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00114", "scoring_system": "epss", "scoring_elements": "0.30077", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00114", "scoring_system": "epss", "scoring_elements": "0.29952", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00114", "scoring_system": "epss", "scoring_elements": "0.29988", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00116", "scoring_system": "epss", "scoring_elements": "0.30352", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00116", "scoring_system": "epss", "scoring_elements": "0.30305", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00116", "scoring_system": "epss", "scoring_elements": "0.30396", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-30754" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-30754", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-30754" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2376784", "reference_id": "2376784", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2376784" }, { "reference_url": "https://www.oracle.com/security-alerts/cpujul2025.html", "reference_id": "cpujul2025.html", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-16T15:31:20Z/" } ], "url": "https://www.oracle.com/security-alerts/cpujul2025.html" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10861", "reference_id": "RHSA-2025:10861", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10861" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10862", "reference_id": "RHSA-2025:10862", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10862" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10863", "reference_id": "RHSA-2025:10863", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10863" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10864", "reference_id": "RHSA-2025:10864", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10864" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10865", "reference_id": "RHSA-2025:10865", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10865" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10866", "reference_id": "RHSA-2025:10866", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10866" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10867", "reference_id": "RHSA-2025:10867", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10867" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10868", "reference_id": "RHSA-2025:10868", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10868" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10869", "reference_id": "RHSA-2025:10869", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10869" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10870", "reference_id": "RHSA-2025:10870", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10870" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10873", "reference_id": "RHSA-2025:10873", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10873" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10874", "reference_id": "RHSA-2025:10874", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10874" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10875", "reference_id": "RHSA-2025:10875", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10875" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:13656", "reference_id": "RHSA-2025:13656", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:13656" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:13675", "reference_id": "RHSA-2025:13675", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:13675" }, { "reference_url": "https://usn.ubuntu.com/7667-1/", "reference_id": "USN-7667-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7667-1/" }, { "reference_url": "https://usn.ubuntu.com/7668-1/", "reference_id": "USN-7668-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7668-1/" }, { "reference_url": "https://usn.ubuntu.com/7669-1/", "reference_id": "USN-7669-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7669-1/" }, { "reference_url": "https://usn.ubuntu.com/7672-1/", "reference_id": "USN-7672-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7672-1/" }, { "reference_url": "https://usn.ubuntu.com/7673-1/", "reference_id": "USN-7673-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7673-1/" }, { "reference_url": "https://usn.ubuntu.com/7674-1/", "reference_id": "USN-7674-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7674-1/" }, { "reference_url": "https://usn.ubuntu.com/7690-1/", "reference_id": "USN-7690-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7690-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/933661?format=api", "purl": "pkg:deb/debian/openjdk-21@21.0.8%2B9-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-21@21.0.8%252B9-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933654?format=api", "purl": "pkg:deb/debian/openjdk-21@21.0.10%2B7-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-21@21.0.10%252B7-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933651?format=api", "purl": "pkg:deb/debian/openjdk-21@21.0.11~6ea-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-21@21.0.11~6ea-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933653?format=api", "purl": "pkg:deb/debian/openjdk-21@21.0.11~8ea-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-21@21.0.11~8ea-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1062512?format=api", "purl": "pkg:deb/debian/openjdk-21@21.0.11~9ea-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-21@21.0.11~9ea-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2025-30754" ], "risk_score": 2.1, "exploitability": "0.5", "weighted_severity": "4.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-p9na-7jta-9yg4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/74713?format=api", "vulnerability_id": "VCID-rggy-f3va-mfay", "summary": "OpenJDK: RangeCheckElimination array index overflow (8323231)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21147.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21147.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-21147", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00721", "scoring_system": "epss", "scoring_elements": "0.7248", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00721", "scoring_system": "epss", "scoring_elements": "0.72434", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00721", "scoring_system": "epss", "scoring_elements": "0.72472", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00721", "scoring_system": "epss", "scoring_elements": "0.72485", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00721", "scoring_system": "epss", "scoring_elements": "0.72508", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00721", "scoring_system": "epss", "scoring_elements": "0.7249", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00721", "scoring_system": "epss", "scoring_elements": "0.7244", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00721", "scoring_system": "epss", "scoring_elements": "0.72458", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-21147" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21131", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21131" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21138", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21138" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21140", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21140" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21144", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21144" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21145", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21145" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21147", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21147" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2297977", "reference_id": "2297977", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2297977" }, { "reference_url": "https://www.oracle.com/security-alerts/cpujul2024.html", "reference_id": "cpujul2024.html", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-17T13:58:31Z/" } ], "url": "https://www.oracle.com/security-alerts/cpujul2024.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20240719-0008/", "reference_id": "ntap-20240719-0008", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-17T13:58:31Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20240719-0008/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4560", "reference_id": "RHSA-2024:4560", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4560" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4561", "reference_id": "RHSA-2024:4561", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4561" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4562", "reference_id": "RHSA-2024:4562", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4562" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4563", "reference_id": "RHSA-2024:4563", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4563" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4564", "reference_id": "RHSA-2024:4564", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4564" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4565", "reference_id": "RHSA-2024:4565", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4565" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4566", "reference_id": "RHSA-2024:4566", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4566" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4567", "reference_id": "RHSA-2024:4567", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4567" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4568", "reference_id": "RHSA-2024:4568", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4568" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4569", "reference_id": "RHSA-2024:4569", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4569" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4570", "reference_id": "RHSA-2024:4570", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4570" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4571", "reference_id": "RHSA-2024:4571", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4571" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4572", "reference_id": "RHSA-2024:4572", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4572" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4573", "reference_id": "RHSA-2024:4573", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4573" }, { "reference_url": "https://usn.ubuntu.com/6929-1/", "reference_id": "USN-6929-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6929-1/" }, { "reference_url": "https://usn.ubuntu.com/6930-1/", "reference_id": "USN-6930-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6930-1/" }, { "reference_url": "https://usn.ubuntu.com/6931-1/", "reference_id": "USN-6931-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6931-1/" }, { "reference_url": "https://usn.ubuntu.com/6932-1/", "reference_id": "USN-6932-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6932-1/" }, { "reference_url": "https://usn.ubuntu.com/7096-1/", "reference_id": "USN-7096-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7096-1/" }, { "reference_url": "https://usn.ubuntu.com/7097-1/", "reference_id": "USN-7097-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7097-1/" }, { "reference_url": "https://usn.ubuntu.com/7098-1/", "reference_id": "USN-7098-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7098-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/933657?format=api", "purl": "pkg:deb/debian/openjdk-21@21.0.3%2B9-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-21@21.0.3%252B9-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933654?format=api", "purl": "pkg:deb/debian/openjdk-21@21.0.10%2B7-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-21@21.0.10%252B7-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933651?format=api", "purl": "pkg:deb/debian/openjdk-21@21.0.11~6ea-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-21@21.0.11~6ea-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933653?format=api", "purl": "pkg:deb/debian/openjdk-21@21.0.11~8ea-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-21@21.0.11~8ea-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1062512?format=api", "purl": "pkg:deb/debian/openjdk-21@21.0.11~9ea-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-21@21.0.11~9ea-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2024-21147" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.7", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-rggy-f3va-mfay" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/70363?format=api", "vulnerability_id": "VCID-u81s-cs95-4yhx", "summary": "openjdk: Better TLS connection support (Oracle CPU 2025-04)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-21587.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-21587.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-21587", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00575", "scoring_system": "epss", "scoring_elements": "0.687", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00575", "scoring_system": "epss", "scoring_elements": "0.68746", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00575", "scoring_system": "epss", "scoring_elements": "0.68767", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00575", "scoring_system": "epss", "scoring_elements": "0.68789", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00575", "scoring_system": "epss", "scoring_elements": "0.68775", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00575", "scoring_system": "epss", "scoring_elements": "0.68718", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00575", "scoring_system": "epss", "scoring_elements": "0.68696", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00575", "scoring_system": "epss", "scoring_elements": "0.68748", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-21587" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21587", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21587" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103897", "reference_id": "1103897", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103897" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103898", "reference_id": "1103898", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103898" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103899", "reference_id": "1103899", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103899" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103900", "reference_id": "1103900", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103900" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2359695", "reference_id": "2359695", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2359695" }, { "reference_url": "https://www.oracle.com/security-alerts/cpuapr2025.html", "reference_id": "cpuapr2025.html", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-17T03:55:41Z/" } ], "url": "https://www.oracle.com/security-alerts/cpuapr2025.html" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3844", "reference_id": "RHSA-2025:3844", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3844" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3845", "reference_id": "RHSA-2025:3845", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3845" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3846", "reference_id": "RHSA-2025:3846", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3846" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3847", "reference_id": "RHSA-2025:3847", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3847" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3848", "reference_id": "RHSA-2025:3848", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3848" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3849", "reference_id": "RHSA-2025:3849", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3849" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3850", "reference_id": "RHSA-2025:3850", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3850" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3852", "reference_id": "RHSA-2025:3852", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3852" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3853", "reference_id": "RHSA-2025:3853", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3853" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3854", "reference_id": "RHSA-2025:3854", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3854" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3855", "reference_id": "RHSA-2025:3855", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3855" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3856", "reference_id": "RHSA-2025:3856", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3856" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3857", "reference_id": "RHSA-2025:3857", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3857" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7508", "reference_id": "RHSA-2025:7508", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:7508" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8063", "reference_id": "RHSA-2025:8063", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8063" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8431", "reference_id": "RHSA-2025:8431", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8431" }, { "reference_url": "https://usn.ubuntu.com/7480-1/", "reference_id": "USN-7480-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7480-1/" }, { "reference_url": "https://usn.ubuntu.com/7481-1/", "reference_id": "USN-7481-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7481-1/" }, { "reference_url": "https://usn.ubuntu.com/7482-1/", "reference_id": "USN-7482-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7482-1/" }, { "reference_url": "https://usn.ubuntu.com/7483-1/", "reference_id": "USN-7483-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7483-1/" }, { "reference_url": "https://usn.ubuntu.com/7484-1/", "reference_id": "USN-7484-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7484-1/" }, { "reference_url": "https://usn.ubuntu.com/7531-1/", "reference_id": "USN-7531-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7531-1/" }, { "reference_url": "https://usn.ubuntu.com/7533-1/", "reference_id": "USN-7533-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7533-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/933660?format=api", "purl": "pkg:deb/debian/openjdk-21@21.0.7%2B6-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-21@21.0.7%252B6-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933654?format=api", "purl": "pkg:deb/debian/openjdk-21@21.0.10%2B7-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-21@21.0.10%252B7-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933651?format=api", "purl": "pkg:deb/debian/openjdk-21@21.0.11~6ea-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-21@21.0.11~6ea-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933653?format=api", "purl": "pkg:deb/debian/openjdk-21@21.0.11~8ea-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-21@21.0.11~8ea-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1062512?format=api", "purl": "pkg:deb/debian/openjdk-21@21.0.11~9ea-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-21@21.0.11~9ea-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2025-21587" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.7", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-u81s-cs95-4yhx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/68627?format=api", "vulnerability_id": "VCID-vbw8-4j9f-eya5", "summary": "openjdk: Glyph out-of-memory access and crash (Oracle CPU 2025-07)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-50106.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-50106.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-50106", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00232", "scoring_system": "epss", "scoring_elements": "0.46067", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00232", "scoring_system": "epss", "scoring_elements": "0.46035", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00232", "scoring_system": "epss", "scoring_elements": "0.46088", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00232", "scoring_system": "epss", "scoring_elements": "0.46091", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00232", "scoring_system": "epss", "scoring_elements": "0.46089", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00259", "scoring_system": "epss", "scoring_elements": "0.4924", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00259", "scoring_system": "epss", "scoring_elements": "0.49245", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00259", "scoring_system": "epss", "scoring_elements": "0.49267", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-50106" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-50106", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-50106" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2379031", "reference_id": "2379031", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2379031" }, { "reference_url": "https://www.oracle.com/security-alerts/cpujul2025.html", "reference_id": "cpujul2025.html", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-07-15T20:22:48Z/" } ], "url": "https://www.oracle.com/security-alerts/cpujul2025.html" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10861", "reference_id": "RHSA-2025:10861", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10861" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10862", "reference_id": "RHSA-2025:10862", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10862" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10863", "reference_id": "RHSA-2025:10863", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10863" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10864", "reference_id": "RHSA-2025:10864", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10864" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10865", "reference_id": "RHSA-2025:10865", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10865" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10866", "reference_id": "RHSA-2025:10866", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10866" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10867", "reference_id": "RHSA-2025:10867", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10867" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10868", "reference_id": "RHSA-2025:10868", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10868" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10869", "reference_id": "RHSA-2025:10869", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10869" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10870", "reference_id": "RHSA-2025:10870", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10870" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10873", "reference_id": "RHSA-2025:10873", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10873" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10874", "reference_id": "RHSA-2025:10874", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10874" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10875", "reference_id": "RHSA-2025:10875", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10875" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:13656", "reference_id": "RHSA-2025:13656", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:13656" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:13675", "reference_id": "RHSA-2025:13675", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:13675" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0934", "reference_id": "RHSA-2026:0934", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0934" }, { "reference_url": "https://usn.ubuntu.com/7667-1/", "reference_id": "USN-7667-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7667-1/" }, { "reference_url": "https://usn.ubuntu.com/7668-1/", "reference_id": "USN-7668-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7668-1/" }, { "reference_url": "https://usn.ubuntu.com/7669-1/", "reference_id": "USN-7669-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7669-1/" }, { "reference_url": "https://usn.ubuntu.com/7672-1/", "reference_id": "USN-7672-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7672-1/" }, { "reference_url": "https://usn.ubuntu.com/7673-1/", "reference_id": "USN-7673-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7673-1/" }, { "reference_url": "https://usn.ubuntu.com/7674-1/", "reference_id": "USN-7674-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7674-1/" }, { "reference_url": "https://usn.ubuntu.com/7690-1/", "reference_id": "USN-7690-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7690-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/933661?format=api", "purl": "pkg:deb/debian/openjdk-21@21.0.8%2B9-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-21@21.0.8%252B9-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933654?format=api", "purl": "pkg:deb/debian/openjdk-21@21.0.10%2B7-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-21@21.0.10%252B7-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933651?format=api", "purl": "pkg:deb/debian/openjdk-21@21.0.11~6ea-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-21@21.0.11~6ea-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933653?format=api", "purl": "pkg:deb/debian/openjdk-21@21.0.11~8ea-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-21@21.0.11~8ea-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1062512?format=api", "purl": "pkg:deb/debian/openjdk-21@21.0.11~9ea-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-21@21.0.11~9ea-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2025-50106" ], "risk_score": 3.6, "exploitability": "0.5", "weighted_severity": "7.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vbw8-4j9f-eya5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31978?format=api", "vulnerability_id": "VCID-vpnc-yu7r-bqb6", "summary": "Multiple vulnerabilities have been discovered in OpenJDK, the worst of which could lead to remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21208.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21208.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-21208", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00054", "scoring_system": "epss", "scoring_elements": "0.17036", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00054", "scoring_system": "epss", "scoring_elements": "0.17169", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00054", "scoring_system": "epss", "scoring_elements": "0.17144", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00054", "scoring_system": "epss", "scoring_elements": "0.17096", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00054", "scoring_system": "epss", "scoring_elements": "0.1719", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00054", "scoring_system": "epss", "scoring_elements": "0.17241", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00054", "scoring_system": "epss", "scoring_elements": "0.17021", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00054", "scoring_system": "epss", "scoring_elements": "0.17111", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-21208" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21208", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21208" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1085696", "reference_id": "1085696", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1085696" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2318526", "reference_id": "2318526", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2318526" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm:20.3.15:*:*:*:enterprise:*:*:*", "reference_id": "cpe:2.3:a:oracle:graalvm:20.3.15:*:*:*:enterprise:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm:20.3.15:*:*:*:enterprise:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm:21.3.11:*:*:*:enterprise:*:*:*", "reference_id": "cpe:2.3:a:oracle:graalvm:21.3.11:*:*:*:enterprise:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm:21.3.11:*:*:*:enterprise:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:17.0.12:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:graalvm_for_jdk:17.0.12:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:17.0.12:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:21.0.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:graalvm_for_jdk:21.0.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:21.0.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:23:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:graalvm_for_jdk:23:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:23:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:11.0.24:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:java_se:11.0.24:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:11.0.24:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:17.0.12:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:java_se:17.0.12:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:17.0.12:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:21.0.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:java_se:21.0.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:21.0.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:23:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:java_se:23:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:23:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:8u421:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:java_se:8u421:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:8u421:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:8u421:*:*:*:enterprise_performance:*:*:*", "reference_id": "cpe:2.3:a:oracle:java_se:8u421:*:*:*:enterprise_performance:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:8u421:*:*:*:enterprise_performance:*:*:*" }, { "reference_url": "https://security.gentoo.org/glsa/202412-07", "reference_id": "GLSA-202412-07", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-07" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10926", "reference_id": "RHSA-2024:10926", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10926" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8116", "reference_id": "RHSA-2024:8116", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8116" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8117", "reference_id": "RHSA-2024:8117", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8117" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8118", "reference_id": "RHSA-2024:8118", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8118" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8119", "reference_id": "RHSA-2024:8119", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8119" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8120", "reference_id": "RHSA-2024:8120", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8120" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8121", "reference_id": "RHSA-2024:8121", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8121" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8122", "reference_id": "RHSA-2024:8122", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8122" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8123", "reference_id": "RHSA-2024:8123", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8123" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8124", "reference_id": "RHSA-2024:8124", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8124" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8125", "reference_id": "RHSA-2024:8125", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8125" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8126", "reference_id": "RHSA-2024:8126", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8126" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8127", "reference_id": "RHSA-2024:8127", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8127" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8128", "reference_id": "RHSA-2024:8128", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8128" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8129", "reference_id": "RHSA-2024:8129", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8129" }, { "reference_url": "https://usn.ubuntu.com/7096-1/", "reference_id": "USN-7096-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7096-1/" }, { "reference_url": "https://usn.ubuntu.com/7097-1/", "reference_id": "USN-7097-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7097-1/" }, { "reference_url": "https://usn.ubuntu.com/7098-1/", "reference_id": "USN-7098-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7098-1/" }, { "reference_url": "https://usn.ubuntu.com/7099-1/", "reference_id": "USN-7099-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7099-1/" }, { "reference_url": "https://usn.ubuntu.com/7124-1/", "reference_id": "USN-7124-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7124-1/" }, { "reference_url": "https://usn.ubuntu.com/7338-1/", "reference_id": "USN-7338-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7338-1/" }, { "reference_url": "https://usn.ubuntu.com/7339-1/", "reference_id": "USN-7339-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7339-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/933658?format=api", "purl": "pkg:deb/debian/openjdk-21@21.0.5%2B11-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-21@21.0.5%252B11-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933654?format=api", "purl": "pkg:deb/debian/openjdk-21@21.0.10%2B7-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-21@21.0.10%252B7-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933651?format=api", "purl": "pkg:deb/debian/openjdk-21@21.0.11~6ea-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-21@21.0.11~6ea-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933653?format=api", "purl": "pkg:deb/debian/openjdk-21@21.0.11~8ea-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-21@21.0.11~8ea-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1062512?format=api", "purl": "pkg:deb/debian/openjdk-21@21.0.11~9ea-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-21@21.0.11~9ea-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2024-21208" ], "risk_score": 1.6, "exploitability": "0.5", "weighted_severity": "3.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vpnc-yu7r-bqb6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31959?format=api", "vulnerability_id": "VCID-vuhe-re6z-8kax", "summary": "Multiple vulnerabilities have been discovered in OpenJDK, the worst of which could lead to remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-22025.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-22025.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-22025", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00128", "scoring_system": "epss", "scoring_elements": "0.32344", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00128", "scoring_system": "epss", "scoring_elements": "0.32217", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00128", "scoring_system": "epss", "scoring_elements": "0.32382", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00128", "scoring_system": "epss", "scoring_elements": "0.32207", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00128", "scoring_system": "epss", "scoring_elements": "0.32256", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00128", "scoring_system": "epss", "scoring_elements": "0.32285", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00128", "scoring_system": "epss", "scoring_elements": "0.32286", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00128", "scoring_system": "epss", "scoring_elements": "0.32248", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-22025" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22025", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22025" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22081", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22081" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243805", "reference_id": "2243805", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243805" }, { "reference_url": "https://www.debian.org/security/2023/dsa-5548", "reference_id": "dsa-5548", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-13T16:28:29Z/" } ], "url": "https://www.debian.org/security/2023/dsa-5548" }, { "reference_url": "https://security.gentoo.org/glsa/202412-07", "reference_id": "GLSA-202412-07", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-07" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20231027-0006/", "reference_id": "ntap-20231027-0006", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-13T16:28:29Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20231027-0006/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5745", "reference_id": "RHSA-2023:5745", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5745" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5746", "reference_id": "RHSA-2023:5746", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5746" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5747", "reference_id": "RHSA-2023:5747", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5747" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5750", "reference_id": "RHSA-2023:5750", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5750" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5751", "reference_id": "RHSA-2023:5751", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5751" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5752", "reference_id": "RHSA-2023:5752", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5752" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5753", "reference_id": "RHSA-2023:5753", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5753" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6738", "reference_id": "RHSA-2023:6738", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6738" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6887", "reference_id": "RHSA-2023:6887", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6887" }, { "reference_url": "https://usn.ubuntu.com/6527-1/", "reference_id": "USN-6527-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6527-1/" }, { "reference_url": "https://usn.ubuntu.com/6528-1/", "reference_id": "USN-6528-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6528-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/933655?format=api", "purl": "pkg:deb/debian/openjdk-21@21.0.1%2B12-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-21@21.0.1%252B12-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933654?format=api", "purl": "pkg:deb/debian/openjdk-21@21.0.10%2B7-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-21@21.0.10%252B7-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933651?format=api", "purl": "pkg:deb/debian/openjdk-21@21.0.11~6ea-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-21@21.0.11~6ea-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933653?format=api", "purl": "pkg:deb/debian/openjdk-21@21.0.11~8ea-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-21@21.0.11~8ea-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1062512?format=api", "purl": "pkg:deb/debian/openjdk-21@21.0.11~9ea-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-21@21.0.11~9ea-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2023-22025" ], "risk_score": 1.6, "exploitability": "0.5", "weighted_severity": "3.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vuhe-re6z-8kax" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31969?format=api", "vulnerability_id": "VCID-wn4r-ugaa-5ydb", "summary": "Multiple vulnerabilities have been discovered in OpenJDK, the worst of which could lead to remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-20918.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-20918.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-20918", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00238", "scoring_system": "epss", "scoring_elements": "0.46944", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00238", "scoring_system": "epss", "scoring_elements": "0.46923", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00238", "scoring_system": "epss", "scoring_elements": "0.4694", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00238", "scoring_system": "epss", "scoring_elements": "0.46888", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00238", "scoring_system": "epss", "scoring_elements": "0.46942", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00238", "scoring_system": "epss", "scoring_elements": "0.46939", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00238", "scoring_system": "epss", "scoring_elements": "0.46963", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00238", "scoring_system": "epss", "scoring_elements": "0.46936", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-20918" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20918", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20918" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20919", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20919" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20921", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20921" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20926", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20926" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20932", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20932" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20945", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20945" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20952", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20952" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2257728", "reference_id": "2257728", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2257728" }, { "reference_url": "https://security.gentoo.org/glsa/202412-07", "reference_id": "GLSA-202412-07", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-07" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2024/01/msg00023.html", "reference_id": "msg00023.html", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-01-25T05:01:02Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2024/01/msg00023.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20240201-0002/", "reference_id": "ntap-20240201-0002", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-01-25T05:01:02Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20240201-0002/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0222", "reference_id": "RHSA-2024:0222", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0222" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0223", "reference_id": "RHSA-2024:0223", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0223" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0224", "reference_id": "RHSA-2024:0224", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0224" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0225", "reference_id": "RHSA-2024:0225", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0225" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0226", "reference_id": "RHSA-2024:0226", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0226" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0228", "reference_id": "RHSA-2024:0228", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0228" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0230", "reference_id": "RHSA-2024:0230", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0230" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0231", "reference_id": "RHSA-2024:0231", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0231" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0232", "reference_id": "RHSA-2024:0232", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0232" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0233", "reference_id": "RHSA-2024:0233", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0233" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0234", "reference_id": "RHSA-2024:0234", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0234" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0235", "reference_id": "RHSA-2024:0235", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0235" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0237", "reference_id": "RHSA-2024:0237", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0237" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0239", "reference_id": "RHSA-2024:0239", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0239" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0240", "reference_id": "RHSA-2024:0240", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0240" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0241", "reference_id": "RHSA-2024:0241", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0241" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0242", "reference_id": "RHSA-2024:0242", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0242" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0244", "reference_id": "RHSA-2024:0244", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0244" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0246", "reference_id": "RHSA-2024:0246", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0246" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0247", "reference_id": "RHSA-2024:0247", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0247" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0248", "reference_id": "RHSA-2024:0248", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0248" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0249", "reference_id": "RHSA-2024:0249", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0249" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0250", "reference_id": "RHSA-2024:0250", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0250" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0265", "reference_id": "RHSA-2024:0265", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0265" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0266", "reference_id": "RHSA-2024:0266", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0266" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0267", "reference_id": "RHSA-2024:0267", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0267" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1481", "reference_id": "RHSA-2024:1481", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1481" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1482", "reference_id": "RHSA-2024:1482", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1482" }, { "reference_url": "https://usn.ubuntu.com/6660-1/", "reference_id": "USN-6660-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6660-1/" }, { "reference_url": "https://usn.ubuntu.com/6661-1/", "reference_id": "USN-6661-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6661-1/" }, { "reference_url": "https://usn.ubuntu.com/6662-1/", "reference_id": "USN-6662-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6662-1/" }, { "reference_url": "https://usn.ubuntu.com/6696-1/", "reference_id": "USN-6696-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6696-1/" }, { "reference_url": "https://usn.ubuntu.com/7096-1/", "reference_id": "USN-7096-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7096-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/933656?format=api", "purl": "pkg:deb/debian/openjdk-21@21.0.2%2B13-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-21@21.0.2%252B13-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933654?format=api", "purl": "pkg:deb/debian/openjdk-21@21.0.10%2B7-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-21@21.0.10%252B7-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933651?format=api", "purl": "pkg:deb/debian/openjdk-21@21.0.11~6ea-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-21@21.0.11~6ea-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933653?format=api", "purl": "pkg:deb/debian/openjdk-21@21.0.11~8ea-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-21@21.0.11~8ea-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1062512?format=api", "purl": "pkg:deb/debian/openjdk-21@21.0.11~9ea-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-21@21.0.11~9ea-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2024-20918" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.7", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-wn4r-ugaa-5ydb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/70362?format=api", "vulnerability_id": "VCID-y8bc-k5qu-c7f5", "summary": "openjdk: Improve compiler transformations (Oracle CPU 2025-04)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-30691.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-30691.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-30691", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00369", "scoring_system": "epss", "scoring_elements": "0.58784", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00369", "scoring_system": "epss", "scoring_elements": "0.58814", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00369", "scoring_system": "epss", "scoring_elements": "0.58827", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00369", "scoring_system": "epss", "scoring_elements": "0.58833", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00369", "scoring_system": "epss", "scoring_elements": "0.58851", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00369", "scoring_system": "epss", "scoring_elements": "0.58805", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00369", "scoring_system": "epss", "scoring_elements": "0.58775", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-30691" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-30691", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-30691" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103897", "reference_id": "1103897", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103897" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103898", "reference_id": "1103898", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103898" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103899", "reference_id": "1103899", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103899" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103900", "reference_id": "1103900", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103900" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2359694", "reference_id": "2359694", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2359694" }, { "reference_url": "https://www.oracle.com/security-alerts/cpuapr2025.html", "reference_id": "cpuapr2025.html", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-16T14:24:18Z/" } ], "url": "https://www.oracle.com/security-alerts/cpuapr2025.html" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3844", "reference_id": "RHSA-2025:3844", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3844" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3845", "reference_id": "RHSA-2025:3845", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3845" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3846", "reference_id": "RHSA-2025:3846", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3846" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3847", "reference_id": "RHSA-2025:3847", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3847" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3848", "reference_id": "RHSA-2025:3848", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3848" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3849", "reference_id": "RHSA-2025:3849", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3849" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3850", "reference_id": "RHSA-2025:3850", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3850" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3852", "reference_id": "RHSA-2025:3852", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3852" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3853", "reference_id": "RHSA-2025:3853", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3853" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3854", "reference_id": "RHSA-2025:3854", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3854" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3855", "reference_id": "RHSA-2025:3855", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3855" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3856", "reference_id": "RHSA-2025:3856", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3856" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3857", "reference_id": "RHSA-2025:3857", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3857" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7508", "reference_id": "RHSA-2025:7508", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:7508" }, { "reference_url": "https://usn.ubuntu.com/7480-1/", "reference_id": "USN-7480-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7480-1/" }, { "reference_url": "https://usn.ubuntu.com/7481-1/", "reference_id": "USN-7481-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7481-1/" }, { "reference_url": "https://usn.ubuntu.com/7482-1/", "reference_id": "USN-7482-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7482-1/" }, { "reference_url": "https://usn.ubuntu.com/7483-1/", "reference_id": "USN-7483-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7483-1/" }, { "reference_url": "https://usn.ubuntu.com/7484-1/", "reference_id": "USN-7484-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7484-1/" }, { "reference_url": "https://usn.ubuntu.com/7531-1/", "reference_id": "USN-7531-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7531-1/" }, { "reference_url": "https://usn.ubuntu.com/7533-1/", "reference_id": "USN-7533-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7533-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/933660?format=api", "purl": "pkg:deb/debian/openjdk-21@21.0.7%2B6-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-21@21.0.7%252B6-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933654?format=api", "purl": "pkg:deb/debian/openjdk-21@21.0.10%2B7-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-21@21.0.10%252B7-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933651?format=api", "purl": "pkg:deb/debian/openjdk-21@21.0.11~6ea-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-21@21.0.11~6ea-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933653?format=api", "purl": "pkg:deb/debian/openjdk-21@21.0.11~8ea-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-21@21.0.11~8ea-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1062512?format=api", "purl": "pkg:deb/debian/openjdk-21@21.0.11~9ea-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-21@21.0.11~9ea-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2025-30691" ], "risk_score": 2.1, "exploitability": "0.5", "weighted_severity": "4.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-y8bc-k5qu-c7f5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31979?format=api", "vulnerability_id": "VCID-z356-tw9t-q7bp", "summary": "Multiple vulnerabilities have been discovered in OpenJDK, the worst of which could lead to remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21210.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21210.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-21210", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00144", "scoring_system": "epss", "scoring_elements": "0.34648", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00144", "scoring_system": "epss", "scoring_elements": "0.34708", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00144", "scoring_system": "epss", "scoring_elements": "0.34711", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00144", "scoring_system": "epss", "scoring_elements": "0.34672", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00144", "scoring_system": "epss", "scoring_elements": "0.34732", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00144", "scoring_system": "epss", "scoring_elements": "0.34758", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00144", "scoring_system": "epss", "scoring_elements": "0.34636", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00144", "scoring_system": "epss", "scoring_elements": "0.34679", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-21210" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21210", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21210" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1085696", "reference_id": "1085696", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1085696" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2318524", "reference_id": "2318524", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2318524" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:11.0.24:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:java_se:11.0.24:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:11.0.24:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:17.0.12:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:java_se:17.0.12:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:17.0.12:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:21.0.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:java_se:21.0.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:21.0.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:23:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:java_se:23:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:23:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:8u421:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:java_se:8u421:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:8u421:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:8u421:*:*:*:enterprise_performance:*:*:*", "reference_id": "cpe:2.3:a:oracle:java_se:8u421:*:*:*:enterprise_performance:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:8u421:*:*:*:enterprise_performance:*:*:*" }, { "reference_url": "https://security.gentoo.org/glsa/202412-07", "reference_id": "GLSA-202412-07", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-07" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10926", "reference_id": "RHSA-2024:10926", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:10926" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8116", "reference_id": "RHSA-2024:8116", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8116" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8117", "reference_id": "RHSA-2024:8117", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8117" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8118", "reference_id": "RHSA-2024:8118", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8118" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8119", "reference_id": "RHSA-2024:8119", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8119" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8120", "reference_id": "RHSA-2024:8120", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8120" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8121", "reference_id": "RHSA-2024:8121", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8121" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8122", "reference_id": "RHSA-2024:8122", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8122" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8123", "reference_id": "RHSA-2024:8123", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8123" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8124", "reference_id": "RHSA-2024:8124", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8124" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8125", "reference_id": "RHSA-2024:8125", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8125" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8126", "reference_id": "RHSA-2024:8126", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8126" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8127", "reference_id": "RHSA-2024:8127", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8127" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8128", "reference_id": "RHSA-2024:8128", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8128" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8129", "reference_id": "RHSA-2024:8129", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8129" }, { "reference_url": "https://usn.ubuntu.com/7096-1/", "reference_id": "USN-7096-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7096-1/" }, { "reference_url": "https://usn.ubuntu.com/7097-1/", "reference_id": "USN-7097-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7097-1/" }, { "reference_url": "https://usn.ubuntu.com/7098-1/", "reference_id": "USN-7098-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7098-1/" }, { "reference_url": "https://usn.ubuntu.com/7099-1/", "reference_id": "USN-7099-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7099-1/" }, { "reference_url": "https://usn.ubuntu.com/7124-1/", "reference_id": "USN-7124-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7124-1/" }, { "reference_url": "https://usn.ubuntu.com/7338-1/", "reference_id": "USN-7338-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7338-1/" }, { "reference_url": "https://usn.ubuntu.com/7339-1/", "reference_id": "USN-7339-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7339-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/933658?format=api", "purl": "pkg:deb/debian/openjdk-21@21.0.5%2B11-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-21@21.0.5%252B11-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933654?format=api", "purl": "pkg:deb/debian/openjdk-21@21.0.10%2B7-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-21@21.0.10%252B7-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933651?format=api", "purl": "pkg:deb/debian/openjdk-21@21.0.11~6ea-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-21@21.0.11~6ea-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933653?format=api", "purl": "pkg:deb/debian/openjdk-21@21.0.11~8ea-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-21@21.0.11~8ea-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1062512?format=api", "purl": "pkg:deb/debian/openjdk-21@21.0.11~9ea-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-21@21.0.11~9ea-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2024-21210" ], "risk_score": 1.6, "exploitability": "0.5", "weighted_severity": "3.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-z356-tw9t-q7bp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/76843?format=api", "vulnerability_id": "VCID-zdra-bzqn-4ug9", "summary": "OpenJDK: integer overflow in C1 compiler address generation (8322122)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21068.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21068.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-21068", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0054", "scoring_system": "epss", "scoring_elements": "0.67616", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0054", "scoring_system": "epss", "scoring_elements": "0.67576", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0054", "scoring_system": "epss", "scoring_elements": "0.67597", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0054", "scoring_system": "epss", "scoring_elements": "0.67575", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0054", "scoring_system": "epss", "scoring_elements": "0.67627", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0054", "scoring_system": "epss", "scoring_elements": "0.6764", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0054", "scoring_system": "epss", "scoring_elements": "0.67663", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0054", "scoring_system": "epss", "scoring_elements": "0.67648", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-21068" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21011", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21011" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21012", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21012" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21068", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21068" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21085", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21085" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21094", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21094" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1069678", "reference_id": "1069678", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1069678" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2275003", "reference_id": "2275003", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2275003" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm:21.3.9:*:*:*:enterprise:*:*:*", "reference_id": "cpe:2.3:a:oracle:graalvm:21.3.9:*:*:*:enterprise:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm:21.3.9:*:*:*:enterprise:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:17.0.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:graalvm_for_jdk:17.0.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:17.0.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:21.0.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:graalvm_for_jdk:21.0.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:21.0.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:22:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:graalvm_for_jdk:22:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:22:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:11.0.22:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:java_se:11.0.22:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:11.0.22:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:17.0.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:java_se:17.0.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:17.0.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:21.0.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:java_se:21.0.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:21.0.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:22:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:oracle:java_se:22:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:22:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:8u401:*:*:*:enterprise_performance:*:*:*", "reference_id": "cpe:2.3:a:oracle:java_se:8u401:*:*:*:enterprise_performance:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:8u401:*:*:*:enterprise_performance:*:*:*" }, { "reference_url": "https://www.oracle.com/security-alerts/cpuapr2024.html", "reference_id": "cpuapr2024.html", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-03T19:30:18Z/" } ], "url": "https://www.oracle.com/security-alerts/cpuapr2024.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00014.html", "reference_id": "msg00014.html", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-03T19:30:18Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00014.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20240426-0004/", "reference_id": "ntap-20240426-0004", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-03T19:30:18Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20240426-0004/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1815", "reference_id": "RHSA-2024:1815", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1815" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1816", "reference_id": "RHSA-2024:1816", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1816" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1817", "reference_id": "RHSA-2024:1817", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1817" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1818", "reference_id": "RHSA-2024:1818", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1818" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1819", "reference_id": "RHSA-2024:1819", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1819" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1820", "reference_id": "RHSA-2024:1820", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1820" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1821", "reference_id": "RHSA-2024:1821", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1821" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1822", "reference_id": "RHSA-2024:1822", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1822" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1823", "reference_id": "RHSA-2024:1823", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1823" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1824", "reference_id": "RHSA-2024:1824", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1824" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1825", "reference_id": "RHSA-2024:1825", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1825" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1826", "reference_id": "RHSA-2024:1826", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1826" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1827", "reference_id": "RHSA-2024:1827", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1827" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1828", "reference_id": "RHSA-2024:1828", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1828" }, { "reference_url": "https://usn.ubuntu.com/6810-1/", "reference_id": "USN-6810-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6810-1/" }, { "reference_url": "https://usn.ubuntu.com/6811-1/", "reference_id": "USN-6811-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6811-1/" }, { "reference_url": "https://usn.ubuntu.com/6812-1/", "reference_id": "USN-6812-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6812-1/" }, { "reference_url": "https://usn.ubuntu.com/6813-1/", "reference_id": "USN-6813-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6813-1/" }, { "reference_url": "https://usn.ubuntu.com/7096-1/", "reference_id": "USN-7096-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7096-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/933657?format=api", "purl": "pkg:deb/debian/openjdk-21@21.0.3%2B9-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-21@21.0.3%252B9-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933654?format=api", "purl": "pkg:deb/debian/openjdk-21@21.0.10%2B7-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-21@21.0.10%252B7-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933651?format=api", "purl": "pkg:deb/debian/openjdk-21@21.0.11~6ea-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-21@21.0.11~6ea-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933653?format=api", "purl": "pkg:deb/debian/openjdk-21@21.0.11~8ea-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-21@21.0.11~8ea-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1062512?format=api", "purl": "pkg:deb/debian/openjdk-21@21.0.11~9ea-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-21@21.0.11~9ea-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2024-21068" ], "risk_score": 1.6, "exploitability": "0.5", "weighted_severity": "3.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zdra-bzqn-4ug9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/74707?format=api", "vulnerability_id": "VCID-zgpr-3zft-zqgt", "summary": "OpenJDK: Range Check Elimination (RCE) pre-loop limit overflow (8320548)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21140.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21140.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-21140", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00568", "scoring_system": "epss", "scoring_elements": "0.68526", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00568", "scoring_system": "epss", "scoring_elements": "0.68475", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00568", "scoring_system": "epss", "scoring_elements": "0.68525", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00568", "scoring_system": "epss", "scoring_elements": "0.68543", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00568", "scoring_system": "epss", "scoring_elements": "0.68569", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00568", "scoring_system": "epss", "scoring_elements": "0.68556", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00568", "scoring_system": "epss", "scoring_elements": "0.68479", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00568", "scoring_system": "epss", "scoring_elements": "0.68498", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-21140" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21131", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21131" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21138", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21138" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21140", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21140" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21144", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21144" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21145", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21145" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21147", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21147" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2297963", "reference_id": "2297963", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2297963" }, { "reference_url": "https://www.oracle.com/security-alerts/cpujul2024.html", "reference_id": "cpujul2024.html", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-17T13:27:50Z/" } ], "url": "https://www.oracle.com/security-alerts/cpujul2024.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20240719-0008/", "reference_id": "ntap-20240719-0008", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-17T13:27:50Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20240719-0008/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4560", "reference_id": "RHSA-2024:4560", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4560" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4561", "reference_id": "RHSA-2024:4561", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4561" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4562", "reference_id": "RHSA-2024:4562", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4562" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4563", "reference_id": "RHSA-2024:4563", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4563" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4564", "reference_id": "RHSA-2024:4564", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4564" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4565", "reference_id": "RHSA-2024:4565", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4565" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4566", "reference_id": "RHSA-2024:4566", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4566" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4567", "reference_id": "RHSA-2024:4567", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4567" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4568", "reference_id": "RHSA-2024:4568", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4568" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4569", "reference_id": "RHSA-2024:4569", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4569" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4570", "reference_id": "RHSA-2024:4570", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4570" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4571", "reference_id": "RHSA-2024:4571", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4571" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4572", "reference_id": "RHSA-2024:4572", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4572" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4573", "reference_id": "RHSA-2024:4573", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4573" }, { "reference_url": "https://usn.ubuntu.com/6929-1/", "reference_id": "USN-6929-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6929-1/" }, { "reference_url": "https://usn.ubuntu.com/6930-1/", "reference_id": "USN-6930-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6930-1/" }, { "reference_url": "https://usn.ubuntu.com/6931-1/", "reference_id": "USN-6931-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6931-1/" }, { "reference_url": "https://usn.ubuntu.com/6932-1/", "reference_id": "USN-6932-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6932-1/" }, { "reference_url": "https://usn.ubuntu.com/7096-1/", "reference_id": "USN-7096-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7096-1/" }, { "reference_url": "https://usn.ubuntu.com/7097-1/", "reference_id": "USN-7097-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7097-1/" }, { "reference_url": "https://usn.ubuntu.com/7098-1/", "reference_id": "USN-7098-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7098-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/933657?format=api", "purl": "pkg:deb/debian/openjdk-21@21.0.3%2B9-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-21@21.0.3%252B9-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933654?format=api", "purl": "pkg:deb/debian/openjdk-21@21.0.10%2B7-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-21@21.0.10%252B7-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933651?format=api", "purl": "pkg:deb/debian/openjdk-21@21.0.11~6ea-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-21@21.0.11~6ea-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933653?format=api", "purl": "pkg:deb/debian/openjdk-21@21.0.11~8ea-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-21@21.0.11~8ea-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1062512?format=api", "purl": "pkg:deb/debian/openjdk-21@21.0.11~9ea-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-21@21.0.11~9ea-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2024-21140" ], "risk_score": 2.1, "exploitability": "0.5", "weighted_severity": "4.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zgpr-3zft-zqgt" } ], "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-21@21.0.11~8ea-1%3Fdistro=trixie" }