Staging Environment: Content and features may be unstable or change without notice.
Search for vulnerabilities
Vulnerability details: VCID-a59u-h67v-yygm
Vulnerability ID VCID-a59u-h67v-yygm
Aliases CVE-2023-22041
Summary Multiple vulnerabilities have been discovered in OpenJDK, the worst of which could lead to remote code execution.
Status Published
Exploitability 0.5
Weighted Severity 4.6
Risk 2.3
Affected and Fixed Packages Package Details
Weaknesses (1)
CWE-334 Small Space of Random Values
System Score Found at
cvssv3 5.1 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-22041.json
epss 0.00073 https://api.first.org/data/v1/epss?cve=CVE-2023-22041
epss 0.00073 https://api.first.org/data/v1/epss?cve=CVE-2023-22041
epss 0.00073 https://api.first.org/data/v1/epss?cve=CVE-2023-22041
epss 0.00073 https://api.first.org/data/v1/epss?cve=CVE-2023-22041
epss 0.00073 https://api.first.org/data/v1/epss?cve=CVE-2023-22041
epss 0.00073 https://api.first.org/data/v1/epss?cve=CVE-2023-22041
epss 0.00073 https://api.first.org/data/v1/epss?cve=CVE-2023-22041
epss 0.00073 https://api.first.org/data/v1/epss?cve=CVE-2023-22041
epss 0.00073 https://api.first.org/data/v1/epss?cve=CVE-2023-22041
cvssv3.1 5.1 https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
Reference id Reference type URL
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-22041.json
https://api.first.org/data/v1/epss?cve=CVE-2023-22041
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21930
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21937
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21938
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21939
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21954
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21967
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21968
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22006
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22036
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22041
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22045
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22049
https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
2223207 https://bugzilla.redhat.com/show_bug.cgi?id=2223207
GLSA-202407-24 https://security.gentoo.org/glsa/202407-24
GLSA-202412-07 https://security.gentoo.org/glsa/202412-07
RHSA-2023:4157 https://access.redhat.com/errata/RHSA-2023:4157
RHSA-2023:4158 https://access.redhat.com/errata/RHSA-2023:4158
RHSA-2023:4159 https://access.redhat.com/errata/RHSA-2023:4159
RHSA-2023:4161 https://access.redhat.com/errata/RHSA-2023:4161
RHSA-2023:4162 https://access.redhat.com/errata/RHSA-2023:4162
RHSA-2023:4163 https://access.redhat.com/errata/RHSA-2023:4163
RHSA-2023:4164 https://access.redhat.com/errata/RHSA-2023:4164
RHSA-2023:4165 https://access.redhat.com/errata/RHSA-2023:4165
RHSA-2023:4169 https://access.redhat.com/errata/RHSA-2023:4169
RHSA-2023:4170 https://access.redhat.com/errata/RHSA-2023:4170
RHSA-2023:4171 https://access.redhat.com/errata/RHSA-2023:4171
RHSA-2023:4175 https://access.redhat.com/errata/RHSA-2023:4175
RHSA-2023:4177 https://access.redhat.com/errata/RHSA-2023:4177
RHSA-2023:4208 https://access.redhat.com/errata/RHSA-2023:4208
RHSA-2023:4210 https://access.redhat.com/errata/RHSA-2023:4210
RHSA-2023:4211 https://access.redhat.com/errata/RHSA-2023:4211
RHSA-2023:4233 https://access.redhat.com/errata/RHSA-2023:4233
USN-6263-1 https://usn.ubuntu.com/6263-1/
USN-6272-1 https://usn.ubuntu.com/6272-1/
No exploits are available.
Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N Found at https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-22041.json
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N Found at https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Exploit Prediction Scoring System (EPSS)
Percentile 0.22241
EPSS Score 0.00073
Published At April 2, 2026, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
2026-04-01T12:58:45.712063+00:00 Gentoo Importer Import https://security.gentoo.org/glsa/202412-07 38.0.0