Django REST framework

Lookup for vulnerabilities affecting packages.

Vulnerability_id VCID-6fce-bys3-kkgm

Summary openjdk: OpenJDK: Update LibPNG (Oracle CPU 2026-04)

Aliases

alias	CVE-2026-22020

Fixed_packages

url	pkg:deb/debian/openjdk-11@11.0.31%2B11-1?distro=sid
purl	pkg:deb/debian/openjdk-11@11.0.31%2B11-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.31%252B11-1%3Fdistro=sid

url	pkg:deb/debian/openjdk-11@0?distro=sid
purl	pkg:deb/debian/openjdk-11@0?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@0%3Fdistro=sid

url pkg:deb/debian/openjdk-11@11.0.24%2B8-2~deb11u1?distro=sid

purl pkg:deb/debian/openjdk-11@11.0.24%2B8-2~deb11u1?distro=sid

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1gha-995s-7qdg

vulnerability	VCID-57sd-8y93-qqhu

vulnerability	VCID-6r1k-8y1c-q7fm

vulnerability	VCID-jxgd-j4wr-tyb7

vulnerability	VCID-sz6r-65q1-q3bh

vulnerability	VCID-xte1-h9nn-4bbk

vulnerability	VCID-zsun-4q6p-8fek

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.24%252B8-2~deb11u1%3Fdistro=sid

url	pkg:deb/debian/openjdk-17@0?distro=sid
purl	pkg:deb/debian/openjdk-17@0?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@0%3Fdistro=sid

url pkg:deb/debian/openjdk-17@17.0.12%2B7-2~deb11u1?distro=sid

purl pkg:deb/debian/openjdk-17@17.0.12%2B7-2~deb11u1?distro=sid

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1gha-995s-7qdg

vulnerability	VCID-57sd-8y93-qqhu

vulnerability	VCID-6r1k-8y1c-q7fm

vulnerability	VCID-jxgd-j4wr-tyb7

vulnerability	VCID-sz6r-65q1-q3bh

vulnerability	VCID-xte1-h9nn-4bbk

vulnerability	VCID-zsun-4q6p-8fek

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.12%252B7-2~deb11u1%3Fdistro=sid

url pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1?distro=sid

purl pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1?distro=sid

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1gha-995s-7qdg

vulnerability	VCID-57sd-8y93-qqhu

vulnerability	VCID-6r1k-8y1c-q7fm

vulnerability	VCID-jxgd-j4wr-tyb7

vulnerability	VCID-sz6r-65q1-q3bh

vulnerability	VCID-xte1-h9nn-4bbk

vulnerability	VCID-zsun-4q6p-8fek

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.17%252B10-1~deb12u1%3Fdistro=sid

url	pkg:deb/debian/openjdk-17@17.0.19%2B10-1?distro=sid
purl	pkg:deb/debian/openjdk-17@17.0.19%2B10-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19%252B10-1%3Fdistro=sid

url	pkg:deb/debian/openjdk-21@0?distro=trixie
purl	pkg:deb/debian/openjdk-21@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-21@0%3Fdistro=trixie

url	pkg:deb/debian/openjdk-21@21.0.11%2B10-1?distro=trixie
purl	pkg:deb/debian/openjdk-21@21.0.11%2B10-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-21@21.0.11%252B10-1%3Fdistro=trixie

url pkg:deb/debian/openjdk-21@21.0.10%2B7-1~deb13u1?distro=trixie

purl pkg:deb/debian/openjdk-21@21.0.10%2B7-1~deb13u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1gha-995s-7qdg

vulnerability	VCID-57sd-8y93-qqhu

vulnerability	VCID-6r1k-8y1c-q7fm

vulnerability	VCID-jxgd-j4wr-tyb7

vulnerability	VCID-sz6r-65q1-q3bh

vulnerability	VCID-xte1-h9nn-4bbk

vulnerability	VCID-zsun-4q6p-8fek

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-21@21.0.10%252B7-1~deb13u1%3Fdistro=trixie

url pkg:deb/debian/openjdk-21@21.0.11~9ea-1?distro=trixie

purl pkg:deb/debian/openjdk-21@21.0.11~9ea-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1gha-995s-7qdg

vulnerability	VCID-57sd-8y93-qqhu

vulnerability	VCID-6r1k-8y1c-q7fm

vulnerability	VCID-jxgd-j4wr-tyb7

vulnerability	VCID-sz6r-65q1-q3bh

vulnerability	VCID-xte1-h9nn-4bbk

vulnerability	VCID-zsun-4q6p-8fek

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-21@21.0.11~9ea-1%3Fdistro=trixie

url	pkg:deb/debian/openjdk-25@0?distro=trixie
purl	pkg:deb/debian/openjdk-25@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-25@0%3Fdistro=trixie

url	pkg:deb/debian/openjdk-25@25.0.3%2B9-2?distro=trixie
purl	pkg:deb/debian/openjdk-25@25.0.3%2B9-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-25@25.0.3%252B9-2%3Fdistro=trixie

url pkg:deb/debian/openjdk-25@25.0.2%2B10-1~deb13u2?distro=trixie

purl pkg:deb/debian/openjdk-25@25.0.2%2B10-1~deb13u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1gha-995s-7qdg

vulnerability	VCID-57sd-8y93-qqhu

vulnerability	VCID-6r1k-8y1c-q7fm

vulnerability	VCID-jxgd-j4wr-tyb7

vulnerability	VCID-m54j-wfuk-yua7

vulnerability	VCID-sz6r-65q1-q3bh

vulnerability	VCID-xte1-h9nn-4bbk

vulnerability	VCID-zsun-4q6p-8fek

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-25@25.0.2%252B10-1~deb13u2%3Fdistro=trixie

url pkg:deb/debian/openjdk-25@25.0.3~8ea-1?distro=trixie

purl pkg:deb/debian/openjdk-25@25.0.3~8ea-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1gha-995s-7qdg

vulnerability	VCID-57sd-8y93-qqhu

vulnerability	VCID-6r1k-8y1c-q7fm

vulnerability	VCID-jxgd-j4wr-tyb7

vulnerability	VCID-m54j-wfuk-yua7

vulnerability	VCID-sz6r-65q1-q3bh

vulnerability	VCID-xte1-h9nn-4bbk

vulnerability	VCID-zsun-4q6p-8fek

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-25@25.0.3~8ea-1%3Fdistro=trixie

url	pkg:deb/debian/openjdk-8@0?distro=sid
purl	pkg:deb/debian/openjdk-8@0?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-8@0%3Fdistro=sid

url	pkg:deb/debian/openjdk-8@8u482-ga-1?distro=sid
purl	pkg:deb/debian/openjdk-8@8u482-ga-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-8@8u482-ga-1%3Fdistro=sid

Affected_packages

References

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-22020.json

reference_id

reference_type

scores

value	7.1
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-22020.json

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2460045
reference_id	2460045
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2460045

Weaknesses

cwe_id	787
name	Out-of-bounds Write
description	The product writes data past the end, or before the beginning, of the intended buffer.

Exploits

Severity_range_score 7.1 - 7.1

Exploitability null

Weighted_severity null

Risk_score null

Resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6fce-bys3-kkgm

Vulnerability Instance