{"url":"http://public2.vulnerablecode.io/api/packages/1049131?format=json","purl":"pkg:deb/debian/openjdk-11@11.0.24%2B8-2~deb11u1","type":"deb","namespace":"debian","name":"openjdk-11","version":"11.0.24+8-2~deb11u1","qualifiers":{},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":"11.0.31~10ea-1","latest_non_vulnerable_version":"11.0.31~10ea-1","affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/70352?format=json","vulnerability_id":"VCID-11vj-5zz4-6fe7","summary":"openjdk: Enhance Buffered Image handling (Oracle CPU 2025-04)","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-30698.json","reference_id":"","reference_type":"","scores":[{"value":"5.6","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-30698.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-30698","reference_id":"","reference_type":"","scores":[{"value":"0.00605","scoring_system":"epss","scoring_elements":"0.69565","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00605","scoring_system":"epss","scoring_elements":"0.69621","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00605","scoring_system":"epss","scoring_elements":"0.69627","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00605","scoring_system":"epss","scoring_elements":"0.6965","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00605","scoring_system":"epss","scoring_elements":"0.69635","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00605","scoring_system":"epss","scoring_elements":"0.69581","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00605","scoring_system":"epss","scoring_elements":"0.6956","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00605","scoring_system":"epss","scoring_elements":"0.69611","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-30698"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-30698","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-30698"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103897","reference_id":"1103897","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103897"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103898","reference_id":"1103898","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103898"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103899","reference_id":"1103899","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103899"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103900","reference_id":"1103900","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103900"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2359693","reference_id":"2359693","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2359693"},{"reference_url":"https://www.oracle.com/security-alerts/cpuapr2025.html","reference_id":"cpuapr2025.html","reference_type":"","scores":[{"value":"5.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-16T14:13:36Z/"}],"url":"https://www.oracle.com/security-alerts/cpuapr2025.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3844","reference_id":"RHSA-2025:3844","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3844"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3845","reference_id":"RHSA-2025:3845","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3845"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3846","reference_id":"RHSA-2025:3846","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3846"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3847","reference_id":"RHSA-2025:3847","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3847"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3848","reference_id":"RHSA-2025:3848","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3848"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3849","reference_id":"RHSA-2025:3849","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3849"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3850","reference_id":"RHSA-2025:3850","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3850"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3852","reference_id":"RHSA-2025:3852","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3852"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3853","reference_id":"RHSA-2025:3853","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3853"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3854","reference_id":"RHSA-2025:3854","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3854"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3855","reference_id":"RHSA-2025:3855","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3855"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3856","reference_id":"RHSA-2025:3856","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3856"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3857","reference_id":"RHSA-2025:3857","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3857"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:7508","reference_id":"RHSA-2025:7508","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:7508"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8063","reference_id":"RHSA-2025:8063","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:8063"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8431","reference_id":"RHSA-2025:8431","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:8431"},{"reference_url":"https://usn.ubuntu.com/7480-1/","reference_id":"USN-7480-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7480-1/"},{"reference_url":"https://usn.ubuntu.com/7481-1/","reference_id":"USN-7481-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7481-1/"},{"reference_url":"https://usn.ubuntu.com/7482-1/","reference_id":"USN-7482-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7482-1/"},{"reference_url":"https://usn.ubuntu.com/7483-1/","reference_id":"USN-7483-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7483-1/"},{"reference_url":"https://usn.ubuntu.com/7484-1/","reference_id":"USN-7484-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7484-1/"},{"reference_url":"https://usn.ubuntu.com/7531-1/","reference_id":"USN-7531-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7531-1/"},{"reference_url":"https://usn.ubuntu.com/7533-1/","reference_id":"USN-7533-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7533-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1050106?format=json","purl":"pkg:deb/debian/openjdk-11@11.0.31~6ea-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.31~6ea-1"},{"url":"http://public2.vulnerablecode.io/api/packages/1060944?format=json","purl":"pkg:deb/debian/openjdk-11@11.0.31~10ea-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.31~10ea-1"}],"aliases":["CVE-2025-30698"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-11vj-5zz4-6fe7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/66833?format=json","vulnerability_id":"VCID-13t7-vubq-8kae","summary":"openjdk: Enhance certificate handling (Oracle CPU 2025-10)","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-53057.json","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-53057.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-53057","reference_id":"","reference_type":"","scores":[{"value":"0.00075","scoring_system":"epss","scoring_elements":"0.22702","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00075","scoring_system":"epss","scoring_elements":"0.22587","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00075","scoring_system":"epss","scoring_elements":"0.22666","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00075","scoring_system":"epss","scoring_elements":"0.22683","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00075","scoring_system":"epss","scoring_elements":"0.22642","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00075","scoring_system":"epss","scoring_elements":"0.22747","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00075","scoring_system":"epss","scoring_elements":"0.22535","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00075","scoring_system":"epss","scoring_elements":"0.22612","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-53057"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-53057","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-53057"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1118944","reference_id":"1118944","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1118944"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2403082","reference_id":"2403082","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2403082"},{"reference_url":"https://www.oracle.com/security-alerts/cpuoct2025.html","reference_id":"cpuoct2025.html","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-22T14:46:38Z/"}],"url":"https://www.oracle.com/security-alerts/cpuoct2025.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:18814","reference_id":"RHSA-2025:18814","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:18814"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:18815","reference_id":"RHSA-2025:18815","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:18815"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:18816","reference_id":"RHSA-2025:18816","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:18816"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:18817","reference_id":"RHSA-2025:18817","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:18817"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:18818","reference_id":"RHSA-2025:18818","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:18818"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:18819","reference_id":"RHSA-2025:18819","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:18819"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:18820","reference_id":"RHSA-2025:18820","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:18820"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:18821","reference_id":"RHSA-2025:18821","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:18821"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:18822","reference_id":"RHSA-2025:18822","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:18822"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:18823","reference_id":"RHSA-2025:18823","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:18823"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:18824","reference_id":"RHSA-2025:18824","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:18824"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:18825","reference_id":"RHSA-2025:18825","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:18825"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:18826","reference_id":"RHSA-2025:18826","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:18826"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21485","reference_id":"RHSA-2025:21485","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21485"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22370","reference_id":"RHSA-2025:22370","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:22370"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22672","reference_id":"RHSA-2025:22672","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:22672"},{"reference_url":"https://usn.ubuntu.com/7881-1/","reference_id":"USN-7881-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7881-1/"},{"reference_url":"https://usn.ubuntu.com/7882-1/","reference_id":"USN-7882-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7882-1/"},{"reference_url":"https://usn.ubuntu.com/7883-1/","reference_id":"USN-7883-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7883-1/"},{"reference_url":"https://usn.ubuntu.com/7884-1/","reference_id":"USN-7884-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7884-1/"},{"reference_url":"https://usn.ubuntu.com/7885-1/","reference_id":"USN-7885-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7885-1/"},{"reference_url":"https://usn.ubuntu.com/7900-1/","reference_id":"USN-7900-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7900-1/"},{"reference_url":"https://usn.ubuntu.com/7901-1/","reference_id":"USN-7901-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7901-1/"},{"reference_url":"https://usn.ubuntu.com/7902-1/","reference_id":"USN-7902-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7902-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1050106?format=json","purl":"pkg:deb/debian/openjdk-11@11.0.31~6ea-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.31~6ea-1"},{"url":"http://public2.vulnerablecode.io/api/packages/1060944?format=json","purl":"pkg:deb/debian/openjdk-11@11.0.31~10ea-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.31~10ea-1"}],"aliases":["CVE-2025-53057"],"risk_score":2.6,"exploitability":"0.5","weighted_severity":"5.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-13t7-vubq-8kae"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/64943?format=json","vulnerability_id":"VCID-4snj-etwf-eqe8","summary":"openjdk: Improve HttpServer Request handling (Oracle CPU 2026-01)","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-21933.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-21933.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-21933","reference_id":"","reference_type":"","scores":[{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09035","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09077","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09121","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09122","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09091","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09086","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.0901","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.0909","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-21933"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-21933","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-21933"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1126119","reference_id":"1126119","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1126119"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2429926","reference_id":"2429926","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2429926"},{"reference_url":"https://www.oracle.com/security-alerts/cpujan2026.html","reference_id":"cpujan2026.html","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-21T20:56:13Z/"}],"url":"https://www.oracle.com/security-alerts/cpujan2026.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0847","reference_id":"RHSA-2026:0847","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0847"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0848","reference_id":"RHSA-2026:0848","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0848"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0849","reference_id":"RHSA-2026:0849","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0849"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0895","reference_id":"RHSA-2026:0895","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0895"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0896","reference_id":"RHSA-2026:0896","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0896"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0897","reference_id":"RHSA-2026:0897","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0897"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0898","reference_id":"RHSA-2026:0898","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0898"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0899","reference_id":"RHSA-2026:0899","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0899"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0900","reference_id":"RHSA-2026:0900","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0900"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0901","reference_id":"RHSA-2026:0901","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0901"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0927","reference_id":"RHSA-2026:0927","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0927"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0928","reference_id":"RHSA-2026:0928","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0928"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0931","reference_id":"RHSA-2026:0931","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0931"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0932","reference_id":"RHSA-2026:0932","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0932"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0933","reference_id":"RHSA-2026:0933","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0933"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1606","reference_id":"RHSA-2026:1606","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1606"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4832","reference_id":"RHSA-2026:4832","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4832"},{"reference_url":"https://usn.ubuntu.com/7995-1/","reference_id":"USN-7995-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7995-1/"},{"reference_url":"https://usn.ubuntu.com/7996-1/","reference_id":"USN-7996-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7996-1/"},{"reference_url":"https://usn.ubuntu.com/7997-1/","reference_id":"USN-7997-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7997-1/"},{"reference_url":"https://usn.ubuntu.com/7998-1/","reference_id":"USN-7998-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7998-1/"},{"reference_url":"https://usn.ubuntu.com/8000-1/","reference_id":"USN-8000-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8000-1/"},{"reference_url":"https://usn.ubuntu.com/8001-1/","reference_id":"USN-8001-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8001-1/"},{"reference_url":"https://usn.ubuntu.com/8002-1/","reference_id":"USN-8002-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8002-1/"},{"reference_url":"https://usn.ubuntu.com/8003-1/","reference_id":"USN-8003-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8003-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1050106?format=json","purl":"pkg:deb/debian/openjdk-11@11.0.31~6ea-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.31~6ea-1"},{"url":"http://public2.vulnerablecode.io/api/packages/1060944?format=json","purl":"pkg:deb/debian/openjdk-11@11.0.31~10ea-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.31~10ea-1"}],"aliases":["CVE-2026-21933"],"risk_score":2.8,"exploitability":"0.5","weighted_severity":"5.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4snj-etwf-eqe8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/31982?format=json","vulnerability_id":"VCID-6196-gvhx-ruh8","summary":"Multiple vulnerabilities have been discovered in OpenJDK, the worst of which could lead to remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21235.json","reference_id":"","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21235.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-21235","reference_id":"","reference_type":"","scores":[{"value":"0.00171","scoring_system":"epss","scoring_elements":"0.38305","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00171","scoring_system":"epss","scoring_elements":"0.38417","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00171","scoring_system":"epss","scoring_elements":"0.38441","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00171","scoring_system":"epss","scoring_elements":"0.38355","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00171","scoring_system":"epss","scoring_elements":"0.38363","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00171","scoring_system":"epss","scoring_elements":"0.3838","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00216","scoring_system":"epss","scoring_elements":"0.44159","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00216","scoring_system":"epss","scoring_elements":"0.44158","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-21235"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21235","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21235"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1085696","reference_id":"1085696","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1085696"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2318534","reference_id":"2318534","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2318534"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm:20.3.15:*:*:*:enterprise:*:*:*","reference_id":"cpe:2.3:a:oracle:graalvm:20.3.15:*:*:*:enterprise:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm:20.3.15:*:*:*:enterprise:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm:21.3.11:*:*:*:enterprise:*:*:*","reference_id":"cpe:2.3:a:oracle:graalvm:21.3.11:*:*:*:enterprise:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm:21.3.11:*:*:*:enterprise:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:17.0.12:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:graalvm_for_jdk:17.0.12:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:17.0.12:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:21.0.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:graalvm_for_jdk:21.0.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:21.0.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:23:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:graalvm_for_jdk:23:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:23:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:11.0.24:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:java_se:11.0.24:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:11.0.24:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:17.0.12:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:java_se:17.0.12:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:17.0.12:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:21.0.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:java_se:21.0.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:21.0.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:23:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:java_se:23:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:23:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:8u421:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:java_se:8u421:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:8u421:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:8u421:*:*:*:enterprise_performance:*:*:*","reference_id":"cpe:2.3:a:oracle:java_se:8u421:*:*:*:enterprise_performance:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:8u421:*:*:*:enterprise_performance:*:*:*"},{"reference_url":"https://security.gentoo.org/glsa/202412-07","reference_id":"GLSA-202412-07","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-07"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10926","reference_id":"RHSA-2024:10926","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10926"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8116","reference_id":"RHSA-2024:8116","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8116"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8117","reference_id":"RHSA-2024:8117","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8117"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8118","reference_id":"RHSA-2024:8118","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8118"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8119","reference_id":"RHSA-2024:8119","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8119"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8120","reference_id":"RHSA-2024:8120","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8120"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8121","reference_id":"RHSA-2024:8121","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8121"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8122","reference_id":"RHSA-2024:8122","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8122"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8123","reference_id":"RHSA-2024:8123","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8123"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8124","reference_id":"RHSA-2024:8124","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8124"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8125","reference_id":"RHSA-2024:8125","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8125"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8126","reference_id":"RHSA-2024:8126","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8126"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8127","reference_id":"RHSA-2024:8127","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8127"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8128","reference_id":"RHSA-2024:8128","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8128"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8129","reference_id":"RHSA-2024:8129","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8129"},{"reference_url":"https://usn.ubuntu.com/7096-1/","reference_id":"USN-7096-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7096-1/"},{"reference_url":"https://usn.ubuntu.com/7097-1/","reference_id":"USN-7097-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7097-1/"},{"reference_url":"https://usn.ubuntu.com/7098-1/","reference_id":"USN-7098-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7098-1/"},{"reference_url":"https://usn.ubuntu.com/7099-1/","reference_id":"USN-7099-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7099-1/"},{"reference_url":"https://usn.ubuntu.com/7124-1/","reference_id":"USN-7124-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7124-1/"},{"reference_url":"https://usn.ubuntu.com/7338-1/","reference_id":"USN-7338-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7338-1/"},{"reference_url":"https://usn.ubuntu.com/7339-1/","reference_id":"USN-7339-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7339-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1050106?format=json","purl":"pkg:deb/debian/openjdk-11@11.0.31~6ea-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.31~6ea-1"},{"url":"http://public2.vulnerablecode.io/api/packages/1060944?format=json","purl":"pkg:deb/debian/openjdk-11@11.0.31~10ea-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.31~10ea-1"}],"aliases":["CVE-2024-21235"],"risk_score":2.1,"exploitability":"0.5","weighted_severity":"4.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6196-gvhx-ruh8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/31980?format=json","vulnerability_id":"VCID-9n5v-4daz-eyc2","summary":"Multiple vulnerabilities have been discovered in OpenJDK, the worst of which could lead to remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21217.json","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21217.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-21217","reference_id":"","reference_type":"","scores":[{"value":"0.00096","scoring_system":"epss","scoring_elements":"0.26611","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00096","scoring_system":"epss","scoring_elements":"0.26708","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00096","scoring_system":"epss","scoring_elements":"0.26713","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00096","scoring_system":"epss","scoring_elements":"0.26668","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00096","scoring_system":"epss","scoring_elements":"0.26767","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00096","scoring_system":"epss","scoring_elements":"0.26807","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00096","scoring_system":"epss","scoring_elements":"0.26591","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00096","scoring_system":"epss","scoring_elements":"0.26658","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-21217"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21217","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21217"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1085696","reference_id":"1085696","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1085696"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2318530","reference_id":"2318530","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2318530"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm:20.3.15:*:*:*:enterprise:*:*:*","reference_id":"cpe:2.3:a:oracle:graalvm:20.3.15:*:*:*:enterprise:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm:20.3.15:*:*:*:enterprise:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm:21.3.11:*:*:*:enterprise:*:*:*","reference_id":"cpe:2.3:a:oracle:graalvm:21.3.11:*:*:*:enterprise:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm:21.3.11:*:*:*:enterprise:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:17.0.12:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:graalvm_for_jdk:17.0.12:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:17.0.12:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:21.0.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:graalvm_for_jdk:21.0.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:21.0.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:23:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:graalvm_for_jdk:23:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:23:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:11.0.24:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:java_se:11.0.24:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:11.0.24:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:17.0.12:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:java_se:17.0.12:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:17.0.12:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:21.0.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:java_se:21.0.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:21.0.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:23:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:java_se:23:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:23:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:8u421:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:java_se:8u421:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:8u421:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:8u421:*:*:*:enterprise_performance:*:*:*","reference_id":"cpe:2.3:a:oracle:java_se:8u421:*:*:*:enterprise_performance:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:8u421:*:*:*:enterprise_performance:*:*:*"},{"reference_url":"https://security.gentoo.org/glsa/202412-07","reference_id":"GLSA-202412-07","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-07"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10926","reference_id":"RHSA-2024:10926","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10926"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8116","reference_id":"RHSA-2024:8116","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8116"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8117","reference_id":"RHSA-2024:8117","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8117"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8118","reference_id":"RHSA-2024:8118","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8118"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8119","reference_id":"RHSA-2024:8119","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8119"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8120","reference_id":"RHSA-2024:8120","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8120"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8121","reference_id":"RHSA-2024:8121","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8121"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8122","reference_id":"RHSA-2024:8122","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8122"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8123","reference_id":"RHSA-2024:8123","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8123"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8124","reference_id":"RHSA-2024:8124","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8124"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8125","reference_id":"RHSA-2024:8125","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8125"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8126","reference_id":"RHSA-2024:8126","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8126"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8127","reference_id":"RHSA-2024:8127","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8127"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8128","reference_id":"RHSA-2024:8128","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8128"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8129","reference_id":"RHSA-2024:8129","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8129"},{"reference_url":"https://usn.ubuntu.com/7096-1/","reference_id":"USN-7096-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7096-1/"},{"reference_url":"https://usn.ubuntu.com/7097-1/","reference_id":"USN-7097-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7097-1/"},{"reference_url":"https://usn.ubuntu.com/7098-1/","reference_id":"USN-7098-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7098-1/"},{"reference_url":"https://usn.ubuntu.com/7099-1/","reference_id":"USN-7099-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7099-1/"},{"reference_url":"https://usn.ubuntu.com/7124-1/","reference_id":"USN-7124-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7124-1/"},{"reference_url":"https://usn.ubuntu.com/7338-1/","reference_id":"USN-7338-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7338-1/"},{"reference_url":"https://usn.ubuntu.com/7339-1/","reference_id":"USN-7339-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7339-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1050106?format=json","purl":"pkg:deb/debian/openjdk-11@11.0.31~6ea-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.31~6ea-1"},{"url":"http://public2.vulnerablecode.io/api/packages/1060944?format=json","purl":"pkg:deb/debian/openjdk-11@11.0.31~10ea-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.31~10ea-1"}],"aliases":["CVE-2024-21217"],"risk_score":1.6,"exploitability":"0.5","weighted_severity":"3.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9n5v-4daz-eyc2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/64944?format=json","vulnerability_id":"VCID-apsn-z1br-3bdy","summary":"openjdk: Enhance Certificate Checking (Oracle CPU 2026-01)","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-21945.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-21945.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-21945","reference_id":"","reference_type":"","scores":[{"value":"0.00053","scoring_system":"epss","scoring_elements":"0.16874","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00053","scoring_system":"epss","scoring_elements":"0.16728","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00053","scoring_system":"epss","scoring_elements":"0.16854","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00053","scoring_system":"epss","scoring_elements":"0.16832","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00053","scoring_system":"epss","scoring_elements":"0.16786","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00053","scoring_system":"epss","scoring_elements":"0.1693","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00053","scoring_system":"epss","scoring_elements":"0.16714","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00053","scoring_system":"epss","scoring_elements":"0.16799","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-21945"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-21945","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-21945"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1126119","reference_id":"1126119","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1126119"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2429927","reference_id":"2429927","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2429927"},{"reference_url":"https://www.oracle.com/security-alerts/cpujan2026.html","reference_id":"cpujan2026.html","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-01-21T15:04:39Z/"}],"url":"https://www.oracle.com/security-alerts/cpujan2026.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0847","reference_id":"RHSA-2026:0847","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0847"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0848","reference_id":"RHSA-2026:0848","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0848"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0849","reference_id":"RHSA-2026:0849","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0849"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0895","reference_id":"RHSA-2026:0895","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0895"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0896","reference_id":"RHSA-2026:0896","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0896"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0897","reference_id":"RHSA-2026:0897","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0897"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0898","reference_id":"RHSA-2026:0898","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0898"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0899","reference_id":"RHSA-2026:0899","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0899"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0900","reference_id":"RHSA-2026:0900","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0900"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0901","reference_id":"RHSA-2026:0901","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0901"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0927","reference_id":"RHSA-2026:0927","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0927"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0928","reference_id":"RHSA-2026:0928","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0928"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0931","reference_id":"RHSA-2026:0931","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0931"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0932","reference_id":"RHSA-2026:0932","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0932"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0933","reference_id":"RHSA-2026:0933","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0933"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1606","reference_id":"RHSA-2026:1606","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1606"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4832","reference_id":"RHSA-2026:4832","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4832"},{"reference_url":"https://usn.ubuntu.com/7995-1/","reference_id":"USN-7995-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7995-1/"},{"reference_url":"https://usn.ubuntu.com/7996-1/","reference_id":"USN-7996-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7996-1/"},{"reference_url":"https://usn.ubuntu.com/7997-1/","reference_id":"USN-7997-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7997-1/"},{"reference_url":"https://usn.ubuntu.com/7998-1/","reference_id":"USN-7998-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7998-1/"},{"reference_url":"https://usn.ubuntu.com/8000-1/","reference_id":"USN-8000-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8000-1/"},{"reference_url":"https://usn.ubuntu.com/8001-1/","reference_id":"USN-8001-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8001-1/"},{"reference_url":"https://usn.ubuntu.com/8002-1/","reference_id":"USN-8002-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8002-1/"},{"reference_url":"https://usn.ubuntu.com/8003-1/","reference_id":"USN-8003-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8003-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1050106?format=json","purl":"pkg:deb/debian/openjdk-11@11.0.31~6ea-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.31~6ea-1"},{"url":"http://public2.vulnerablecode.io/api/packages/1060944?format=json","purl":"pkg:deb/debian/openjdk-11@11.0.31~10ea-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.31~10ea-1"}],"aliases":["CVE-2026-21945"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-apsn-z1br-3bdy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/68623?format=json","vulnerability_id":"VCID-b32x-4pu4-jkh4","summary":"openjdk: Better Glyph drawing (Oracle CPU 2025-07)","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-30749.json","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-30749.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-30749","reference_id":"","reference_type":"","scores":[{"value":"0.00508","scoring_system":"epss","scoring_elements":"0.6625","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00508","scoring_system":"epss","scoring_elements":"0.66247","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00508","scoring_system":"epss","scoring_elements":"0.66277","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00508","scoring_system":"epss","scoring_elements":"0.66294","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00508","scoring_system":"epss","scoring_elements":"0.66307","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00672","scoring_system":"epss","scoring_elements":"0.71372","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00672","scoring_system":"epss","scoring_elements":"0.71355","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00672","scoring_system":"epss","scoring_elements":"0.71388","published_at":"2026-04-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-30749"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-30749","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-30749"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2376783","reference_id":"2376783","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2376783"},{"reference_url":"https://www.oracle.com/security-alerts/cpujul2025.html","reference_id":"cpujul2025.html","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-07-15T20:23:21Z/"}],"url":"https://www.oracle.com/security-alerts/cpujul2025.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10861","reference_id":"RHSA-2025:10861","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10861"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10862","reference_id":"RHSA-2025:10862","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10862"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10863","reference_id":"RHSA-2025:10863","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10863"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10864","reference_id":"RHSA-2025:10864","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10864"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10865","reference_id":"RHSA-2025:10865","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10865"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10866","reference_id":"RHSA-2025:10866","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10866"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10867","reference_id":"RHSA-2025:10867","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10867"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10868","reference_id":"RHSA-2025:10868","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10868"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10869","reference_id":"RHSA-2025:10869","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10869"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10870","reference_id":"RHSA-2025:10870","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10870"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10873","reference_id":"RHSA-2025:10873","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10873"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10874","reference_id":"RHSA-2025:10874","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10874"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10875","reference_id":"RHSA-2025:10875","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10875"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:13656","reference_id":"RHSA-2025:13656","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:13656"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:13675","reference_id":"RHSA-2025:13675","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:13675"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0934","reference_id":"RHSA-2026:0934","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0934"},{"reference_url":"https://usn.ubuntu.com/7667-1/","reference_id":"USN-7667-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7667-1/"},{"reference_url":"https://usn.ubuntu.com/7668-1/","reference_id":"USN-7668-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7668-1/"},{"reference_url":"https://usn.ubuntu.com/7669-1/","reference_id":"USN-7669-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7669-1/"},{"reference_url":"https://usn.ubuntu.com/7672-1/","reference_id":"USN-7672-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7672-1/"},{"reference_url":"https://usn.ubuntu.com/7673-1/","reference_id":"USN-7673-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7673-1/"},{"reference_url":"https://usn.ubuntu.com/7674-1/","reference_id":"USN-7674-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7674-1/"},{"reference_url":"https://usn.ubuntu.com/7690-1/","reference_id":"USN-7690-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7690-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1050106?format=json","purl":"pkg:deb/debian/openjdk-11@11.0.31~6ea-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.31~6ea-1"},{"url":"http://public2.vulnerablecode.io/api/packages/1060944?format=json","purl":"pkg:deb/debian/openjdk-11@11.0.31~10ea-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.31~10ea-1"}],"aliases":["CVE-2025-30749"],"risk_score":3.6,"exploitability":"0.5","weighted_severity":"7.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-b32x-4pu4-jkh4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/64942?format=json","vulnerability_id":"VCID-duy9-6f1p-vqah","summary":"openjdk: Enhance Handling of URIs (Oracle CPU 2026-01)","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-21932.json","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-21932.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-21932","reference_id":"","reference_type":"","scores":[{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09259","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09314","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09346","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09356","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09328","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.0931","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09227","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09302","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-21932"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-21932","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-21932"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1126119","reference_id":"1126119","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1126119"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2429925","reference_id":"2429925","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2429925"},{"reference_url":"https://www.oracle.com/security-alerts/cpujan2026.html","reference_id":"cpujan2026.html","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-21T20:55:36Z/"}],"url":"https://www.oracle.com/security-alerts/cpujan2026.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0849","reference_id":"RHSA-2026:0849","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0849"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0896","reference_id":"RHSA-2026:0896","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0896"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0898","reference_id":"RHSA-2026:0898","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0898"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0900","reference_id":"RHSA-2026:0900","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0900"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1606","reference_id":"RHSA-2026:1606","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1606"},{"reference_url":"https://usn.ubuntu.com/7995-1/","reference_id":"USN-7995-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7995-1/"},{"reference_url":"https://usn.ubuntu.com/7996-1/","reference_id":"USN-7996-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7996-1/"},{"reference_url":"https://usn.ubuntu.com/7997-1/","reference_id":"USN-7997-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7997-1/"},{"reference_url":"https://usn.ubuntu.com/7998-1/","reference_id":"USN-7998-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7998-1/"},{"reference_url":"https://usn.ubuntu.com/8000-1/","reference_id":"USN-8000-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8000-1/"},{"reference_url":"https://usn.ubuntu.com/8001-1/","reference_id":"USN-8001-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8001-1/"},{"reference_url":"https://usn.ubuntu.com/8002-1/","reference_id":"USN-8002-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8002-1/"},{"reference_url":"https://usn.ubuntu.com/8003-1/","reference_id":"USN-8003-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8003-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1050106?format=json","purl":"pkg:deb/debian/openjdk-11@11.0.31~6ea-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.31~6ea-1"},{"url":"http://public2.vulnerablecode.io/api/packages/1060944?format=json","purl":"pkg:deb/debian/openjdk-11@11.0.31~10ea-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.31~10ea-1"}],"aliases":["CVE-2026-21932"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-duy9-6f1p-vqah"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/68625?format=json","vulnerability_id":"VCID-e6dm-6767-9kdk","summary":"openjdk: Improve HTTP client header handling (Oracle CPU 2025-07)","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-50059.json","reference_id":"","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-50059.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-50059","reference_id":"","reference_type":"","scores":[{"value":"0.00128","scoring_system":"epss","scoring_elements":"0.32274","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00128","scoring_system":"epss","scoring_elements":"0.32136","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00128","scoring_system":"epss","scoring_elements":"0.32311","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00128","scoring_system":"epss","scoring_elements":"0.32185","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00128","scoring_system":"epss","scoring_elements":"0.32212","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00131","scoring_system":"epss","scoring_elements":"0.32631","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00131","scoring_system":"epss","scoring_elements":"0.32603","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00131","scoring_system":"epss","scoring_elements":"0.32669","published_at":"2026-04-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-50059"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-50059","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-50059"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2376785","reference_id":"2376785","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2376785"},{"reference_url":"https://www.oracle.com/security-alerts/cpujul2025.html","reference_id":"cpujul2025.html","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-07-16T14:42:42Z/"}],"url":"https://www.oracle.com/security-alerts/cpujul2025.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10865","reference_id":"RHSA-2025:10865","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10865"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10866","reference_id":"RHSA-2025:10866","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10866"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10867","reference_id":"RHSA-2025:10867","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10867"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10868","reference_id":"RHSA-2025:10868","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10868"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10869","reference_id":"RHSA-2025:10869","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10869"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10870","reference_id":"RHSA-2025:10870","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10870"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10873","reference_id":"RHSA-2025:10873","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10873"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10874","reference_id":"RHSA-2025:10874","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10874"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10875","reference_id":"RHSA-2025:10875","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10875"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:13656","reference_id":"RHSA-2025:13656","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:13656"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0934","reference_id":"RHSA-2026:0934","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0934"},{"reference_url":"https://usn.ubuntu.com/7668-1/","reference_id":"USN-7668-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7668-1/"},{"reference_url":"https://usn.ubuntu.com/7669-1/","reference_id":"USN-7669-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7669-1/"},{"reference_url":"https://usn.ubuntu.com/7672-1/","reference_id":"USN-7672-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7672-1/"},{"reference_url":"https://usn.ubuntu.com/7673-1/","reference_id":"USN-7673-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7673-1/"},{"reference_url":"https://usn.ubuntu.com/7674-1/","reference_id":"USN-7674-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7674-1/"},{"reference_url":"https://usn.ubuntu.com/7690-1/","reference_id":"USN-7690-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7690-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1050106?format=json","purl":"pkg:deb/debian/openjdk-11@11.0.31~6ea-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.31~6ea-1"},{"url":"http://public2.vulnerablecode.io/api/packages/1060944?format=json","purl":"pkg:deb/debian/openjdk-11@11.0.31~10ea-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.31~10ea-1"}],"aliases":["CVE-2025-50059"],"risk_score":3.9,"exploitability":"0.5","weighted_severity":"7.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-e6dm-6767-9kdk"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/64941?format=json","vulnerability_id":"VCID-mt9c-tby1-wqe9","summary":"openjdk: Improve JMX connections (Oracle CPU 2026-01)","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-21925.json","reference_id":"","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-21925.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-21925","reference_id":"","reference_type":"","scores":[{"value":"0.00035","scoring_system":"epss","scoring_elements":"0.10163","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00035","scoring_system":"epss","scoring_elements":"0.10232","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00035","scoring_system":"epss","scoring_elements":"0.1026","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00035","scoring_system":"epss","scoring_elements":"0.10292","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00035","scoring_system":"epss","scoring_elements":"0.10251","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00035","scoring_system":"epss","scoring_elements":"0.10229","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00035","scoring_system":"epss","scoring_elements":"0.10125","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00035","scoring_system":"epss","scoring_elements":"0.102","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-21925"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-21925","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-21925"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1126119","reference_id":"1126119","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1126119"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2429924","reference_id":"2429924","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2429924"},{"reference_url":"https://www.oracle.com/security-alerts/cpujan2026.html","reference_id":"cpujan2026.html","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-21T20:50:27Z/"}],"url":"https://www.oracle.com/security-alerts/cpujan2026.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0847","reference_id":"RHSA-2026:0847","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0847"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0848","reference_id":"RHSA-2026:0848","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0848"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0849","reference_id":"RHSA-2026:0849","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0849"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0895","reference_id":"RHSA-2026:0895","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0895"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0896","reference_id":"RHSA-2026:0896","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0896"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0897","reference_id":"RHSA-2026:0897","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0897"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0898","reference_id":"RHSA-2026:0898","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0898"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0899","reference_id":"RHSA-2026:0899","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0899"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0900","reference_id":"RHSA-2026:0900","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0900"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0901","reference_id":"RHSA-2026:0901","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0901"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0927","reference_id":"RHSA-2026:0927","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0927"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0928","reference_id":"RHSA-2026:0928","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0928"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0931","reference_id":"RHSA-2026:0931","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0931"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0932","reference_id":"RHSA-2026:0932","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0932"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0933","reference_id":"RHSA-2026:0933","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0933"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1606","reference_id":"RHSA-2026:1606","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1606"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4832","reference_id":"RHSA-2026:4832","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4832"},{"reference_url":"https://usn.ubuntu.com/7995-1/","reference_id":"USN-7995-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7995-1/"},{"reference_url":"https://usn.ubuntu.com/7996-1/","reference_id":"USN-7996-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7996-1/"},{"reference_url":"https://usn.ubuntu.com/7997-1/","reference_id":"USN-7997-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7997-1/"},{"reference_url":"https://usn.ubuntu.com/7998-1/","reference_id":"USN-7998-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7998-1/"},{"reference_url":"https://usn.ubuntu.com/8000-1/","reference_id":"USN-8000-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8000-1/"},{"reference_url":"https://usn.ubuntu.com/8001-1/","reference_id":"USN-8001-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8001-1/"},{"reference_url":"https://usn.ubuntu.com/8002-1/","reference_id":"USN-8002-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8002-1/"},{"reference_url":"https://usn.ubuntu.com/8003-1/","reference_id":"USN-8003-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8003-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1050106?format=json","purl":"pkg:deb/debian/openjdk-11@11.0.31~6ea-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.31~6ea-1"},{"url":"http://public2.vulnerablecode.io/api/packages/1060944?format=json","purl":"pkg:deb/debian/openjdk-11@11.0.31~10ea-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.31~10ea-1"}],"aliases":["CVE-2026-21925"],"risk_score":2.1,"exploitability":"0.5","weighted_severity":"4.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-mt9c-tby1-wqe9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/71990?format=json","vulnerability_id":"VCID-ntga-y6cv-a3df","summary":"openjdk: Enhance array handling (Oracle CPU 2025-01)","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-21502.json","reference_id":"","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-21502.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-21502","reference_id":"","reference_type":"","scores":[{"value":"0.002","scoring_system":"epss","scoring_elements":"0.42064","published_at":"2026-04-02T12:55:00Z"},{"value":"0.002","scoring_system":"epss","scoring_elements":"0.42054","published_at":"2026-04-13T12:55:00Z"},{"value":"0.002","scoring_system":"epss","scoring_elements":"0.42094","published_at":"2026-04-09T12:55:00Z"},{"value":"0.002","scoring_system":"epss","scoring_elements":"0.42116","published_at":"2026-04-11T12:55:00Z"},{"value":"0.002","scoring_system":"epss","scoring_elements":"0.42079","published_at":"2026-04-12T12:55:00Z"},{"value":"0.002","scoring_system":"epss","scoring_elements":"0.42092","published_at":"2026-04-04T12:55:00Z"},{"value":"0.002","scoring_system":"epss","scoring_elements":"0.42029","published_at":"2026-04-07T12:55:00Z"},{"value":"0.002","scoring_system":"epss","scoring_elements":"0.42081","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-21502"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21502","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21502"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2338992","reference_id":"2338992","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2338992"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm:20.3.16:*:*:*:enterprise:*:*:*","reference_id":"cpe:2.3:a:oracle:graalvm:20.3.16:*:*:*:enterprise:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm:20.3.16:*:*:*:enterprise:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm:21.3.12:*:*:*:enterprise:*:*:*","reference_id":"cpe:2.3:a:oracle:graalvm:21.3.12:*:*:*:enterprise:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm:21.3.12:*:*:*:enterprise:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:17.0.13:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:graalvm_for_jdk:17.0.13:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:17.0.13:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:21.0.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:graalvm_for_jdk:21.0.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:21.0.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:23.0.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:graalvm_for_jdk:23.0.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:23.0.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:11.0.25:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:java_se:11.0.25:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:11.0.25:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:17.0.13:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:java_se:17.0.13:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:17.0.13:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:21.0.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:java_se:21.0.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:21.0.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:23.0.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:java_se:23.0.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:23.0.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:8u431:*:*:*:enterprise_performance:*:*:*","reference_id":"cpe:2.3:a:oracle:java_se:8u431:*:*:*:enterprise_performance:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:8u431:*:*:*:enterprise_performance:*:*:*"},{"reference_url":"https://www.oracle.com/security-alerts/cpujan2025.html","reference_id":"cpujan2025.html","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T16:29:12Z/"}],"url":"https://www.oracle.com/security-alerts/cpujan2025.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0421","reference_id":"RHSA-2025:0421","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0421"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0422","reference_id":"RHSA-2025:0422","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0422"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0423","reference_id":"RHSA-2025:0423","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0423"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0424","reference_id":"RHSA-2025:0424","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0424"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0425","reference_id":"RHSA-2025:0425","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0425"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0426","reference_id":"RHSA-2025:0426","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0426"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0427","reference_id":"RHSA-2025:0427","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0427"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0428","reference_id":"RHSA-2025:0428","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0428"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0429","reference_id":"RHSA-2025:0429","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0429"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1154","reference_id":"RHSA-2025:1154","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1154"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2615","reference_id":"RHSA-2025:2615","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2615"},{"reference_url":"https://usn.ubuntu.com/7252-1/","reference_id":"USN-7252-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7252-1/"},{"reference_url":"https://usn.ubuntu.com/7253-1/","reference_id":"USN-7253-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7253-1/"},{"reference_url":"https://usn.ubuntu.com/7254-1/","reference_id":"USN-7254-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7254-1/"},{"reference_url":"https://usn.ubuntu.com/7255-1/","reference_id":"USN-7255-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7255-1/"},{"reference_url":"https://usn.ubuntu.com/7338-1/","reference_id":"USN-7338-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7338-1/"},{"reference_url":"https://usn.ubuntu.com/7339-1/","reference_id":"USN-7339-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7339-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1050106?format=json","purl":"pkg:deb/debian/openjdk-11@11.0.31~6ea-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.31~6ea-1"},{"url":"http://public2.vulnerablecode.io/api/packages/1060944?format=json","purl":"pkg:deb/debian/openjdk-11@11.0.31~10ea-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.31~10ea-1"}],"aliases":["CVE-2025-21502"],"risk_score":2.1,"exploitability":"0.5","weighted_severity":"4.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ntga-y6cv-a3df"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/66831?format=json","vulnerability_id":"VCID-nxx8-nehy-qyhg","summary":"openjdk: Enhance Path Factories (Oracle CPU 2025-10)","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-53066.json","reference_id":"","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-53066.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-53066","reference_id":"","reference_type":"","scores":[{"value":"0.00055","scoring_system":"epss","scoring_elements":"0.17286","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00055","scoring_system":"epss","scoring_elements":"0.17132","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00055","scoring_system":"epss","scoring_elements":"0.17263","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00055","scoring_system":"epss","scoring_elements":"0.17241","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00055","scoring_system":"epss","scoring_elements":"0.17193","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00055","scoring_system":"epss","scoring_elements":"0.17335","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00055","scoring_system":"epss","scoring_elements":"0.17115","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00055","scoring_system":"epss","scoring_elements":"0.17207","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-53066"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-53066","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-53066"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1118944","reference_id":"1118944","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1118944"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2403063","reference_id":"2403063","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2403063"},{"reference_url":"https://www.oracle.com/security-alerts/cpuoct2025.html","reference_id":"cpuoct2025.html","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-22T19:44:34Z/"}],"url":"https://www.oracle.com/security-alerts/cpuoct2025.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:18814","reference_id":"RHSA-2025:18814","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:18814"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:18815","reference_id":"RHSA-2025:18815","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:18815"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:18816","reference_id":"RHSA-2025:18816","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:18816"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:18817","reference_id":"RHSA-2025:18817","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:18817"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:18818","reference_id":"RHSA-2025:18818","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:18818"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:18819","reference_id":"RHSA-2025:18819","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:18819"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:18820","reference_id":"RHSA-2025:18820","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:18820"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:18821","reference_id":"RHSA-2025:18821","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:18821"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:18822","reference_id":"RHSA-2025:18822","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:18822"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:18823","reference_id":"RHSA-2025:18823","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:18823"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:18824","reference_id":"RHSA-2025:18824","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:18824"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:18825","reference_id":"RHSA-2025:18825","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:18825"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:18826","reference_id":"RHSA-2025:18826","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:18826"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21485","reference_id":"RHSA-2025:21485","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21485"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22370","reference_id":"RHSA-2025:22370","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:22370"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22672","reference_id":"RHSA-2025:22672","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:22672"},{"reference_url":"https://usn.ubuntu.com/7881-1/","reference_id":"USN-7881-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7881-1/"},{"reference_url":"https://usn.ubuntu.com/7882-1/","reference_id":"USN-7882-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7882-1/"},{"reference_url":"https://usn.ubuntu.com/7883-1/","reference_id":"USN-7883-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7883-1/"},{"reference_url":"https://usn.ubuntu.com/7884-1/","reference_id":"USN-7884-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7884-1/"},{"reference_url":"https://usn.ubuntu.com/7885-1/","reference_id":"USN-7885-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7885-1/"},{"reference_url":"https://usn.ubuntu.com/7900-1/","reference_id":"USN-7900-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7900-1/"},{"reference_url":"https://usn.ubuntu.com/7901-1/","reference_id":"USN-7901-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7901-1/"},{"reference_url":"https://usn.ubuntu.com/7902-1/","reference_id":"USN-7902-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7902-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1050106?format=json","purl":"pkg:deb/debian/openjdk-11@11.0.31~6ea-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.31~6ea-1"},{"url":"http://public2.vulnerablecode.io/api/packages/1060944?format=json","purl":"pkg:deb/debian/openjdk-11@11.0.31~10ea-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.31~10ea-1"}],"aliases":["CVE-2025-53066"],"risk_score":2.6,"exploitability":"0.5","weighted_severity":"5.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-nxx8-nehy-qyhg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/68624?format=json","vulnerability_id":"VCID-p9na-7jta-9yg4","summary":"openjdk: Enhance TLS protocol support (Oracle CPU 2025-07)","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-30754.json","reference_id":"","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-30754.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-30754","reference_id":"","reference_type":"","scores":[{"value":"0.00114","scoring_system":"epss","scoring_elements":"0.3003","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00114","scoring_system":"epss","scoring_elements":"0.29891","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00114","scoring_system":"epss","scoring_elements":"0.30077","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00114","scoring_system":"epss","scoring_elements":"0.29952","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00114","scoring_system":"epss","scoring_elements":"0.29988","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00116","scoring_system":"epss","scoring_elements":"0.30352","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00116","scoring_system":"epss","scoring_elements":"0.30305","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00116","scoring_system":"epss","scoring_elements":"0.30396","published_at":"2026-04-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-30754"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-30754","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-30754"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2376784","reference_id":"2376784","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2376784"},{"reference_url":"https://www.oracle.com/security-alerts/cpujul2025.html","reference_id":"cpujul2025.html","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-16T15:31:20Z/"}],"url":"https://www.oracle.com/security-alerts/cpujul2025.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10861","reference_id":"RHSA-2025:10861","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10861"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10862","reference_id":"RHSA-2025:10862","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10862"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10863","reference_id":"RHSA-2025:10863","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10863"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10864","reference_id":"RHSA-2025:10864","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10864"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10865","reference_id":"RHSA-2025:10865","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10865"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10866","reference_id":"RHSA-2025:10866","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10866"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10867","reference_id":"RHSA-2025:10867","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10867"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10868","reference_id":"RHSA-2025:10868","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10868"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10869","reference_id":"RHSA-2025:10869","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10869"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10870","reference_id":"RHSA-2025:10870","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10870"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10873","reference_id":"RHSA-2025:10873","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10873"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10874","reference_id":"RHSA-2025:10874","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10874"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10875","reference_id":"RHSA-2025:10875","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10875"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:13656","reference_id":"RHSA-2025:13656","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:13656"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:13675","reference_id":"RHSA-2025:13675","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:13675"},{"reference_url":"https://usn.ubuntu.com/7667-1/","reference_id":"USN-7667-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7667-1/"},{"reference_url":"https://usn.ubuntu.com/7668-1/","reference_id":"USN-7668-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7668-1/"},{"reference_url":"https://usn.ubuntu.com/7669-1/","reference_id":"USN-7669-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7669-1/"},{"reference_url":"https://usn.ubuntu.com/7672-1/","reference_id":"USN-7672-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7672-1/"},{"reference_url":"https://usn.ubuntu.com/7673-1/","reference_id":"USN-7673-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7673-1/"},{"reference_url":"https://usn.ubuntu.com/7674-1/","reference_id":"USN-7674-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7674-1/"},{"reference_url":"https://usn.ubuntu.com/7690-1/","reference_id":"USN-7690-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7690-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1050106?format=json","purl":"pkg:deb/debian/openjdk-11@11.0.31~6ea-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.31~6ea-1"},{"url":"http://public2.vulnerablecode.io/api/packages/1060944?format=json","purl":"pkg:deb/debian/openjdk-11@11.0.31~10ea-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.31~10ea-1"}],"aliases":["CVE-2025-30754"],"risk_score":2.1,"exploitability":"0.5","weighted_severity":"4.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-p9na-7jta-9yg4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/70363?format=json","vulnerability_id":"VCID-u81s-cs95-4yhx","summary":"openjdk: Better TLS connection support (Oracle CPU 2025-04)","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-21587.json","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-21587.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-21587","reference_id":"","reference_type":"","scores":[{"value":"0.00575","scoring_system":"epss","scoring_elements":"0.687","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00575","scoring_system":"epss","scoring_elements":"0.68746","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00575","scoring_system":"epss","scoring_elements":"0.68767","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00575","scoring_system":"epss","scoring_elements":"0.68789","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00575","scoring_system":"epss","scoring_elements":"0.68775","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00575","scoring_system":"epss","scoring_elements":"0.68718","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00575","scoring_system":"epss","scoring_elements":"0.68696","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00575","scoring_system":"epss","scoring_elements":"0.68748","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-21587"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21587","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21587"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103897","reference_id":"1103897","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103897"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103898","reference_id":"1103898","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103898"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103899","reference_id":"1103899","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103899"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103900","reference_id":"1103900","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103900"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2359695","reference_id":"2359695","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2359695"},{"reference_url":"https://www.oracle.com/security-alerts/cpuapr2025.html","reference_id":"cpuapr2025.html","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-17T03:55:41Z/"}],"url":"https://www.oracle.com/security-alerts/cpuapr2025.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3844","reference_id":"RHSA-2025:3844","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3844"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3845","reference_id":"RHSA-2025:3845","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3845"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3846","reference_id":"RHSA-2025:3846","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3846"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3847","reference_id":"RHSA-2025:3847","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3847"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3848","reference_id":"RHSA-2025:3848","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3848"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3849","reference_id":"RHSA-2025:3849","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3849"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3850","reference_id":"RHSA-2025:3850","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3850"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3852","reference_id":"RHSA-2025:3852","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3852"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3853","reference_id":"RHSA-2025:3853","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3853"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3854","reference_id":"RHSA-2025:3854","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3854"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3855","reference_id":"RHSA-2025:3855","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3855"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3856","reference_id":"RHSA-2025:3856","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3856"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3857","reference_id":"RHSA-2025:3857","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3857"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:7508","reference_id":"RHSA-2025:7508","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:7508"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8063","reference_id":"RHSA-2025:8063","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:8063"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8431","reference_id":"RHSA-2025:8431","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:8431"},{"reference_url":"https://usn.ubuntu.com/7480-1/","reference_id":"USN-7480-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7480-1/"},{"reference_url":"https://usn.ubuntu.com/7481-1/","reference_id":"USN-7481-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7481-1/"},{"reference_url":"https://usn.ubuntu.com/7482-1/","reference_id":"USN-7482-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7482-1/"},{"reference_url":"https://usn.ubuntu.com/7483-1/","reference_id":"USN-7483-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7483-1/"},{"reference_url":"https://usn.ubuntu.com/7484-1/","reference_id":"USN-7484-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7484-1/"},{"reference_url":"https://usn.ubuntu.com/7531-1/","reference_id":"USN-7531-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7531-1/"},{"reference_url":"https://usn.ubuntu.com/7533-1/","reference_id":"USN-7533-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7533-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1050106?format=json","purl":"pkg:deb/debian/openjdk-11@11.0.31~6ea-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.31~6ea-1"},{"url":"http://public2.vulnerablecode.io/api/packages/1060944?format=json","purl":"pkg:deb/debian/openjdk-11@11.0.31~10ea-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.31~10ea-1"}],"aliases":["CVE-2025-21587"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-u81s-cs95-4yhx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/68627?format=json","vulnerability_id":"VCID-vbw8-4j9f-eya5","summary":"openjdk: Glyph out-of-memory access and crash (Oracle CPU 2025-07)","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-50106.json","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-50106.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-50106","reference_id":"","reference_type":"","scores":[{"value":"0.00232","scoring_system":"epss","scoring_elements":"0.46067","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00232","scoring_system":"epss","scoring_elements":"0.46035","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00232","scoring_system":"epss","scoring_elements":"0.46088","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00232","scoring_system":"epss","scoring_elements":"0.46091","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00232","scoring_system":"epss","scoring_elements":"0.46089","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00259","scoring_system":"epss","scoring_elements":"0.4924","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00259","scoring_system":"epss","scoring_elements":"0.49245","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00259","scoring_system":"epss","scoring_elements":"0.49267","published_at":"2026-04-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-50106"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-50106","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-50106"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2379031","reference_id":"2379031","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2379031"},{"reference_url":"https://www.oracle.com/security-alerts/cpujul2025.html","reference_id":"cpujul2025.html","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-07-15T20:22:48Z/"}],"url":"https://www.oracle.com/security-alerts/cpujul2025.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10861","reference_id":"RHSA-2025:10861","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10861"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10862","reference_id":"RHSA-2025:10862","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10862"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10863","reference_id":"RHSA-2025:10863","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10863"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10864","reference_id":"RHSA-2025:10864","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10864"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10865","reference_id":"RHSA-2025:10865","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10865"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10866","reference_id":"RHSA-2025:10866","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10866"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10867","reference_id":"RHSA-2025:10867","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10867"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10868","reference_id":"RHSA-2025:10868","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10868"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10869","reference_id":"RHSA-2025:10869","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10869"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10870","reference_id":"RHSA-2025:10870","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10870"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10873","reference_id":"RHSA-2025:10873","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10873"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10874","reference_id":"RHSA-2025:10874","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10874"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10875","reference_id":"RHSA-2025:10875","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10875"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:13656","reference_id":"RHSA-2025:13656","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:13656"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:13675","reference_id":"RHSA-2025:13675","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:13675"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0934","reference_id":"RHSA-2026:0934","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0934"},{"reference_url":"https://usn.ubuntu.com/7667-1/","reference_id":"USN-7667-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7667-1/"},{"reference_url":"https://usn.ubuntu.com/7668-1/","reference_id":"USN-7668-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7668-1/"},{"reference_url":"https://usn.ubuntu.com/7669-1/","reference_id":"USN-7669-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7669-1/"},{"reference_url":"https://usn.ubuntu.com/7672-1/","reference_id":"USN-7672-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7672-1/"},{"reference_url":"https://usn.ubuntu.com/7673-1/","reference_id":"USN-7673-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7673-1/"},{"reference_url":"https://usn.ubuntu.com/7674-1/","reference_id":"USN-7674-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7674-1/"},{"reference_url":"https://usn.ubuntu.com/7690-1/","reference_id":"USN-7690-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7690-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1050106?format=json","purl":"pkg:deb/debian/openjdk-11@11.0.31~6ea-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.31~6ea-1"},{"url":"http://public2.vulnerablecode.io/api/packages/1060944?format=json","purl":"pkg:deb/debian/openjdk-11@11.0.31~10ea-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.31~10ea-1"}],"aliases":["CVE-2025-50106"],"risk_score":3.6,"exploitability":"0.5","weighted_severity":"7.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vbw8-4j9f-eya5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/31978?format=json","vulnerability_id":"VCID-vpnc-yu7r-bqb6","summary":"Multiple vulnerabilities have been discovered in OpenJDK, the worst of which could lead to remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21208.json","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21208.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-21208","reference_id":"","reference_type":"","scores":[{"value":"0.00054","scoring_system":"epss","scoring_elements":"0.17036","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00054","scoring_system":"epss","scoring_elements":"0.17169","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00054","scoring_system":"epss","scoring_elements":"0.17144","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00054","scoring_system":"epss","scoring_elements":"0.17096","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00054","scoring_system":"epss","scoring_elements":"0.1719","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00054","scoring_system":"epss","scoring_elements":"0.17241","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00054","scoring_system":"epss","scoring_elements":"0.17021","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00054","scoring_system":"epss","scoring_elements":"0.17111","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-21208"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21208","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21208"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1085696","reference_id":"1085696","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1085696"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2318526","reference_id":"2318526","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2318526"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm:20.3.15:*:*:*:enterprise:*:*:*","reference_id":"cpe:2.3:a:oracle:graalvm:20.3.15:*:*:*:enterprise:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm:20.3.15:*:*:*:enterprise:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm:21.3.11:*:*:*:enterprise:*:*:*","reference_id":"cpe:2.3:a:oracle:graalvm:21.3.11:*:*:*:enterprise:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm:21.3.11:*:*:*:enterprise:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:17.0.12:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:graalvm_for_jdk:17.0.12:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:17.0.12:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:21.0.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:graalvm_for_jdk:21.0.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:21.0.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:23:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:graalvm_for_jdk:23:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:23:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:11.0.24:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:java_se:11.0.24:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:11.0.24:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:17.0.12:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:java_se:17.0.12:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:17.0.12:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:21.0.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:java_se:21.0.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:21.0.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:23:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:java_se:23:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:23:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:8u421:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:java_se:8u421:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:8u421:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:8u421:*:*:*:enterprise_performance:*:*:*","reference_id":"cpe:2.3:a:oracle:java_se:8u421:*:*:*:enterprise_performance:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:8u421:*:*:*:enterprise_performance:*:*:*"},{"reference_url":"https://security.gentoo.org/glsa/202412-07","reference_id":"GLSA-202412-07","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-07"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10926","reference_id":"RHSA-2024:10926","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10926"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8116","reference_id":"RHSA-2024:8116","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8116"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8117","reference_id":"RHSA-2024:8117","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8117"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8118","reference_id":"RHSA-2024:8118","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8118"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8119","reference_id":"RHSA-2024:8119","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8119"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8120","reference_id":"RHSA-2024:8120","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8120"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8121","reference_id":"RHSA-2024:8121","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8121"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8122","reference_id":"RHSA-2024:8122","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8122"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8123","reference_id":"RHSA-2024:8123","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8123"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8124","reference_id":"RHSA-2024:8124","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8124"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8125","reference_id":"RHSA-2024:8125","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8125"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8126","reference_id":"RHSA-2024:8126","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8126"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8127","reference_id":"RHSA-2024:8127","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8127"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8128","reference_id":"RHSA-2024:8128","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8128"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8129","reference_id":"RHSA-2024:8129","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8129"},{"reference_url":"https://usn.ubuntu.com/7096-1/","reference_id":"USN-7096-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7096-1/"},{"reference_url":"https://usn.ubuntu.com/7097-1/","reference_id":"USN-7097-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7097-1/"},{"reference_url":"https://usn.ubuntu.com/7098-1/","reference_id":"USN-7098-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7098-1/"},{"reference_url":"https://usn.ubuntu.com/7099-1/","reference_id":"USN-7099-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7099-1/"},{"reference_url":"https://usn.ubuntu.com/7124-1/","reference_id":"USN-7124-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7124-1/"},{"reference_url":"https://usn.ubuntu.com/7338-1/","reference_id":"USN-7338-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7338-1/"},{"reference_url":"https://usn.ubuntu.com/7339-1/","reference_id":"USN-7339-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7339-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1050106?format=json","purl":"pkg:deb/debian/openjdk-11@11.0.31~6ea-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.31~6ea-1"},{"url":"http://public2.vulnerablecode.io/api/packages/1060944?format=json","purl":"pkg:deb/debian/openjdk-11@11.0.31~10ea-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.31~10ea-1"}],"aliases":["CVE-2024-21208"],"risk_score":1.6,"exploitability":"0.5","weighted_severity":"3.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vpnc-yu7r-bqb6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/70362?format=json","vulnerability_id":"VCID-y8bc-k5qu-c7f5","summary":"openjdk: Improve compiler transformations (Oracle CPU 2025-04)","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-30691.json","reference_id":"","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-30691.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-30691","reference_id":"","reference_type":"","scores":[{"value":"0.00369","scoring_system":"epss","scoring_elements":"0.58784","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00369","scoring_system":"epss","scoring_elements":"0.58814","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00369","scoring_system":"epss","scoring_elements":"0.58827","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00369","scoring_system":"epss","scoring_elements":"0.58833","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00369","scoring_system":"epss","scoring_elements":"0.58851","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00369","scoring_system":"epss","scoring_elements":"0.58805","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00369","scoring_system":"epss","scoring_elements":"0.58775","published_at":"2026-04-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-30691"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-30691","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-30691"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103897","reference_id":"1103897","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103897"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103898","reference_id":"1103898","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103898"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103899","reference_id":"1103899","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103899"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103900","reference_id":"1103900","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103900"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2359694","reference_id":"2359694","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2359694"},{"reference_url":"https://www.oracle.com/security-alerts/cpuapr2025.html","reference_id":"cpuapr2025.html","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-16T14:24:18Z/"}],"url":"https://www.oracle.com/security-alerts/cpuapr2025.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3844","reference_id":"RHSA-2025:3844","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3844"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3845","reference_id":"RHSA-2025:3845","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3845"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3846","reference_id":"RHSA-2025:3846","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3846"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3847","reference_id":"RHSA-2025:3847","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3847"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3848","reference_id":"RHSA-2025:3848","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3848"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3849","reference_id":"RHSA-2025:3849","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3849"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3850","reference_id":"RHSA-2025:3850","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3850"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3852","reference_id":"RHSA-2025:3852","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3852"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3853","reference_id":"RHSA-2025:3853","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3853"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3854","reference_id":"RHSA-2025:3854","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3854"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3855","reference_id":"RHSA-2025:3855","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3855"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3856","reference_id":"RHSA-2025:3856","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3856"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3857","reference_id":"RHSA-2025:3857","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3857"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:7508","reference_id":"RHSA-2025:7508","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:7508"},{"reference_url":"https://usn.ubuntu.com/7480-1/","reference_id":"USN-7480-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7480-1/"},{"reference_url":"https://usn.ubuntu.com/7481-1/","reference_id":"USN-7481-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7481-1/"},{"reference_url":"https://usn.ubuntu.com/7482-1/","reference_id":"USN-7482-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7482-1/"},{"reference_url":"https://usn.ubuntu.com/7483-1/","reference_id":"USN-7483-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7483-1/"},{"reference_url":"https://usn.ubuntu.com/7484-1/","reference_id":"USN-7484-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7484-1/"},{"reference_url":"https://usn.ubuntu.com/7531-1/","reference_id":"USN-7531-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7531-1/"},{"reference_url":"https://usn.ubuntu.com/7533-1/","reference_id":"USN-7533-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7533-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1050106?format=json","purl":"pkg:deb/debian/openjdk-11@11.0.31~6ea-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.31~6ea-1"},{"url":"http://public2.vulnerablecode.io/api/packages/1060944?format=json","purl":"pkg:deb/debian/openjdk-11@11.0.31~10ea-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.31~10ea-1"}],"aliases":["CVE-2025-30691"],"risk_score":2.1,"exploitability":"0.5","weighted_severity":"4.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-y8bc-k5qu-c7f5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/31979?format=json","vulnerability_id":"VCID-z356-tw9t-q7bp","summary":"Multiple vulnerabilities have been discovered in OpenJDK, the worst of which could lead to remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21210.json","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21210.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-21210","reference_id":"","reference_type":"","scores":[{"value":"0.00144","scoring_system":"epss","scoring_elements":"0.34648","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00144","scoring_system":"epss","scoring_elements":"0.34708","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00144","scoring_system":"epss","scoring_elements":"0.34711","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00144","scoring_system":"epss","scoring_elements":"0.34672","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00144","scoring_system":"epss","scoring_elements":"0.34732","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00144","scoring_system":"epss","scoring_elements":"0.34758","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00144","scoring_system":"epss","scoring_elements":"0.34636","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00144","scoring_system":"epss","scoring_elements":"0.34679","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-21210"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21210","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21210"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1085696","reference_id":"1085696","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1085696"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2318524","reference_id":"2318524","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2318524"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:11.0.24:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:java_se:11.0.24:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:11.0.24:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:17.0.12:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:java_se:17.0.12:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:17.0.12:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:21.0.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:java_se:21.0.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:21.0.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:23:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:java_se:23:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:23:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:8u421:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:java_se:8u421:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:8u421:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:8u421:*:*:*:enterprise_performance:*:*:*","reference_id":"cpe:2.3:a:oracle:java_se:8u421:*:*:*:enterprise_performance:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:8u421:*:*:*:enterprise_performance:*:*:*"},{"reference_url":"https://security.gentoo.org/glsa/202412-07","reference_id":"GLSA-202412-07","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-07"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10926","reference_id":"RHSA-2024:10926","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10926"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8116","reference_id":"RHSA-2024:8116","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8116"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8117","reference_id":"RHSA-2024:8117","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8117"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8118","reference_id":"RHSA-2024:8118","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8118"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8119","reference_id":"RHSA-2024:8119","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8119"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8120","reference_id":"RHSA-2024:8120","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8120"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8121","reference_id":"RHSA-2024:8121","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8121"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8122","reference_id":"RHSA-2024:8122","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8122"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8123","reference_id":"RHSA-2024:8123","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8123"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8124","reference_id":"RHSA-2024:8124","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8124"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8125","reference_id":"RHSA-2024:8125","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8125"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8126","reference_id":"RHSA-2024:8126","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8126"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8127","reference_id":"RHSA-2024:8127","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8127"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8128","reference_id":"RHSA-2024:8128","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8128"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8129","reference_id":"RHSA-2024:8129","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8129"},{"reference_url":"https://usn.ubuntu.com/7096-1/","reference_id":"USN-7096-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7096-1/"},{"reference_url":"https://usn.ubuntu.com/7097-1/","reference_id":"USN-7097-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7097-1/"},{"reference_url":"https://usn.ubuntu.com/7098-1/","reference_id":"USN-7098-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7098-1/"},{"reference_url":"https://usn.ubuntu.com/7099-1/","reference_id":"USN-7099-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7099-1/"},{"reference_url":"https://usn.ubuntu.com/7124-1/","reference_id":"USN-7124-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7124-1/"},{"reference_url":"https://usn.ubuntu.com/7338-1/","reference_id":"USN-7338-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7338-1/"},{"reference_url":"https://usn.ubuntu.com/7339-1/","reference_id":"USN-7339-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7339-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1050106?format=json","purl":"pkg:deb/debian/openjdk-11@11.0.31~6ea-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.31~6ea-1"},{"url":"http://public2.vulnerablecode.io/api/packages/1060944?format=json","purl":"pkg:deb/debian/openjdk-11@11.0.31~10ea-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.31~10ea-1"}],"aliases":["CVE-2024-21210"],"risk_score":1.6,"exploitability":"0.5","weighted_severity":"3.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-z356-tw9t-q7bp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/68626?format=json","vulnerability_id":"VCID-zkz6-9t74-5bb4","summary":"openjdk: Improve scripting supports (Oracle CPU 2025-07)","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-30761.json","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-30761.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-30761","reference_id":"","reference_type":"","scores":[{"value":"0.00142","scoring_system":"epss","scoring_elements":"0.34495","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00142","scoring_system":"epss","scoring_elements":"0.3439","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00142","scoring_system":"epss","scoring_elements":"0.34522","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00142","scoring_system":"epss","scoring_elements":"0.34432","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00142","scoring_system":"epss","scoring_elements":"0.34462","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00188","scoring_system":"epss","scoring_elements":"0.40633","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00188","scoring_system":"epss","scoring_elements":"0.40614","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00188","scoring_system":"epss","scoring_elements":"0.4067","published_at":"2026-04-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-30761"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-30761","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-30761"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2376786","reference_id":"2376786","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2376786"},{"reference_url":"https://www.oracle.com/security-alerts/cpujul2025.html","reference_id":"cpujul2025.html","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-18T14:43:46Z/"}],"url":"https://www.oracle.com/security-alerts/cpujul2025.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10861","reference_id":"RHSA-2025:10861","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10861"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10862","reference_id":"RHSA-2025:10862","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10862"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10863","reference_id":"RHSA-2025:10863","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10863"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10864","reference_id":"RHSA-2025:10864","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10864"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10865","reference_id":"RHSA-2025:10865","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10865"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10866","reference_id":"RHSA-2025:10866","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10866"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10868","reference_id":"RHSA-2025:10868","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10868"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:13675","reference_id":"RHSA-2025:13675","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:13675"},{"reference_url":"https://usn.ubuntu.com/7667-1/","reference_id":"USN-7667-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7667-1/"},{"reference_url":"https://usn.ubuntu.com/7674-1/","reference_id":"USN-7674-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7674-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1050106?format=json","purl":"pkg:deb/debian/openjdk-11@11.0.31~6ea-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.31~6ea-1"},{"url":"http://public2.vulnerablecode.io/api/packages/1060944?format=json","purl":"pkg:deb/debian/openjdk-11@11.0.31~10ea-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.31~10ea-1"}],"aliases":["CVE-2025-30761"],"risk_score":2.6,"exploitability":"0.5","weighted_severity":"5.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zkz6-9t74-5bb4"}],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/76844?format=json","vulnerability_id":"VCID-2tju-1r8k-sbf9","summary":"OpenJDK: C2 compilation fails with \"Exceeded _node_regs array\" (8317507)","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21094.json","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21094.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-21094","reference_id":"","reference_type":"","scores":[{"value":"0.00417","scoring_system":"epss","scoring_elements":"0.61756","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00417","scoring_system":"epss","scoring_elements":"0.617","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00417","scoring_system":"epss","scoring_elements":"0.6173","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00417","scoring_system":"epss","scoring_elements":"0.61701","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00417","scoring_system":"epss","scoring_elements":"0.6175","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00417","scoring_system":"epss","scoring_elements":"0.61766","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00417","scoring_system":"epss","scoring_elements":"0.61787","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00417","scoring_system":"epss","scoring_elements":"0.61775","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-21094"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21011","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21011"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21012","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21012"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21068","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21068"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21085","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21085"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21094","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21094"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1069678","reference_id":"1069678","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1069678"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2275005","reference_id":"2275005","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2275005"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm:20.3.13:*:*:*:enterprise:*:*:*","reference_id":"cpe:2.3:a:oracle:graalvm:20.3.13:*:*:*:enterprise:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm:20.3.13:*:*:*:enterprise:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm:21.3.9:*:*:*:enterprise:*:*:*","reference_id":"cpe:2.3:a:oracle:graalvm:21.3.9:*:*:*:enterprise:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm:21.3.9:*:*:*:enterprise:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:17.0.10:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:graalvm_for_jdk:17.0.10:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:17.0.10:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:21.0.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:graalvm_for_jdk:21.0.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:21.0.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:22:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:graalvm_for_jdk:22:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:22:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:11.0.22:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:java_se:11.0.22:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:11.0.22:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:17.0.10:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:java_se:17.0.10:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:17.0.10:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:21.0.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:java_se:21.0.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:21.0.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:22:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:java_se:22:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:22:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:8u401:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:java_se:8u401:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:8u401:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:8u401:*:*:*:enterprise_performance:*:*:*","reference_id":"cpe:2.3:a:oracle:java_se:8u401:*:*:*:enterprise_performance:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:8u401:*:*:*:enterprise_performance:*:*:*"},{"reference_url":"https://www.oracle.com/security-alerts/cpuapr2024.html","reference_id":"cpuapr2024.html","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-23T13:58:54Z/"}],"url":"https://www.oracle.com/security-alerts/cpuapr2024.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2024/04/msg00014.html","reference_id":"msg00014.html","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-23T13:58:54Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2024/04/msg00014.html"},{"reference_url":"https://security.netapp.com/advisory/ntap-20240426-0004/","reference_id":"ntap-20240426-0004","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-23T13:58:54Z/"}],"url":"https://security.netapp.com/advisory/ntap-20240426-0004/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0248","reference_id":"RHSA-2024:0248","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0248"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0249","reference_id":"RHSA-2024:0249","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0249"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1815","reference_id":"RHSA-2024:1815","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1815"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1816","reference_id":"RHSA-2024:1816","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1816"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1817","reference_id":"RHSA-2024:1817","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1817"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1818","reference_id":"RHSA-2024:1818","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1818"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1819","reference_id":"RHSA-2024:1819","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1819"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1820","reference_id":"RHSA-2024:1820","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1820"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1821","reference_id":"RHSA-2024:1821","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1821"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1822","reference_id":"RHSA-2024:1822","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1822"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1823","reference_id":"RHSA-2024:1823","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1823"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1824","reference_id":"RHSA-2024:1824","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1824"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1825","reference_id":"RHSA-2024:1825","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1825"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1826","reference_id":"RHSA-2024:1826","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1826"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1828","reference_id":"RHSA-2024:1828","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1828"},{"reference_url":"https://usn.ubuntu.com/6810-1/","reference_id":"USN-6810-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6810-1/"},{"reference_url":"https://usn.ubuntu.com/6811-1/","reference_id":"USN-6811-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6811-1/"},{"reference_url":"https://usn.ubuntu.com/6812-1/","reference_id":"USN-6812-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6812-1/"},{"reference_url":"https://usn.ubuntu.com/6813-1/","reference_id":"USN-6813-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6813-1/"},{"reference_url":"https://usn.ubuntu.com/7096-1/","reference_id":"USN-7096-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7096-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049131?format=json","purl":"pkg:deb/debian/openjdk-11@11.0.24%2B8-2~deb11u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11vj-5zz4-6fe7"},{"vulnerability":"VCID-13t7-vubq-8kae"},{"vulnerability":"VCID-4snj-etwf-eqe8"},{"vulnerability":"VCID-6196-gvhx-ruh8"},{"vulnerability":"VCID-9n5v-4daz-eyc2"},{"vulnerability":"VCID-apsn-z1br-3bdy"},{"vulnerability":"VCID-b32x-4pu4-jkh4"},{"vulnerability":"VCID-duy9-6f1p-vqah"},{"vulnerability":"VCID-e6dm-6767-9kdk"},{"vulnerability":"VCID-mt9c-tby1-wqe9"},{"vulnerability":"VCID-ntga-y6cv-a3df"},{"vulnerability":"VCID-nxx8-nehy-qyhg"},{"vulnerability":"VCID-p9na-7jta-9yg4"},{"vulnerability":"VCID-u81s-cs95-4yhx"},{"vulnerability":"VCID-vbw8-4j9f-eya5"},{"vulnerability":"VCID-vpnc-yu7r-bqb6"},{"vulnerability":"VCID-y8bc-k5qu-c7f5"},{"vulnerability":"VCID-z356-tw9t-q7bp"},{"vulnerability":"VCID-zkz6-9t74-5bb4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.24%252B8-2~deb11u1"}],"aliases":["CVE-2024-21094"],"risk_score":1.6,"exploitability":"0.5","weighted_severity":"3.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2tju-1r8k-sbf9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/34432?format=json","vulnerability_id":"VCID-3tav-ffar-hfhb","summary":"Multiple vulnerabilities have been found in IcedTea, the worst of which could result in arbitrary code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-21843.json","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-21843.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-21843","reference_id":"","reference_type":"","scores":[{"value":"0.00117","scoring_system":"epss","scoring_elements":"0.30703","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00117","scoring_system":"epss","scoring_elements":"0.30566","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00117","scoring_system":"epss","scoring_elements":"0.30561","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00117","scoring_system":"epss","scoring_elements":"0.30619","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00117","scoring_system":"epss","scoring_elements":"0.30653","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00117","scoring_system":"epss","scoring_elements":"0.30658","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00117","scoring_system":"epss","scoring_elements":"0.30613","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00117","scoring_system":"epss","scoring_elements":"0.3075","published_at":"2026-04-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-21843"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21618","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21618"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21619","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21619"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21624","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21624"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21626","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21626"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21628","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21628"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39399","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39399"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21835","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21835"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21843","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21843"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2160475","reference_id":"2160475","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2160475"},{"reference_url":"https://security.gentoo.org/glsa/202409-26","reference_id":"GLSA-202409-26","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202409-26"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0190","reference_id":"RHSA-2023:0190","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0190"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0191","reference_id":"RHSA-2023:0191","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0191"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0192","reference_id":"RHSA-2023:0192","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0192"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0193","reference_id":"RHSA-2023:0193","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0193"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0194","reference_id":"RHSA-2023:0194","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0194"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0195","reference_id":"RHSA-2023:0195","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0195"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0196","reference_id":"RHSA-2023:0196","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0196"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0197","reference_id":"RHSA-2023:0197","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0197"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0198","reference_id":"RHSA-2023:0198","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0198"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0199","reference_id":"RHSA-2023:0199","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0199"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0200","reference_id":"RHSA-2023:0200","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0200"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0201","reference_id":"RHSA-2023:0201","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0201"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0202","reference_id":"RHSA-2023:0202","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0202"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0203","reference_id":"RHSA-2023:0203","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0203"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0204","reference_id":"RHSA-2023:0204","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0204"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0205","reference_id":"RHSA-2023:0205","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0205"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0206","reference_id":"RHSA-2023:0206","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0206"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0207","reference_id":"RHSA-2023:0207","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0207"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0208","reference_id":"RHSA-2023:0208","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0208"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0209","reference_id":"RHSA-2023:0209","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0209"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0210","reference_id":"RHSA-2023:0210","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0210"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0352","reference_id":"RHSA-2023:0352","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0352"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0353","reference_id":"RHSA-2023:0353","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0353"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0354","reference_id":"RHSA-2023:0354","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0354"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0387","reference_id":"RHSA-2023:0387","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0387"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0388","reference_id":"RHSA-2023:0388","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0388"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0389","reference_id":"RHSA-2023:0389","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0389"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3136","reference_id":"RHSA-2023:3136","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3136"},{"reference_url":"https://usn.ubuntu.com/5897-1/","reference_id":"USN-5897-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5897-1/"},{"reference_url":"https://usn.ubuntu.com/5898-1/","reference_id":"USN-5898-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5898-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049131?format=json","purl":"pkg:deb/debian/openjdk-11@11.0.24%2B8-2~deb11u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11vj-5zz4-6fe7"},{"vulnerability":"VCID-13t7-vubq-8kae"},{"vulnerability":"VCID-4snj-etwf-eqe8"},{"vulnerability":"VCID-6196-gvhx-ruh8"},{"vulnerability":"VCID-9n5v-4daz-eyc2"},{"vulnerability":"VCID-apsn-z1br-3bdy"},{"vulnerability":"VCID-b32x-4pu4-jkh4"},{"vulnerability":"VCID-duy9-6f1p-vqah"},{"vulnerability":"VCID-e6dm-6767-9kdk"},{"vulnerability":"VCID-mt9c-tby1-wqe9"},{"vulnerability":"VCID-ntga-y6cv-a3df"},{"vulnerability":"VCID-nxx8-nehy-qyhg"},{"vulnerability":"VCID-p9na-7jta-9yg4"},{"vulnerability":"VCID-u81s-cs95-4yhx"},{"vulnerability":"VCID-vbw8-4j9f-eya5"},{"vulnerability":"VCID-vpnc-yu7r-bqb6"},{"vulnerability":"VCID-y8bc-k5qu-c7f5"},{"vulnerability":"VCID-z356-tw9t-q7bp"},{"vulnerability":"VCID-zkz6-9t74-5bb4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.24%252B8-2~deb11u1"}],"aliases":["CVE-2023-21843"],"risk_score":1.6,"exploitability":"0.5","weighted_severity":"3.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3tav-ffar-hfhb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60300?format=json","vulnerability_id":"VCID-47ae-xdqr-6qgb","summary":"Multiple vulnerabilities have been discovered in OpenJDK, the worst of which can lead to remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21540.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21540.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-21540","reference_id":"","reference_type":"","scores":[{"value":"0.00433","scoring_system":"epss","scoring_elements":"0.6268","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00433","scoring_system":"epss","scoring_elements":"0.62713","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00433","scoring_system":"epss","scoring_elements":"0.62677","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00433","scoring_system":"epss","scoring_elements":"0.62728","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00433","scoring_system":"epss","scoring_elements":"0.62745","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00433","scoring_system":"epss","scoring_elements":"0.62763","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00433","scoring_system":"epss","scoring_elements":"0.62752","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-21540"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21540","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21540"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21541","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21541"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21549","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21549"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34169","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34169"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2108540","reference_id":"2108540","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2108540"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5681","reference_id":"RHSA-2022:5681","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5681"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5683","reference_id":"RHSA-2022:5683","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5683"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5684","reference_id":"RHSA-2022:5684","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5684"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5685","reference_id":"RHSA-2022:5685","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5685"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5687","reference_id":"RHSA-2022:5687","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5687"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5695","reference_id":"RHSA-2022:5695","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5695"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5696","reference_id":"RHSA-2022:5696","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5696"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5697","reference_id":"RHSA-2022:5697","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5697"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5698","reference_id":"RHSA-2022:5698","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5698"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5700","reference_id":"RHSA-2022:5700","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5700"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5701","reference_id":"RHSA-2022:5701","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5701"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5709","reference_id":"RHSA-2022:5709","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5709"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5726","reference_id":"RHSA-2022:5726","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5726"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5736","reference_id":"RHSA-2022:5736","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5736"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5753","reference_id":"RHSA-2022:5753","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5753"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5754","reference_id":"RHSA-2022:5754","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5754"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5755","reference_id":"RHSA-2022:5755","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5755"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5756","reference_id":"RHSA-2022:5756","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5756"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5757","reference_id":"RHSA-2022:5757","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5757"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5758","reference_id":"RHSA-2022:5758","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5758"},{"reference_url":"https://usn.ubuntu.com/5546-1/","reference_id":"USN-5546-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5546-1/"},{"reference_url":"https://usn.ubuntu.com/5546-2/","reference_id":"USN-5546-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5546-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1037803?format=json","purl":"pkg:deb/debian/openjdk-11@11.0.16%2B8-1~deb10u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11vj-5zz4-6fe7"},{"vulnerability":"VCID-13t7-vubq-8kae"},{"vulnerability":"VCID-2tju-1r8k-sbf9"},{"vulnerability":"VCID-3tav-ffar-hfhb"},{"vulnerability":"VCID-47ae-xdqr-6qgb"},{"vulnerability":"VCID-4snj-etwf-eqe8"},{"vulnerability":"VCID-5et1-ytak-xqh7"},{"vulnerability":"VCID-6196-gvhx-ruh8"},{"vulnerability":"VCID-76rb-sg3r-bqce"},{"vulnerability":"VCID-8cup-qnc8-wudx"},{"vulnerability":"VCID-8wud-7t2q-xfa3"},{"vulnerability":"VCID-9n5v-4daz-eyc2"},{"vulnerability":"VCID-9urr-3gt2-mfhe"},{"vulnerability":"VCID-9uzg-sja9-hkcy"},{"vulnerability":"VCID-a282-ksr4-j3cu"},{"vulnerability":"VCID-a3xk-3wya-s3gm"},{"vulnerability":"VCID-a59u-h67v-yygm"},{"vulnerability":"VCID-apsn-z1br-3bdy"},{"vulnerability":"VCID-b32x-4pu4-jkh4"},{"vulnerability":"VCID-duy9-6f1p-vqah"},{"vulnerability":"VCID-dwh6-xw5k-mqg8"},{"vulnerability":"VCID-dyg2-udwy-cud7"},{"vulnerability":"VCID-e6dm-6767-9kdk"},{"vulnerability":"VCID-fau4-ajny-nfbd"},{"vulnerability":"VCID-fhj9-p1gx-c7hp"},{"vulnerability":"VCID-fwk5-wqvn-4qaz"},{"vulnerability":"VCID-fwv1-sj5y-xygd"},{"vulnerability":"VCID-gjgy-dfq7-zfb2"},{"vulnerability":"VCID-h2w2-8e43-j3g6"},{"vulnerability":"VCID-h7n1-qfs3-v3fw"},{"vulnerability":"VCID-htat-fksw-c3gk"},{"vulnerability":"VCID-jm9f-9y4b-qye7"},{"vulnerability":"VCID-jw6x-cntu-nfht"},{"vulnerability":"VCID-jztz-7cuw-t7ep"},{"vulnerability":"VCID-kq78-adbv-67a7"},{"vulnerability":"VCID-mt9c-tby1-wqe9"},{"vulnerability":"VCID-n71d-tx76-vbbd"},{"vulnerability":"VCID-nr6u-aysf-7kgk"},{"vulnerability":"VCID-ntga-y6cv-a3df"},{"vulnerability":"VCID-nxx8-nehy-qyhg"},{"vulnerability":"VCID-p9na-7jta-9yg4"},{"vulnerability":"VCID-q5gr-6u92-6ybk"},{"vulnerability":"VCID-q9r9-wkqu-6bhu"},{"vulnerability":"VCID-rfs8-njaq-qkc8"},{"vulnerability":"VCID-rggy-f3va-mfay"},{"vulnerability":"VCID-t4r8-ujpb-5kdk"},{"vulnerability":"VCID-t5sp-ea5b-f7af"},{"vulnerability":"VCID-u81s-cs95-4yhx"},{"vulnerability":"VCID-um54-6ggz-gqf9"},{"vulnerability":"VCID-vbw8-4j9f-eya5"},{"vulnerability":"VCID-vpnc-yu7r-bqb6"},{"vulnerability":"VCID-wn4r-ugaa-5ydb"},{"vulnerability":"VCID-x4ms-sbj7-aufu"},{"vulnerability":"VCID-xk2v-7cgk-13ex"},{"vulnerability":"VCID-y8bc-k5qu-c7f5"},{"vulnerability":"VCID-z356-tw9t-q7bp"},{"vulnerability":"VCID-zdra-bzqn-4ug9"},{"vulnerability":"VCID-zgpr-3zft-zqgt"},{"vulnerability":"VCID-zkz6-9t74-5bb4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.16%252B8-1~deb10u1"},{"url":"http://public2.vulnerablecode.io/api/packages/1049131?format=json","purl":"pkg:deb/debian/openjdk-11@11.0.24%2B8-2~deb11u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11vj-5zz4-6fe7"},{"vulnerability":"VCID-13t7-vubq-8kae"},{"vulnerability":"VCID-4snj-etwf-eqe8"},{"vulnerability":"VCID-6196-gvhx-ruh8"},{"vulnerability":"VCID-9n5v-4daz-eyc2"},{"vulnerability":"VCID-apsn-z1br-3bdy"},{"vulnerability":"VCID-b32x-4pu4-jkh4"},{"vulnerability":"VCID-duy9-6f1p-vqah"},{"vulnerability":"VCID-e6dm-6767-9kdk"},{"vulnerability":"VCID-mt9c-tby1-wqe9"},{"vulnerability":"VCID-ntga-y6cv-a3df"},{"vulnerability":"VCID-nxx8-nehy-qyhg"},{"vulnerability":"VCID-p9na-7jta-9yg4"},{"vulnerability":"VCID-u81s-cs95-4yhx"},{"vulnerability":"VCID-vbw8-4j9f-eya5"},{"vulnerability":"VCID-vpnc-yu7r-bqb6"},{"vulnerability":"VCID-y8bc-k5qu-c7f5"},{"vulnerability":"VCID-z356-tw9t-q7bp"},{"vulnerability":"VCID-zkz6-9t74-5bb4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.24%252B8-2~deb11u1"}],"aliases":["CVE-2022-21540"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-47ae-xdqr-6qgb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/74702?format=json","vulnerability_id":"VCID-5et1-ytak-xqh7","summary":"OpenJDK: Excessive symbol length can lead to infinite loop (8319859)","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21138.json","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21138.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-21138","reference_id":"","reference_type":"","scores":[{"value":"0.00333","scoring_system":"epss","scoring_elements":"0.5617","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00333","scoring_system":"epss","scoring_elements":"0.56165","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00333","scoring_system":"epss","scoring_elements":"0.56195","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00333","scoring_system":"epss","scoring_elements":"0.56201","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00333","scoring_system":"epss","scoring_elements":"0.5621","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00333","scoring_system":"epss","scoring_elements":"0.56186","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00333","scoring_system":"epss","scoring_elements":"0.56144","published_at":"2026-04-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-21138"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21131","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21131"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21138","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21138"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21140","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21140"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21144","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21144"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21145","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21145"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21147","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21147"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2297962","reference_id":"2297962","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2297962"},{"reference_url":"https://www.oracle.com/security-alerts/cpujul2024.html","reference_id":"cpujul2024.html","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-17T13:32:40Z/"}],"url":"https://www.oracle.com/security-alerts/cpujul2024.html"},{"reference_url":"https://security.netapp.com/advisory/ntap-20240719-0008/","reference_id":"ntap-20240719-0008","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-17T13:32:40Z/"}],"url":"https://security.netapp.com/advisory/ntap-20240719-0008/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4560","reference_id":"RHSA-2024:4560","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4560"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4561","reference_id":"RHSA-2024:4561","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4561"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4562","reference_id":"RHSA-2024:4562","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4562"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4563","reference_id":"RHSA-2024:4563","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4563"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4564","reference_id":"RHSA-2024:4564","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4564"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4565","reference_id":"RHSA-2024:4565","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4565"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4566","reference_id":"RHSA-2024:4566","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4566"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4567","reference_id":"RHSA-2024:4567","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4567"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4568","reference_id":"RHSA-2024:4568","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4568"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4569","reference_id":"RHSA-2024:4569","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4569"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4570","reference_id":"RHSA-2024:4570","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4570"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4571","reference_id":"RHSA-2024:4571","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4571"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4572","reference_id":"RHSA-2024:4572","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4572"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4573","reference_id":"RHSA-2024:4573","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4573"},{"reference_url":"https://usn.ubuntu.com/6929-1/","reference_id":"USN-6929-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6929-1/"},{"reference_url":"https://usn.ubuntu.com/6930-1/","reference_id":"USN-6930-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6930-1/"},{"reference_url":"https://usn.ubuntu.com/6931-1/","reference_id":"USN-6931-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6931-1/"},{"reference_url":"https://usn.ubuntu.com/6932-1/","reference_id":"USN-6932-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6932-1/"},{"reference_url":"https://usn.ubuntu.com/7096-1/","reference_id":"USN-7096-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7096-1/"},{"reference_url":"https://usn.ubuntu.com/7097-1/","reference_id":"USN-7097-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7097-1/"},{"reference_url":"https://usn.ubuntu.com/7098-1/","reference_id":"USN-7098-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7098-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049131?format=json","purl":"pkg:deb/debian/openjdk-11@11.0.24%2B8-2~deb11u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11vj-5zz4-6fe7"},{"vulnerability":"VCID-13t7-vubq-8kae"},{"vulnerability":"VCID-4snj-etwf-eqe8"},{"vulnerability":"VCID-6196-gvhx-ruh8"},{"vulnerability":"VCID-9n5v-4daz-eyc2"},{"vulnerability":"VCID-apsn-z1br-3bdy"},{"vulnerability":"VCID-b32x-4pu4-jkh4"},{"vulnerability":"VCID-duy9-6f1p-vqah"},{"vulnerability":"VCID-e6dm-6767-9kdk"},{"vulnerability":"VCID-mt9c-tby1-wqe9"},{"vulnerability":"VCID-ntga-y6cv-a3df"},{"vulnerability":"VCID-nxx8-nehy-qyhg"},{"vulnerability":"VCID-p9na-7jta-9yg4"},{"vulnerability":"VCID-u81s-cs95-4yhx"},{"vulnerability":"VCID-vbw8-4j9f-eya5"},{"vulnerability":"VCID-vpnc-yu7r-bqb6"},{"vulnerability":"VCID-y8bc-k5qu-c7f5"},{"vulnerability":"VCID-z356-tw9t-q7bp"},{"vulnerability":"VCID-zkz6-9t74-5bb4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.24%252B8-2~deb11u1"}],"aliases":["CVE-2024-21138"],"risk_score":1.6,"exploitability":"0.5","weighted_severity":"3.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5et1-ytak-xqh7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/74699?format=json","vulnerability_id":"VCID-76rb-sg3r-bqce","summary":"OpenJDK: potential UTF8 size overflow (8314794)","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21131.json","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21131.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-21131","reference_id":"","reference_type":"","scores":[{"value":"0.00442","scoring_system":"epss","scoring_elements":"0.63286","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00442","scoring_system":"epss","scoring_elements":"0.63252","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00442","scoring_system":"epss","scoring_elements":"0.63303","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00442","scoring_system":"epss","scoring_elements":"0.63321","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00442","scoring_system":"epss","scoring_elements":"0.63338","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00442","scoring_system":"epss","scoring_elements":"0.63322","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00442","scoring_system":"epss","scoring_elements":"0.63258","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00442","scoring_system":"epss","scoring_elements":"0.63287","published_at":"2026-04-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-21131"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21131","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21131"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21138","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21138"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21140","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21140"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21144","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21144"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21145","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21145"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21147","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21147"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2297961","reference_id":"2297961","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2297961"},{"reference_url":"https://www.oracle.com/security-alerts/cpujul2024.html","reference_id":"cpujul2024.html","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-17T13:34:16Z/"}],"url":"https://www.oracle.com/security-alerts/cpujul2024.html"},{"reference_url":"https://security.netapp.com/advisory/ntap-20240719-0008/","reference_id":"ntap-20240719-0008","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-17T13:34:16Z/"}],"url":"https://security.netapp.com/advisory/ntap-20240719-0008/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4560","reference_id":"RHSA-2024:4560","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4560"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4561","reference_id":"RHSA-2024:4561","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4561"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4562","reference_id":"RHSA-2024:4562","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4562"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4563","reference_id":"RHSA-2024:4563","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4563"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4564","reference_id":"RHSA-2024:4564","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4564"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4565","reference_id":"RHSA-2024:4565","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4565"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4566","reference_id":"RHSA-2024:4566","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4566"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4567","reference_id":"RHSA-2024:4567","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4567"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4568","reference_id":"RHSA-2024:4568","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4568"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4569","reference_id":"RHSA-2024:4569","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4569"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4570","reference_id":"RHSA-2024:4570","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4570"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4571","reference_id":"RHSA-2024:4571","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4571"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4572","reference_id":"RHSA-2024:4572","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4572"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4573","reference_id":"RHSA-2024:4573","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4573"},{"reference_url":"https://usn.ubuntu.com/6929-1/","reference_id":"USN-6929-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6929-1/"},{"reference_url":"https://usn.ubuntu.com/6930-1/","reference_id":"USN-6930-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6930-1/"},{"reference_url":"https://usn.ubuntu.com/6931-1/","reference_id":"USN-6931-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6931-1/"},{"reference_url":"https://usn.ubuntu.com/6932-1/","reference_id":"USN-6932-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6932-1/"},{"reference_url":"https://usn.ubuntu.com/7096-1/","reference_id":"USN-7096-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7096-1/"},{"reference_url":"https://usn.ubuntu.com/7097-1/","reference_id":"USN-7097-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7097-1/"},{"reference_url":"https://usn.ubuntu.com/7098-1/","reference_id":"USN-7098-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7098-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049131?format=json","purl":"pkg:deb/debian/openjdk-11@11.0.24%2B8-2~deb11u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11vj-5zz4-6fe7"},{"vulnerability":"VCID-13t7-vubq-8kae"},{"vulnerability":"VCID-4snj-etwf-eqe8"},{"vulnerability":"VCID-6196-gvhx-ruh8"},{"vulnerability":"VCID-9n5v-4daz-eyc2"},{"vulnerability":"VCID-apsn-z1br-3bdy"},{"vulnerability":"VCID-b32x-4pu4-jkh4"},{"vulnerability":"VCID-duy9-6f1p-vqah"},{"vulnerability":"VCID-e6dm-6767-9kdk"},{"vulnerability":"VCID-mt9c-tby1-wqe9"},{"vulnerability":"VCID-ntga-y6cv-a3df"},{"vulnerability":"VCID-nxx8-nehy-qyhg"},{"vulnerability":"VCID-p9na-7jta-9yg4"},{"vulnerability":"VCID-u81s-cs95-4yhx"},{"vulnerability":"VCID-vbw8-4j9f-eya5"},{"vulnerability":"VCID-vpnc-yu7r-bqb6"},{"vulnerability":"VCID-y8bc-k5qu-c7f5"},{"vulnerability":"VCID-z356-tw9t-q7bp"},{"vulnerability":"VCID-zkz6-9t74-5bb4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.24%252B8-2~deb11u1"}],"aliases":["CVE-2024-21131"],"risk_score":1.6,"exploitability":"0.5","weighted_severity":"3.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-76rb-sg3r-bqce"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/31977?format=json","vulnerability_id":"VCID-8cup-qnc8-wudx","summary":"Multiple vulnerabilities have been discovered in OpenJDK, the worst of which could lead to remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-20952.json","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-20952.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-20952","reference_id":"","reference_type":"","scores":[{"value":"0.00324","scoring_system":"epss","scoring_elements":"0.55466","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00324","scoring_system":"epss","scoring_elements":"0.55441","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00324","scoring_system":"epss","scoring_elements":"0.55465","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00324","scoring_system":"epss","scoring_elements":"0.55444","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00324","scoring_system":"epss","scoring_elements":"0.55495","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00324","scoring_system":"epss","scoring_elements":"0.55505","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00324","scoring_system":"epss","scoring_elements":"0.55483","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-20952"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20918","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20918"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20919","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20919"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20921","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20921"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20926","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20926"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20932","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20932"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20945","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20945"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20952","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20952"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2257837","reference_id":"2257837","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2257837"},{"reference_url":"https://security.gentoo.org/glsa/202412-07","reference_id":"GLSA-202412-07","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-07"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2024/01/msg00023.html","reference_id":"msg00023.html","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-01-25T05:01:04Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2024/01/msg00023.html"},{"reference_url":"https://security.netapp.com/advisory/ntap-20240201-0002/","reference_id":"ntap-20240201-0002","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-01-25T05:01:04Z/"}],"url":"https://security.netapp.com/advisory/ntap-20240201-0002/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0222","reference_id":"RHSA-2024:0222","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0222"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0223","reference_id":"RHSA-2024:0223","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0223"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0224","reference_id":"RHSA-2024:0224","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0224"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0225","reference_id":"RHSA-2024:0225","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0225"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0226","reference_id":"RHSA-2024:0226","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0226"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0228","reference_id":"RHSA-2024:0228","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0228"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0230","reference_id":"RHSA-2024:0230","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0230"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0231","reference_id":"RHSA-2024:0231","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0231"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0232","reference_id":"RHSA-2024:0232","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0232"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0233","reference_id":"RHSA-2024:0233","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0233"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0234","reference_id":"RHSA-2024:0234","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0234"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0235","reference_id":"RHSA-2024:0235","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0235"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0237","reference_id":"RHSA-2024:0237","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0237"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0239","reference_id":"RHSA-2024:0239","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0239"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0240","reference_id":"RHSA-2024:0240","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0240"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0241","reference_id":"RHSA-2024:0241","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0241"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0242","reference_id":"RHSA-2024:0242","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0242"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0244","reference_id":"RHSA-2024:0244","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0244"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0246","reference_id":"RHSA-2024:0246","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0246"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0247","reference_id":"RHSA-2024:0247","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0247"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0248","reference_id":"RHSA-2024:0248","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0248"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0249","reference_id":"RHSA-2024:0249","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0249"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0250","reference_id":"RHSA-2024:0250","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0250"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0265","reference_id":"RHSA-2024:0265","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0265"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0266","reference_id":"RHSA-2024:0266","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0266"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0267","reference_id":"RHSA-2024:0267","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0267"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1481","reference_id":"RHSA-2024:1481","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1481"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1482","reference_id":"RHSA-2024:1482","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1482"},{"reference_url":"https://usn.ubuntu.com/6660-1/","reference_id":"USN-6660-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6660-1/"},{"reference_url":"https://usn.ubuntu.com/6661-1/","reference_id":"USN-6661-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6661-1/"},{"reference_url":"https://usn.ubuntu.com/6662-1/","reference_id":"USN-6662-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6662-1/"},{"reference_url":"https://usn.ubuntu.com/6696-1/","reference_id":"USN-6696-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6696-1/"},{"reference_url":"https://usn.ubuntu.com/7096-1/","reference_id":"USN-7096-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7096-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049131?format=json","purl":"pkg:deb/debian/openjdk-11@11.0.24%2B8-2~deb11u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11vj-5zz4-6fe7"},{"vulnerability":"VCID-13t7-vubq-8kae"},{"vulnerability":"VCID-4snj-etwf-eqe8"},{"vulnerability":"VCID-6196-gvhx-ruh8"},{"vulnerability":"VCID-9n5v-4daz-eyc2"},{"vulnerability":"VCID-apsn-z1br-3bdy"},{"vulnerability":"VCID-b32x-4pu4-jkh4"},{"vulnerability":"VCID-duy9-6f1p-vqah"},{"vulnerability":"VCID-e6dm-6767-9kdk"},{"vulnerability":"VCID-mt9c-tby1-wqe9"},{"vulnerability":"VCID-ntga-y6cv-a3df"},{"vulnerability":"VCID-nxx8-nehy-qyhg"},{"vulnerability":"VCID-p9na-7jta-9yg4"},{"vulnerability":"VCID-u81s-cs95-4yhx"},{"vulnerability":"VCID-vbw8-4j9f-eya5"},{"vulnerability":"VCID-vpnc-yu7r-bqb6"},{"vulnerability":"VCID-y8bc-k5qu-c7f5"},{"vulnerability":"VCID-z356-tw9t-q7bp"},{"vulnerability":"VCID-zkz6-9t74-5bb4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.24%252B8-2~deb11u1"}],"aliases":["CVE-2024-20952"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8cup-qnc8-wudx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/78480?format=json","vulnerability_id":"VCID-8wud-7t2q-xfa3","summary":"OpenJDK: missing check for slash characters in URI-to-path conversion (8298667)","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-21968.json","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-21968.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-21968","reference_id":"","reference_type":"","scores":[{"value":"0.0008","scoring_system":"epss","scoring_elements":"0.23735","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0008","scoring_system":"epss","scoring_elements":"0.23693","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00088","scoring_system":"epss","scoring_elements":"0.25179","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00088","scoring_system":"epss","scoring_elements":"0.25193","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00088","scoring_system":"epss","scoring_elements":"0.2515","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00088","scoring_system":"epss","scoring_elements":"0.25098","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00088","scoring_system":"epss","scoring_elements":"0.25064","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00088","scoring_system":"epss","scoring_elements":"0.25134","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-21968"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21930","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21930"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21937","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21937"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21938","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21938"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21939","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21939"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21954","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21954"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21967","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21967"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21968","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21968"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22006","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22006"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22036","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22036"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22041","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22041"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22045","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22045"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22049","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22049"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1035957","reference_id":"1035957","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1035957"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036280","reference_id":"1036280","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036280"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2187802","reference_id":"2187802","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2187802"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1875","reference_id":"RHSA-2023:1875","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1875"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1877","reference_id":"RHSA-2023:1877","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1877"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1878","reference_id":"RHSA-2023:1878","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1878"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1879","reference_id":"RHSA-2023:1879","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1879"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1880","reference_id":"RHSA-2023:1880","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1880"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1882","reference_id":"RHSA-2023:1882","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1882"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1883","reference_id":"RHSA-2023:1883","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1883"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1884","reference_id":"RHSA-2023:1884","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1884"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1885","reference_id":"RHSA-2023:1885","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1885"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1889","reference_id":"RHSA-2023:1889","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1889"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1890","reference_id":"RHSA-2023:1890","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1890"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1891","reference_id":"RHSA-2023:1891","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1891"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1892","reference_id":"RHSA-2023:1892","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1892"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1895","reference_id":"RHSA-2023:1895","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1895"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1898","reference_id":"RHSA-2023:1898","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1898"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1899","reference_id":"RHSA-2023:1899","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1899"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1900","reference_id":"RHSA-2023:1900","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1900"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1903","reference_id":"RHSA-2023:1903","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1903"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1904","reference_id":"RHSA-2023:1904","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1904"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1905","reference_id":"RHSA-2023:1905","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1905"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1906","reference_id":"RHSA-2023:1906","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1906"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1907","reference_id":"RHSA-2023:1907","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1907"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1908","reference_id":"RHSA-2023:1908","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1908"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1909","reference_id":"RHSA-2023:1909","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1909"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1910","reference_id":"RHSA-2023:1910","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1910"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1911","reference_id":"RHSA-2023:1911","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1911"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1912","reference_id":"RHSA-2023:1912","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1912"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4103","reference_id":"RHSA-2023:4103","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4103"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4160","reference_id":"RHSA-2023:4160","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4160"},{"reference_url":"https://usn.ubuntu.com/6077-1/","reference_id":"USN-6077-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6077-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049131?format=json","purl":"pkg:deb/debian/openjdk-11@11.0.24%2B8-2~deb11u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11vj-5zz4-6fe7"},{"vulnerability":"VCID-13t7-vubq-8kae"},{"vulnerability":"VCID-4snj-etwf-eqe8"},{"vulnerability":"VCID-6196-gvhx-ruh8"},{"vulnerability":"VCID-9n5v-4daz-eyc2"},{"vulnerability":"VCID-apsn-z1br-3bdy"},{"vulnerability":"VCID-b32x-4pu4-jkh4"},{"vulnerability":"VCID-duy9-6f1p-vqah"},{"vulnerability":"VCID-e6dm-6767-9kdk"},{"vulnerability":"VCID-mt9c-tby1-wqe9"},{"vulnerability":"VCID-ntga-y6cv-a3df"},{"vulnerability":"VCID-nxx8-nehy-qyhg"},{"vulnerability":"VCID-p9na-7jta-9yg4"},{"vulnerability":"VCID-u81s-cs95-4yhx"},{"vulnerability":"VCID-vbw8-4j9f-eya5"},{"vulnerability":"VCID-vpnc-yu7r-bqb6"},{"vulnerability":"VCID-y8bc-k5qu-c7f5"},{"vulnerability":"VCID-z356-tw9t-q7bp"},{"vulnerability":"VCID-zkz6-9t74-5bb4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.24%252B8-2~deb11u1"}],"aliases":["CVE-2023-21968"],"risk_score":1.6,"exploitability":"0.5","weighted_severity":"3.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8wud-7t2q-xfa3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/76841?format=json","vulnerability_id":"VCID-9urr-3gt2-mfhe","summary":"OpenJDK: long Exception message leading to crash (8319851)","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21011.json","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21011.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-21011","reference_id":"","reference_type":"","scores":[{"value":"0.00339","scoring_system":"epss","scoring_elements":"0.567","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00339","scoring_system":"epss","scoring_elements":"0.5668","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00339","scoring_system":"epss","scoring_elements":"0.56701","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00339","scoring_system":"epss","scoring_elements":"0.56732","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00339","scoring_system":"epss","scoring_elements":"0.56736","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00339","scoring_system":"epss","scoring_elements":"0.56745","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00339","scoring_system":"epss","scoring_elements":"0.56721","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-21011"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21011","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21011"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21012","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21012"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21068","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21068"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21085","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21085"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21094","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21094"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1069678","reference_id":"1069678","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1069678"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2274977","reference_id":"2274977","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2274977"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm:20.3.13:*:*:*:enterprise:*:*:*","reference_id":"cpe:2.3:a:oracle:graalvm:20.3.13:*:*:*:enterprise:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm:20.3.13:*:*:*:enterprise:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm:21.3.9:*:*:*:enterprise:*:*:*","reference_id":"cpe:2.3:a:oracle:graalvm:21.3.9:*:*:*:enterprise:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm:21.3.9:*:*:*:enterprise:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:17.0.10:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:graalvm_for_jdk:17.0.10:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:17.0.10:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:21.0.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:graalvm_for_jdk:21.0.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:21.0.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:22:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:graalvm_for_jdk:22:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:22:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:11.0.22:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:java_se:11.0.22:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:11.0.22:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:17.0.10:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:java_se:17.0.10:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:17.0.10:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:21.0.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:java_se:21.0.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:21.0.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:22:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:java_se:22:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:22:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:8u401:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:java_se:8u401:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:8u401:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:8u401:*:*:*:enterprise_performance:*:*:*","reference_id":"cpe:2.3:a:oracle:java_se:8u401:*:*:*:enterprise_performance:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:8u401:*:*:*:enterprise_performance:*:*:*"},{"reference_url":"https://www.oracle.com/security-alerts/cpuapr2024.html","reference_id":"cpuapr2024.html","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-26T15:16:14Z/"}],"url":"https://www.oracle.com/security-alerts/cpuapr2024.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2024/04/msg00014.html","reference_id":"msg00014.html","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-26T15:16:14Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2024/04/msg00014.html"},{"reference_url":"https://security.netapp.com/advisory/ntap-20240426-0004/","reference_id":"ntap-20240426-0004","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-26T15:16:14Z/"}],"url":"https://security.netapp.com/advisory/ntap-20240426-0004/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1815","reference_id":"RHSA-2024:1815","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1815"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1816","reference_id":"RHSA-2024:1816","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1816"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1817","reference_id":"RHSA-2024:1817","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1817"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1818","reference_id":"RHSA-2024:1818","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1818"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1819","reference_id":"RHSA-2024:1819","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1819"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1820","reference_id":"RHSA-2024:1820","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1820"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1821","reference_id":"RHSA-2024:1821","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1821"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1822","reference_id":"RHSA-2024:1822","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1822"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1823","reference_id":"RHSA-2024:1823","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1823"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1824","reference_id":"RHSA-2024:1824","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1824"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1825","reference_id":"RHSA-2024:1825","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1825"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1826","reference_id":"RHSA-2024:1826","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1826"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1827","reference_id":"RHSA-2024:1827","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1827"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1828","reference_id":"RHSA-2024:1828","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1828"},{"reference_url":"https://usn.ubuntu.com/6810-1/","reference_id":"USN-6810-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6810-1/"},{"reference_url":"https://usn.ubuntu.com/6811-1/","reference_id":"USN-6811-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6811-1/"},{"reference_url":"https://usn.ubuntu.com/6812-1/","reference_id":"USN-6812-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6812-1/"},{"reference_url":"https://usn.ubuntu.com/6813-1/","reference_id":"USN-6813-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6813-1/"},{"reference_url":"https://usn.ubuntu.com/7096-1/","reference_id":"USN-7096-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7096-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049131?format=json","purl":"pkg:deb/debian/openjdk-11@11.0.24%2B8-2~deb11u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11vj-5zz4-6fe7"},{"vulnerability":"VCID-13t7-vubq-8kae"},{"vulnerability":"VCID-4snj-etwf-eqe8"},{"vulnerability":"VCID-6196-gvhx-ruh8"},{"vulnerability":"VCID-9n5v-4daz-eyc2"},{"vulnerability":"VCID-apsn-z1br-3bdy"},{"vulnerability":"VCID-b32x-4pu4-jkh4"},{"vulnerability":"VCID-duy9-6f1p-vqah"},{"vulnerability":"VCID-e6dm-6767-9kdk"},{"vulnerability":"VCID-mt9c-tby1-wqe9"},{"vulnerability":"VCID-ntga-y6cv-a3df"},{"vulnerability":"VCID-nxx8-nehy-qyhg"},{"vulnerability":"VCID-p9na-7jta-9yg4"},{"vulnerability":"VCID-u81s-cs95-4yhx"},{"vulnerability":"VCID-vbw8-4j9f-eya5"},{"vulnerability":"VCID-vpnc-yu7r-bqb6"},{"vulnerability":"VCID-y8bc-k5qu-c7f5"},{"vulnerability":"VCID-z356-tw9t-q7bp"},{"vulnerability":"VCID-zkz6-9t74-5bb4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.24%252B8-2~deb11u1"}],"aliases":["CVE-2024-21011"],"risk_score":1.6,"exploitability":"0.5","weighted_severity":"3.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9urr-3gt2-mfhe"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/78477?format=json","vulnerability_id":"VCID-9uzg-sja9-hkcy","summary":"OpenJDK: Swing HTML parsing issue (8296832)","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-21939.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-21939.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-21939","reference_id":"","reference_type":"","scores":[{"value":"0.01861","scoring_system":"epss","scoring_elements":"0.83001","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01861","scoring_system":"epss","scoring_elements":"0.83048","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01861","scoring_system":"epss","scoring_elements":"0.83014","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01861","scoring_system":"epss","scoring_elements":"0.83012","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01861","scoring_system":"epss","scoring_elements":"0.83037","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01861","scoring_system":"epss","scoring_elements":"0.83044","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01861","scoring_system":"epss","scoring_elements":"0.83059","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01861","scoring_system":"epss","scoring_elements":"0.83053","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-21939"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21930","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21930"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21937","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21937"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21938","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21938"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21939","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21939"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21954","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21954"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21967","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21967"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21968","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21968"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22006","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22006"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22036","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22036"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22041","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22041"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22045","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22045"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22049","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22049"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1035957","reference_id":"1035957","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1035957"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036280","reference_id":"1036280","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036280"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2187724","reference_id":"2187724","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2187724"},{"reference_url":"https://www.debian.org/security/2023/dsa-5430","reference_id":"dsa-5430","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-05T19:26:29Z/"}],"url":"https://www.debian.org/security/2023/dsa-5430"},{"reference_url":"https://www.debian.org/security/2023/dsa-5478","reference_id":"dsa-5478","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-05T19:26:29Z/"}],"url":"https://www.debian.org/security/2023/dsa-5478"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2023/09/msg00018.html","reference_id":"msg00018.html","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-05T19:26:29Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2023/09/msg00018.html"},{"reference_url":"https://security.netapp.com/advisory/ntap-20230427-0008/","reference_id":"ntap-20230427-0008","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-05T19:26:29Z/"}],"url":"https://security.netapp.com/advisory/ntap-20230427-0008/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1875","reference_id":"RHSA-2023:1875","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1875"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1877","reference_id":"RHSA-2023:1877","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1877"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1878","reference_id":"RHSA-2023:1878","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1878"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1879","reference_id":"RHSA-2023:1879","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1879"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1880","reference_id":"RHSA-2023:1880","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1880"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1882","reference_id":"RHSA-2023:1882","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1882"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1883","reference_id":"RHSA-2023:1883","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1883"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1884","reference_id":"RHSA-2023:1884","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1884"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1885","reference_id":"RHSA-2023:1885","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1885"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1889","reference_id":"RHSA-2023:1889","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1889"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1890","reference_id":"RHSA-2023:1890","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1890"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1891","reference_id":"RHSA-2023:1891","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1891"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1892","reference_id":"RHSA-2023:1892","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1892"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1895","reference_id":"RHSA-2023:1895","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1895"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1898","reference_id":"RHSA-2023:1898","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1898"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1899","reference_id":"RHSA-2023:1899","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1899"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1900","reference_id":"RHSA-2023:1900","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1900"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1903","reference_id":"RHSA-2023:1903","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1903"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1904","reference_id":"RHSA-2023:1904","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1904"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1905","reference_id":"RHSA-2023:1905","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1905"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1906","reference_id":"RHSA-2023:1906","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1906"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1907","reference_id":"RHSA-2023:1907","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1907"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1908","reference_id":"RHSA-2023:1908","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1908"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1909","reference_id":"RHSA-2023:1909","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1909"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1910","reference_id":"RHSA-2023:1910","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1910"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1911","reference_id":"RHSA-2023:1911","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1911"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1912","reference_id":"RHSA-2023:1912","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1912"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4103","reference_id":"RHSA-2023:4103","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4103"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4160","reference_id":"RHSA-2023:4160","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4160"},{"reference_url":"https://usn.ubuntu.com/6077-1/","reference_id":"USN-6077-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6077-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049131?format=json","purl":"pkg:deb/debian/openjdk-11@11.0.24%2B8-2~deb11u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11vj-5zz4-6fe7"},{"vulnerability":"VCID-13t7-vubq-8kae"},{"vulnerability":"VCID-4snj-etwf-eqe8"},{"vulnerability":"VCID-6196-gvhx-ruh8"},{"vulnerability":"VCID-9n5v-4daz-eyc2"},{"vulnerability":"VCID-apsn-z1br-3bdy"},{"vulnerability":"VCID-b32x-4pu4-jkh4"},{"vulnerability":"VCID-duy9-6f1p-vqah"},{"vulnerability":"VCID-e6dm-6767-9kdk"},{"vulnerability":"VCID-mt9c-tby1-wqe9"},{"vulnerability":"VCID-ntga-y6cv-a3df"},{"vulnerability":"VCID-nxx8-nehy-qyhg"},{"vulnerability":"VCID-p9na-7jta-9yg4"},{"vulnerability":"VCID-u81s-cs95-4yhx"},{"vulnerability":"VCID-vbw8-4j9f-eya5"},{"vulnerability":"VCID-vpnc-yu7r-bqb6"},{"vulnerability":"VCID-y8bc-k5qu-c7f5"},{"vulnerability":"VCID-z356-tw9t-q7bp"},{"vulnerability":"VCID-zkz6-9t74-5bb4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.24%252B8-2~deb11u1"}],"aliases":["CVE-2023-21939"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9uzg-sja9-hkcy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/31968?format=json","vulnerability_id":"VCID-a282-ksr4-j3cu","summary":"Multiple vulnerabilities have been discovered in OpenJDK, the worst of which could lead to remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-22081.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-22081.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-22081","reference_id":"","reference_type":"","scores":[{"value":"0.00097","scoring_system":"epss","scoring_elements":"0.26809","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00097","scoring_system":"epss","scoring_elements":"0.26849","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00097","scoring_system":"epss","scoring_elements":"0.26634","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00097","scoring_system":"epss","scoring_elements":"0.26702","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00097","scoring_system":"epss","scoring_elements":"0.26753","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00097","scoring_system":"epss","scoring_elements":"0.26756","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00097","scoring_system":"epss","scoring_elements":"0.26712","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00097","scoring_system":"epss","scoring_elements":"0.26655","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-22081"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22025","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22025"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22081","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22081"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2243627","reference_id":"2243627","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2243627"},{"reference_url":"https://security.gentoo.org/glsa/202412-07","reference_id":"GLSA-202412-07","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-07"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5725","reference_id":"RHSA-2023:5725","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5725"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5726","reference_id":"RHSA-2023:5726","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5726"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5727","reference_id":"RHSA-2023:5727","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5727"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5728","reference_id":"RHSA-2023:5728","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5728"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5729","reference_id":"RHSA-2023:5729","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5729"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5730","reference_id":"RHSA-2023:5730","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5730"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5731","reference_id":"RHSA-2023:5731","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5731"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5732","reference_id":"RHSA-2023:5732","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5732"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5733","reference_id":"RHSA-2023:5733","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5733"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5734","reference_id":"RHSA-2023:5734","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5734"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5735","reference_id":"RHSA-2023:5735","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5735"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5736","reference_id":"RHSA-2023:5736","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5736"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5737","reference_id":"RHSA-2023:5737","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5737"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5739","reference_id":"RHSA-2023:5739","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5739"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5740","reference_id":"RHSA-2023:5740","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5740"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5741","reference_id":"RHSA-2023:5741","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5741"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5742","reference_id":"RHSA-2023:5742","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5742"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5743","reference_id":"RHSA-2023:5743","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5743"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5744","reference_id":"RHSA-2023:5744","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5744"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5745","reference_id":"RHSA-2023:5745","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5745"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5746","reference_id":"RHSA-2023:5746","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5746"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5747","reference_id":"RHSA-2023:5747","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5747"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5750","reference_id":"RHSA-2023:5750","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5750"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5751","reference_id":"RHSA-2023:5751","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5751"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5752","reference_id":"RHSA-2023:5752","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5752"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5753","reference_id":"RHSA-2023:5753","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5753"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5761","reference_id":"RHSA-2023:5761","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5761"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6738","reference_id":"RHSA-2023:6738","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6738"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6887","reference_id":"RHSA-2023:6887","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6887"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0866","reference_id":"RHSA-2024:0866","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0866"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0879","reference_id":"RHSA-2024:0879","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0879"},{"reference_url":"https://usn.ubuntu.com/6527-1/","reference_id":"USN-6527-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6527-1/"},{"reference_url":"https://usn.ubuntu.com/6528-1/","reference_id":"USN-6528-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6528-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049131?format=json","purl":"pkg:deb/debian/openjdk-11@11.0.24%2B8-2~deb11u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11vj-5zz4-6fe7"},{"vulnerability":"VCID-13t7-vubq-8kae"},{"vulnerability":"VCID-4snj-etwf-eqe8"},{"vulnerability":"VCID-6196-gvhx-ruh8"},{"vulnerability":"VCID-9n5v-4daz-eyc2"},{"vulnerability":"VCID-apsn-z1br-3bdy"},{"vulnerability":"VCID-b32x-4pu4-jkh4"},{"vulnerability":"VCID-duy9-6f1p-vqah"},{"vulnerability":"VCID-e6dm-6767-9kdk"},{"vulnerability":"VCID-mt9c-tby1-wqe9"},{"vulnerability":"VCID-ntga-y6cv-a3df"},{"vulnerability":"VCID-nxx8-nehy-qyhg"},{"vulnerability":"VCID-p9na-7jta-9yg4"},{"vulnerability":"VCID-u81s-cs95-4yhx"},{"vulnerability":"VCID-vbw8-4j9f-eya5"},{"vulnerability":"VCID-vpnc-yu7r-bqb6"},{"vulnerability":"VCID-y8bc-k5qu-c7f5"},{"vulnerability":"VCID-z356-tw9t-q7bp"},{"vulnerability":"VCID-zkz6-9t74-5bb4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.24%252B8-2~deb11u1"}],"aliases":["CVE-2023-22081"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-a282-ksr4-j3cu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/34431?format=json","vulnerability_id":"VCID-a3xk-3wya-s3gm","summary":"Multiple vulnerabilities have been found in IcedTea, the worst of which could result in arbitrary code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-21835.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-21835.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-21835","reference_id":"","reference_type":"","scores":[{"value":"0.00077","scoring_system":"epss","scoring_elements":"0.23206","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00077","scoring_system":"epss","scoring_elements":"0.2325","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00077","scoring_system":"epss","scoring_elements":"0.23039","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00077","scoring_system":"epss","scoring_elements":"0.23112","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00077","scoring_system":"epss","scoring_elements":"0.23165","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00077","scoring_system":"epss","scoring_elements":"0.23185","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00077","scoring_system":"epss","scoring_elements":"0.23147","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00077","scoring_system":"epss","scoring_elements":"0.23089","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-21835"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21618","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21618"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21619","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21619"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21624","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21624"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21626","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21626"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21628","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21628"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39399","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39399"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21835","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21835"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21843","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21843"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2160421","reference_id":"2160421","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2160421"},{"reference_url":"https://security.gentoo.org/glsa/202409-26","reference_id":"GLSA-202409-26","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202409-26"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0190","reference_id":"RHSA-2023:0190","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0190"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0191","reference_id":"RHSA-2023:0191","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0191"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0192","reference_id":"RHSA-2023:0192","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0192"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0193","reference_id":"RHSA-2023:0193","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0193"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0194","reference_id":"RHSA-2023:0194","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0194"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0195","reference_id":"RHSA-2023:0195","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0195"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0196","reference_id":"RHSA-2023:0196","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0196"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0197","reference_id":"RHSA-2023:0197","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0197"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0198","reference_id":"RHSA-2023:0198","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0198"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0199","reference_id":"RHSA-2023:0199","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0199"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0200","reference_id":"RHSA-2023:0200","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0200"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0201","reference_id":"RHSA-2023:0201","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0201"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0202","reference_id":"RHSA-2023:0202","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0202"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0352","reference_id":"RHSA-2023:0352","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0352"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0353","reference_id":"RHSA-2023:0353","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0353"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0388","reference_id":"RHSA-2023:0388","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0388"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0389","reference_id":"RHSA-2023:0389","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0389"},{"reference_url":"https://usn.ubuntu.com/5897-1/","reference_id":"USN-5897-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5897-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049131?format=json","purl":"pkg:deb/debian/openjdk-11@11.0.24%2B8-2~deb11u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11vj-5zz4-6fe7"},{"vulnerability":"VCID-13t7-vubq-8kae"},{"vulnerability":"VCID-4snj-etwf-eqe8"},{"vulnerability":"VCID-6196-gvhx-ruh8"},{"vulnerability":"VCID-9n5v-4daz-eyc2"},{"vulnerability":"VCID-apsn-z1br-3bdy"},{"vulnerability":"VCID-b32x-4pu4-jkh4"},{"vulnerability":"VCID-duy9-6f1p-vqah"},{"vulnerability":"VCID-e6dm-6767-9kdk"},{"vulnerability":"VCID-mt9c-tby1-wqe9"},{"vulnerability":"VCID-ntga-y6cv-a3df"},{"vulnerability":"VCID-nxx8-nehy-qyhg"},{"vulnerability":"VCID-p9na-7jta-9yg4"},{"vulnerability":"VCID-u81s-cs95-4yhx"},{"vulnerability":"VCID-vbw8-4j9f-eya5"},{"vulnerability":"VCID-vpnc-yu7r-bqb6"},{"vulnerability":"VCID-y8bc-k5qu-c7f5"},{"vulnerability":"VCID-z356-tw9t-q7bp"},{"vulnerability":"VCID-zkz6-9t74-5bb4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.24%252B8-2~deb11u1"}],"aliases":["CVE-2023-21835"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-a3xk-3wya-s3gm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/31962?format=json","vulnerability_id":"VCID-a59u-h67v-yygm","summary":"Multiple vulnerabilities have been discovered in OpenJDK, the worst of which could lead to remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-22041.json","reference_id":"","reference_type":"","scores":[{"value":"5.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-22041.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-22041","reference_id":"","reference_type":"","scores":[{"value":"0.00073","scoring_system":"epss","scoring_elements":"0.22241","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00073","scoring_system":"epss","scoring_elements":"0.22289","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00073","scoring_system":"epss","scoring_elements":"0.22073","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00073","scoring_system":"epss","scoring_elements":"0.22154","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00073","scoring_system":"epss","scoring_elements":"0.22208","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00073","scoring_system":"epss","scoring_elements":"0.22229","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00073","scoring_system":"epss","scoring_elements":"0.22188","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00073","scoring_system":"epss","scoring_elements":"0.22128","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-22041"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21930","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21930"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21937","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21937"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21938","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21938"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21939","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21939"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21954","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21954"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21967","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21967"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21968","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21968"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22006","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22006"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22036","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22036"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22041","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22041"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22045","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22045"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22049","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22049"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2223207","reference_id":"2223207","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2223207"},{"reference_url":"https://security.gentoo.org/glsa/202407-24","reference_id":"GLSA-202407-24","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202407-24"},{"reference_url":"https://security.gentoo.org/glsa/202412-07","reference_id":"GLSA-202412-07","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-07"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4157","reference_id":"RHSA-2023:4157","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4157"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4158","reference_id":"RHSA-2023:4158","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4158"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4159","reference_id":"RHSA-2023:4159","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4159"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4161","reference_id":"RHSA-2023:4161","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4161"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4162","reference_id":"RHSA-2023:4162","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4162"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4163","reference_id":"RHSA-2023:4163","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4163"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4164","reference_id":"RHSA-2023:4164","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4164"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4165","reference_id":"RHSA-2023:4165","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4165"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4169","reference_id":"RHSA-2023:4169","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4169"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4170","reference_id":"RHSA-2023:4170","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4170"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4171","reference_id":"RHSA-2023:4171","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4171"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4175","reference_id":"RHSA-2023:4175","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4175"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4177","reference_id":"RHSA-2023:4177","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4177"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4208","reference_id":"RHSA-2023:4208","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4208"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4210","reference_id":"RHSA-2023:4210","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4210"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4211","reference_id":"RHSA-2023:4211","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4211"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4233","reference_id":"RHSA-2023:4233","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4233"},{"reference_url":"https://usn.ubuntu.com/6263-1/","reference_id":"USN-6263-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6263-1/"},{"reference_url":"https://usn.ubuntu.com/6272-1/","reference_id":"USN-6272-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6272-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049131?format=json","purl":"pkg:deb/debian/openjdk-11@11.0.24%2B8-2~deb11u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11vj-5zz4-6fe7"},{"vulnerability":"VCID-13t7-vubq-8kae"},{"vulnerability":"VCID-4snj-etwf-eqe8"},{"vulnerability":"VCID-6196-gvhx-ruh8"},{"vulnerability":"VCID-9n5v-4daz-eyc2"},{"vulnerability":"VCID-apsn-z1br-3bdy"},{"vulnerability":"VCID-b32x-4pu4-jkh4"},{"vulnerability":"VCID-duy9-6f1p-vqah"},{"vulnerability":"VCID-e6dm-6767-9kdk"},{"vulnerability":"VCID-mt9c-tby1-wqe9"},{"vulnerability":"VCID-ntga-y6cv-a3df"},{"vulnerability":"VCID-nxx8-nehy-qyhg"},{"vulnerability":"VCID-p9na-7jta-9yg4"},{"vulnerability":"VCID-u81s-cs95-4yhx"},{"vulnerability":"VCID-vbw8-4j9f-eya5"},{"vulnerability":"VCID-vpnc-yu7r-bqb6"},{"vulnerability":"VCID-y8bc-k5qu-c7f5"},{"vulnerability":"VCID-z356-tw9t-q7bp"},{"vulnerability":"VCID-zkz6-9t74-5bb4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.24%252B8-2~deb11u1"}],"aliases":["CVE-2023-22041"],"risk_score":2.3,"exploitability":"0.5","weighted_severity":"4.6","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-a59u-h67v-yygm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/78479?format=json","vulnerability_id":"VCID-dwh6-xw5k-mqg8","summary":"OpenJDK: missing string checks for NULL characters (8296622)","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-21937.json","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-21937.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-21937","reference_id":"","reference_type":"","scores":[{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.25149","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.24993","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.25188","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.2496","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.25029","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.25073","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.25087","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.25047","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-21937"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21930","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21930"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21937","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21937"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21938","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21938"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21939","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21939"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21954","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21954"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21967","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21967"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21968","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21968"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22006","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22006"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22036","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22036"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22041","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22041"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22045","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22045"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22049","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22049"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1035957","reference_id":"1035957","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1035957"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036280","reference_id":"1036280","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036280"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2187790","reference_id":"2187790","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2187790"},{"reference_url":"https://www.debian.org/security/2023/dsa-5430","reference_id":"dsa-5430","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-17T13:34:57Z/"}],"url":"https://www.debian.org/security/2023/dsa-5430"},{"reference_url":"https://www.debian.org/security/2023/dsa-5478","reference_id":"dsa-5478","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-17T13:34:57Z/"}],"url":"https://www.debian.org/security/2023/dsa-5478"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2023/09/msg00018.html","reference_id":"msg00018.html","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-17T13:34:57Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2023/09/msg00018.html"},{"reference_url":"https://security.netapp.com/advisory/ntap-20230427-0008/","reference_id":"ntap-20230427-0008","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-17T13:34:57Z/"}],"url":"https://security.netapp.com/advisory/ntap-20230427-0008/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1875","reference_id":"RHSA-2023:1875","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1875"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1877","reference_id":"RHSA-2023:1877","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1877"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1878","reference_id":"RHSA-2023:1878","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1878"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1879","reference_id":"RHSA-2023:1879","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1879"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1880","reference_id":"RHSA-2023:1880","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1880"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1882","reference_id":"RHSA-2023:1882","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1882"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1883","reference_id":"RHSA-2023:1883","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1883"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1884","reference_id":"RHSA-2023:1884","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1884"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1885","reference_id":"RHSA-2023:1885","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1885"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1889","reference_id":"RHSA-2023:1889","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1889"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1890","reference_id":"RHSA-2023:1890","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1890"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1891","reference_id":"RHSA-2023:1891","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1891"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1892","reference_id":"RHSA-2023:1892","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1892"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1895","reference_id":"RHSA-2023:1895","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1895"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1898","reference_id":"RHSA-2023:1898","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1898"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1899","reference_id":"RHSA-2023:1899","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1899"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1900","reference_id":"RHSA-2023:1900","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1900"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1903","reference_id":"RHSA-2023:1903","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1903"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1904","reference_id":"RHSA-2023:1904","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1904"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1905","reference_id":"RHSA-2023:1905","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1905"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1906","reference_id":"RHSA-2023:1906","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1906"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1907","reference_id":"RHSA-2023:1907","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1907"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1908","reference_id":"RHSA-2023:1908","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1908"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1909","reference_id":"RHSA-2023:1909","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1909"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1910","reference_id":"RHSA-2023:1910","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1910"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1911","reference_id":"RHSA-2023:1911","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1911"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1912","reference_id":"RHSA-2023:1912","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1912"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4103","reference_id":"RHSA-2023:4103","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4103"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4160","reference_id":"RHSA-2023:4160","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4160"},{"reference_url":"https://usn.ubuntu.com/6077-1/","reference_id":"USN-6077-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6077-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049131?format=json","purl":"pkg:deb/debian/openjdk-11@11.0.24%2B8-2~deb11u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11vj-5zz4-6fe7"},{"vulnerability":"VCID-13t7-vubq-8kae"},{"vulnerability":"VCID-4snj-etwf-eqe8"},{"vulnerability":"VCID-6196-gvhx-ruh8"},{"vulnerability":"VCID-9n5v-4daz-eyc2"},{"vulnerability":"VCID-apsn-z1br-3bdy"},{"vulnerability":"VCID-b32x-4pu4-jkh4"},{"vulnerability":"VCID-duy9-6f1p-vqah"},{"vulnerability":"VCID-e6dm-6767-9kdk"},{"vulnerability":"VCID-mt9c-tby1-wqe9"},{"vulnerability":"VCID-ntga-y6cv-a3df"},{"vulnerability":"VCID-nxx8-nehy-qyhg"},{"vulnerability":"VCID-p9na-7jta-9yg4"},{"vulnerability":"VCID-u81s-cs95-4yhx"},{"vulnerability":"VCID-vbw8-4j9f-eya5"},{"vulnerability":"VCID-vpnc-yu7r-bqb6"},{"vulnerability":"VCID-y8bc-k5qu-c7f5"},{"vulnerability":"VCID-z356-tw9t-q7bp"},{"vulnerability":"VCID-zkz6-9t74-5bb4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.24%252B8-2~deb11u1"}],"aliases":["CVE-2023-21937"],"risk_score":1.6,"exploitability":"0.5","weighted_severity":"3.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-dwh6-xw5k-mqg8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/31965?format=json","vulnerability_id":"VCID-dyg2-udwy-cud7","summary":"Multiple vulnerabilities have been discovered in OpenJDK, the worst of which could lead to remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-22045.json","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-22045.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-22045","reference_id":"","reference_type":"","scores":[{"value":"0.00153","scoring_system":"epss","scoring_elements":"0.3604","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00153","scoring_system":"epss","scoring_elements":"0.36098","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00153","scoring_system":"epss","scoring_elements":"0.36104","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00153","scoring_system":"epss","scoring_elements":"0.36066","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00153","scoring_system":"epss","scoring_elements":"0.3603","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00153","scoring_system":"epss","scoring_elements":"0.3608","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00201","scoring_system":"epss","scoring_elements":"0.42145","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00201","scoring_system":"epss","scoring_elements":"0.42172","published_at":"2026-04-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-22045"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21930","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21930"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21937","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21937"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21938","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21938"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21939","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21939"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21954","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21954"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21967","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21967"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21968","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21968"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22006","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22006"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22036","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22036"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22041","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22041"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22045","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22045"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22049","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22049"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2221645","reference_id":"2221645","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2221645"},{"reference_url":"https://security.gentoo.org/glsa/202407-24","reference_id":"GLSA-202407-24","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202407-24"},{"reference_url":"https://security.gentoo.org/glsa/202412-07","reference_id":"GLSA-202412-07","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-07"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4157","reference_id":"RHSA-2023:4157","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4157"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4158","reference_id":"RHSA-2023:4158","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4158"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4159","reference_id":"RHSA-2023:4159","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4159"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4161","reference_id":"RHSA-2023:4161","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4161"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4162","reference_id":"RHSA-2023:4162","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4162"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4163","reference_id":"RHSA-2023:4163","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4163"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4164","reference_id":"RHSA-2023:4164","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4164"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4165","reference_id":"RHSA-2023:4165","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4165"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4166","reference_id":"RHSA-2023:4166","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4166"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4167","reference_id":"RHSA-2023:4167","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4167"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4168","reference_id":"RHSA-2023:4168","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4168"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4169","reference_id":"RHSA-2023:4169","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4169"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4170","reference_id":"RHSA-2023:4170","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4170"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4171","reference_id":"RHSA-2023:4171","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4171"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4172","reference_id":"RHSA-2023:4172","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4172"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4173","reference_id":"RHSA-2023:4173","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4173"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4174","reference_id":"RHSA-2023:4174","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4174"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4175","reference_id":"RHSA-2023:4175","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4175"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4176","reference_id":"RHSA-2023:4176","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4176"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4177","reference_id":"RHSA-2023:4177","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4177"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4178","reference_id":"RHSA-2023:4178","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4178"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4208","reference_id":"RHSA-2023:4208","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4208"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4209","reference_id":"RHSA-2023:4209","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4209"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4210","reference_id":"RHSA-2023:4210","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4210"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4211","reference_id":"RHSA-2023:4211","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4211"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4212","reference_id":"RHSA-2023:4212","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4212"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4233","reference_id":"RHSA-2023:4233","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4233"},{"reference_url":"https://usn.ubuntu.com/6263-1/","reference_id":"USN-6263-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6263-1/"},{"reference_url":"https://usn.ubuntu.com/6272-1/","reference_id":"USN-6272-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6272-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049131?format=json","purl":"pkg:deb/debian/openjdk-11@11.0.24%2B8-2~deb11u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11vj-5zz4-6fe7"},{"vulnerability":"VCID-13t7-vubq-8kae"},{"vulnerability":"VCID-4snj-etwf-eqe8"},{"vulnerability":"VCID-6196-gvhx-ruh8"},{"vulnerability":"VCID-9n5v-4daz-eyc2"},{"vulnerability":"VCID-apsn-z1br-3bdy"},{"vulnerability":"VCID-b32x-4pu4-jkh4"},{"vulnerability":"VCID-duy9-6f1p-vqah"},{"vulnerability":"VCID-e6dm-6767-9kdk"},{"vulnerability":"VCID-mt9c-tby1-wqe9"},{"vulnerability":"VCID-ntga-y6cv-a3df"},{"vulnerability":"VCID-nxx8-nehy-qyhg"},{"vulnerability":"VCID-p9na-7jta-9yg4"},{"vulnerability":"VCID-u81s-cs95-4yhx"},{"vulnerability":"VCID-vbw8-4j9f-eya5"},{"vulnerability":"VCID-vpnc-yu7r-bqb6"},{"vulnerability":"VCID-y8bc-k5qu-c7f5"},{"vulnerability":"VCID-z356-tw9t-q7bp"},{"vulnerability":"VCID-zkz6-9t74-5bb4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.24%252B8-2~deb11u1"}],"aliases":["CVE-2023-22045"],"risk_score":1.6,"exploitability":"0.5","weighted_severity":"3.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-dyg2-udwy-cud7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/31971?format=json","vulnerability_id":"VCID-fau4-ajny-nfbd","summary":"Multiple vulnerabilities have been discovered in OpenJDK, the worst of which could lead to remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-20921.json","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-20921.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-20921","reference_id":"","reference_type":"","scores":[{"value":"0.00187","scoring_system":"epss","scoring_elements":"0.40536","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00187","scoring_system":"epss","scoring_elements":"0.40563","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00187","scoring_system":"epss","scoring_elements":"0.40574","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00187","scoring_system":"epss","scoring_elements":"0.40556","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00187","scoring_system":"epss","scoring_elements":"0.40564","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00187","scoring_system":"epss","scoring_elements":"0.40592","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00187","scoring_system":"epss","scoring_elements":"0.40513","published_at":"2026-04-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-20921"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20918","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20918"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20919","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20919"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20921","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20921"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20926","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20926"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20932","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20932"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20945","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20945"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20952","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20952"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2257859","reference_id":"2257859","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2257859"},{"reference_url":"https://security.gentoo.org/glsa/202412-07","reference_id":"GLSA-202412-07","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-07"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0222","reference_id":"RHSA-2024:0222","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0222"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0223","reference_id":"RHSA-2024:0223","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0223"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0224","reference_id":"RHSA-2024:0224","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0224"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0225","reference_id":"RHSA-2024:0225","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0225"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0226","reference_id":"RHSA-2024:0226","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0226"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0228","reference_id":"RHSA-2024:0228","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0228"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0230","reference_id":"RHSA-2024:0230","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0230"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0231","reference_id":"RHSA-2024:0231","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0231"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0232","reference_id":"RHSA-2024:0232","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0232"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0233","reference_id":"RHSA-2024:0233","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0233"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0234","reference_id":"RHSA-2024:0234","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0234"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0235","reference_id":"RHSA-2024:0235","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0235"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0237","reference_id":"RHSA-2024:0237","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0237"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0239","reference_id":"RHSA-2024:0239","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0239"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0240","reference_id":"RHSA-2024:0240","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0240"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0241","reference_id":"RHSA-2024:0241","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0241"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0242","reference_id":"RHSA-2024:0242","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0242"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0244","reference_id":"RHSA-2024:0244","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0244"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0246","reference_id":"RHSA-2024:0246","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0246"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0247","reference_id":"RHSA-2024:0247","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0247"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0248","reference_id":"RHSA-2024:0248","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0248"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0249","reference_id":"RHSA-2024:0249","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0249"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0250","reference_id":"RHSA-2024:0250","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0250"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0265","reference_id":"RHSA-2024:0265","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0265"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0266","reference_id":"RHSA-2024:0266","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0266"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0267","reference_id":"RHSA-2024:0267","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0267"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1481","reference_id":"RHSA-2024:1481","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1481"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1482","reference_id":"RHSA-2024:1482","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1482"},{"reference_url":"https://usn.ubuntu.com/6660-1/","reference_id":"USN-6660-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6660-1/"},{"reference_url":"https://usn.ubuntu.com/6661-1/","reference_id":"USN-6661-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6661-1/"},{"reference_url":"https://usn.ubuntu.com/6662-1/","reference_id":"USN-6662-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6662-1/"},{"reference_url":"https://usn.ubuntu.com/6696-1/","reference_id":"USN-6696-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6696-1/"},{"reference_url":"https://usn.ubuntu.com/7096-1/","reference_id":"USN-7096-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7096-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049131?format=json","purl":"pkg:deb/debian/openjdk-11@11.0.24%2B8-2~deb11u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11vj-5zz4-6fe7"},{"vulnerability":"VCID-13t7-vubq-8kae"},{"vulnerability":"VCID-4snj-etwf-eqe8"},{"vulnerability":"VCID-6196-gvhx-ruh8"},{"vulnerability":"VCID-9n5v-4daz-eyc2"},{"vulnerability":"VCID-apsn-z1br-3bdy"},{"vulnerability":"VCID-b32x-4pu4-jkh4"},{"vulnerability":"VCID-duy9-6f1p-vqah"},{"vulnerability":"VCID-e6dm-6767-9kdk"},{"vulnerability":"VCID-mt9c-tby1-wqe9"},{"vulnerability":"VCID-ntga-y6cv-a3df"},{"vulnerability":"VCID-nxx8-nehy-qyhg"},{"vulnerability":"VCID-p9na-7jta-9yg4"},{"vulnerability":"VCID-u81s-cs95-4yhx"},{"vulnerability":"VCID-vbw8-4j9f-eya5"},{"vulnerability":"VCID-vpnc-yu7r-bqb6"},{"vulnerability":"VCID-y8bc-k5qu-c7f5"},{"vulnerability":"VCID-z356-tw9t-q7bp"},{"vulnerability":"VCID-zkz6-9t74-5bb4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.24%252B8-2~deb11u1"}],"aliases":["CVE-2024-20921"],"risk_score":2.6,"exploitability":"0.5","weighted_severity":"5.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fau4-ajny-nfbd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/78475?format=json","vulnerability_id":"VCID-fhj9-p1gx-c7hp","summary":"OpenJDK: incorrect enqueue of references in garbage collector (8298191)","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-21954.json","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-21954.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-21954","reference_id":"","reference_type":"","scores":[{"value":"0.00049","scoring_system":"epss","scoring_elements":"0.15167","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00049","scoring_system":"epss","scoring_elements":"0.15288","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00049","scoring_system":"epss","scoring_elements":"0.15357","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00049","scoring_system":"epss","scoring_elements":"0.15161","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00049","scoring_system":"epss","scoring_elements":"0.15249","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00049","scoring_system":"epss","scoring_elements":"0.15301","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00049","scoring_system":"epss","scoring_elements":"0.1527","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00049","scoring_system":"epss","scoring_elements":"0.15232","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-21954"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21930","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21930"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21937","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21937"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21938","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21938"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21939","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21939"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21954","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21954"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21967","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21967"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21968","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21968"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22006","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22006"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22036","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22036"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22041","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22041"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22045","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22045"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22049","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22049"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1035957","reference_id":"1035957","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1035957"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036280","reference_id":"1036280","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036280"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2187441","reference_id":"2187441","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2187441"},{"reference_url":"https://www.debian.org/security/2023/dsa-5430","reference_id":"dsa-5430","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-16T14:39:04Z/"}],"url":"https://www.debian.org/security/2023/dsa-5430"},{"reference_url":"https://www.debian.org/security/2023/dsa-5478","reference_id":"dsa-5478","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-16T14:39:04Z/"}],"url":"https://www.debian.org/security/2023/dsa-5478"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2023/09/msg00018.html","reference_id":"msg00018.html","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-16T14:39:04Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2023/09/msg00018.html"},{"reference_url":"https://security.netapp.com/advisory/ntap-20230427-0008/","reference_id":"ntap-20230427-0008","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-16T14:39:04Z/"}],"url":"https://security.netapp.com/advisory/ntap-20230427-0008/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1875","reference_id":"RHSA-2023:1875","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1875"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1877","reference_id":"RHSA-2023:1877","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1877"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1878","reference_id":"RHSA-2023:1878","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1878"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1879","reference_id":"RHSA-2023:1879","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1879"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1880","reference_id":"RHSA-2023:1880","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1880"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1882","reference_id":"RHSA-2023:1882","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1882"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1883","reference_id":"RHSA-2023:1883","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1883"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1884","reference_id":"RHSA-2023:1884","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1884"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1885","reference_id":"RHSA-2023:1885","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1885"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1889","reference_id":"RHSA-2023:1889","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1889"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1890","reference_id":"RHSA-2023:1890","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1890"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1891","reference_id":"RHSA-2023:1891","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1891"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1892","reference_id":"RHSA-2023:1892","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1892"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1895","reference_id":"RHSA-2023:1895","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1895"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1898","reference_id":"RHSA-2023:1898","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1898"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1899","reference_id":"RHSA-2023:1899","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1899"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1900","reference_id":"RHSA-2023:1900","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1900"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1903","reference_id":"RHSA-2023:1903","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1903"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1904","reference_id":"RHSA-2023:1904","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1904"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1905","reference_id":"RHSA-2023:1905","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1905"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1906","reference_id":"RHSA-2023:1906","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1906"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1907","reference_id":"RHSA-2023:1907","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1907"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1908","reference_id":"RHSA-2023:1908","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1908"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1909","reference_id":"RHSA-2023:1909","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1909"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1910","reference_id":"RHSA-2023:1910","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1910"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1911","reference_id":"RHSA-2023:1911","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1911"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1912","reference_id":"RHSA-2023:1912","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1912"},{"reference_url":"https://usn.ubuntu.com/6077-1/","reference_id":"USN-6077-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6077-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049131?format=json","purl":"pkg:deb/debian/openjdk-11@11.0.24%2B8-2~deb11u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11vj-5zz4-6fe7"},{"vulnerability":"VCID-13t7-vubq-8kae"},{"vulnerability":"VCID-4snj-etwf-eqe8"},{"vulnerability":"VCID-6196-gvhx-ruh8"},{"vulnerability":"VCID-9n5v-4daz-eyc2"},{"vulnerability":"VCID-apsn-z1br-3bdy"},{"vulnerability":"VCID-b32x-4pu4-jkh4"},{"vulnerability":"VCID-duy9-6f1p-vqah"},{"vulnerability":"VCID-e6dm-6767-9kdk"},{"vulnerability":"VCID-mt9c-tby1-wqe9"},{"vulnerability":"VCID-ntga-y6cv-a3df"},{"vulnerability":"VCID-nxx8-nehy-qyhg"},{"vulnerability":"VCID-p9na-7jta-9yg4"},{"vulnerability":"VCID-u81s-cs95-4yhx"},{"vulnerability":"VCID-vbw8-4j9f-eya5"},{"vulnerability":"VCID-vpnc-yu7r-bqb6"},{"vulnerability":"VCID-y8bc-k5qu-c7f5"},{"vulnerability":"VCID-z356-tw9t-q7bp"},{"vulnerability":"VCID-zkz6-9t74-5bb4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.24%252B8-2~deb11u1"}],"aliases":["CVE-2023-21954"],"risk_score":2.6,"exploitability":"0.5","weighted_severity":"5.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fhj9-p1gx-c7hp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/31974?format=json","vulnerability_id":"VCID-fwk5-wqvn-4qaz","summary":"Multiple vulnerabilities have been discovered in OpenJDK, the worst of which could lead to remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-20926.json","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-20926.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-20926","reference_id":"","reference_type":"","scores":[{"value":"0.00211","scoring_system":"epss","scoring_elements":"0.43651","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00211","scoring_system":"epss","scoring_elements":"0.43665","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00211","scoring_system":"epss","scoring_elements":"0.4369","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00211","scoring_system":"epss","scoring_elements":"0.43625","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00211","scoring_system":"epss","scoring_elements":"0.43676","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00211","scoring_system":"epss","scoring_elements":"0.4368","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00211","scoring_system":"epss","scoring_elements":"0.437","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00211","scoring_system":"epss","scoring_elements":"0.43668","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-20926"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20918","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20918"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20919","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20919"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20921","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20921"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20926","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20926"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20932","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20932"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20945","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20945"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20952","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20952"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2257850","reference_id":"2257850","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2257850"},{"reference_url":"https://security.gentoo.org/glsa/202412-07","reference_id":"GLSA-202412-07","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-07"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2024/01/msg00023.html","reference_id":"msg00023.html","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-15T16:03:46Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2024/01/msg00023.html"},{"reference_url":"https://security.netapp.com/advisory/ntap-20240201-0002/","reference_id":"ntap-20240201-0002","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-15T16:03:46Z/"}],"url":"https://security.netapp.com/advisory/ntap-20240201-0002/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0222","reference_id":"RHSA-2024:0222","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0222"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0223","reference_id":"RHSA-2024:0223","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0223"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0224","reference_id":"RHSA-2024:0224","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0224"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0225","reference_id":"RHSA-2024:0225","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0225"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0226","reference_id":"RHSA-2024:0226","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0226"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0228","reference_id":"RHSA-2024:0228","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0228"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0230","reference_id":"RHSA-2024:0230","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0230"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0231","reference_id":"RHSA-2024:0231","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0231"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0232","reference_id":"RHSA-2024:0232","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0232"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0233","reference_id":"RHSA-2024:0233","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0233"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0234","reference_id":"RHSA-2024:0234","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0234"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0235","reference_id":"RHSA-2024:0235","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0235"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0237","reference_id":"RHSA-2024:0237","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0237"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0239","reference_id":"RHSA-2024:0239","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0239"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0265","reference_id":"RHSA-2024:0265","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0265"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0266","reference_id":"RHSA-2024:0266","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0266"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1481","reference_id":"RHSA-2024:1481","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1481"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1482","reference_id":"RHSA-2024:1482","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1482"},{"reference_url":"https://usn.ubuntu.com/6660-1/","reference_id":"USN-6660-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6660-1/"},{"reference_url":"https://usn.ubuntu.com/6696-1/","reference_id":"USN-6696-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6696-1/"},{"reference_url":"https://usn.ubuntu.com/7096-1/","reference_id":"USN-7096-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7096-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049131?format=json","purl":"pkg:deb/debian/openjdk-11@11.0.24%2B8-2~deb11u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11vj-5zz4-6fe7"},{"vulnerability":"VCID-13t7-vubq-8kae"},{"vulnerability":"VCID-4snj-etwf-eqe8"},{"vulnerability":"VCID-6196-gvhx-ruh8"},{"vulnerability":"VCID-9n5v-4daz-eyc2"},{"vulnerability":"VCID-apsn-z1br-3bdy"},{"vulnerability":"VCID-b32x-4pu4-jkh4"},{"vulnerability":"VCID-duy9-6f1p-vqah"},{"vulnerability":"VCID-e6dm-6767-9kdk"},{"vulnerability":"VCID-mt9c-tby1-wqe9"},{"vulnerability":"VCID-ntga-y6cv-a3df"},{"vulnerability":"VCID-nxx8-nehy-qyhg"},{"vulnerability":"VCID-p9na-7jta-9yg4"},{"vulnerability":"VCID-u81s-cs95-4yhx"},{"vulnerability":"VCID-vbw8-4j9f-eya5"},{"vulnerability":"VCID-vpnc-yu7r-bqb6"},{"vulnerability":"VCID-y8bc-k5qu-c7f5"},{"vulnerability":"VCID-z356-tw9t-q7bp"},{"vulnerability":"VCID-zkz6-9t74-5bb4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.24%252B8-2~deb11u1"}],"aliases":["CVE-2024-20926"],"risk_score":2.6,"exploitability":"0.5","weighted_severity":"5.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fwk5-wqvn-4qaz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/34425?format=json","vulnerability_id":"VCID-fwv1-sj5y-xygd","summary":"Multiple vulnerabilities have been found in IcedTea, the worst of which could result in arbitrary code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21619.json","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21619.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-21619","reference_id":"","reference_type":"","scores":[{"value":"0.00262","scoring_system":"epss","scoring_elements":"0.49517","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00262","scoring_system":"epss","scoring_elements":"0.49544","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00262","scoring_system":"epss","scoring_elements":"0.49496","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00262","scoring_system":"epss","scoring_elements":"0.49551","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00262","scoring_system":"epss","scoring_elements":"0.49546","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00262","scoring_system":"epss","scoring_elements":"0.49563","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00262","scoring_system":"epss","scoring_elements":"0.49535","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00262","scoring_system":"epss","scoring_elements":"0.49537","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-21619"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21618","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21618"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21619","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21619"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21624","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21624"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21626","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21626"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21628","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21628"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39399","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39399"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21835","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21835"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21843","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21843"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2133745","reference_id":"2133745","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2133745"},{"reference_url":"https://security.gentoo.org/glsa/202409-26","reference_id":"GLSA-202409-26","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202409-26"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:6999","reference_id":"RHSA-2022:6999","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:6999"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7000","reference_id":"RHSA-2022:7000","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7000"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7001","reference_id":"RHSA-2022:7001","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7001"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7002","reference_id":"RHSA-2022:7002","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7002"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7003","reference_id":"RHSA-2022:7003","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7003"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7004","reference_id":"RHSA-2022:7004","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7004"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7005","reference_id":"RHSA-2022:7005","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7005"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7006","reference_id":"RHSA-2022:7006","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7006"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7007","reference_id":"RHSA-2022:7007","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7007"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7008","reference_id":"RHSA-2022:7008","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7008"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7009","reference_id":"RHSA-2022:7009","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7009"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7010","reference_id":"RHSA-2022:7010","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7010"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7011","reference_id":"RHSA-2022:7011","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7011"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7012","reference_id":"RHSA-2022:7012","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7012"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7013","reference_id":"RHSA-2022:7013","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7013"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7049","reference_id":"RHSA-2022:7049","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7049"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7050","reference_id":"RHSA-2022:7050","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7050"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7051","reference_id":"RHSA-2022:7051","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7051"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7052","reference_id":"RHSA-2022:7052","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7052"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7053","reference_id":"RHSA-2022:7053","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7053"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7054","reference_id":"RHSA-2022:7054","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7054"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:8880","reference_id":"RHSA-2022:8880","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:8880"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0128","reference_id":"RHSA-2023:0128","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0128"},{"reference_url":"https://usn.ubuntu.com/5719-1/","reference_id":"USN-5719-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5719-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049131?format=json","purl":"pkg:deb/debian/openjdk-11@11.0.24%2B8-2~deb11u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11vj-5zz4-6fe7"},{"vulnerability":"VCID-13t7-vubq-8kae"},{"vulnerability":"VCID-4snj-etwf-eqe8"},{"vulnerability":"VCID-6196-gvhx-ruh8"},{"vulnerability":"VCID-9n5v-4daz-eyc2"},{"vulnerability":"VCID-apsn-z1br-3bdy"},{"vulnerability":"VCID-b32x-4pu4-jkh4"},{"vulnerability":"VCID-duy9-6f1p-vqah"},{"vulnerability":"VCID-e6dm-6767-9kdk"},{"vulnerability":"VCID-mt9c-tby1-wqe9"},{"vulnerability":"VCID-ntga-y6cv-a3df"},{"vulnerability":"VCID-nxx8-nehy-qyhg"},{"vulnerability":"VCID-p9na-7jta-9yg4"},{"vulnerability":"VCID-u81s-cs95-4yhx"},{"vulnerability":"VCID-vbw8-4j9f-eya5"},{"vulnerability":"VCID-vpnc-yu7r-bqb6"},{"vulnerability":"VCID-y8bc-k5qu-c7f5"},{"vulnerability":"VCID-z356-tw9t-q7bp"},{"vulnerability":"VCID-zkz6-9t74-5bb4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.24%252B8-2~deb11u1"}],"aliases":["CVE-2022-21619"],"risk_score":1.6,"exploitability":"0.5","weighted_severity":"3.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fwv1-sj5y-xygd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/31966?format=json","vulnerability_id":"VCID-gjgy-dfq7-zfb2","summary":"Multiple vulnerabilities have been discovered in OpenJDK, the worst of which could lead to remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-22049.json","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-22049.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-22049","reference_id":"","reference_type":"","scores":[{"value":"0.00065","scoring_system":"epss","scoring_elements":"0.20289","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00065","scoring_system":"epss","scoring_elements":"0.20363","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00065","scoring_system":"epss","scoring_elements":"0.20392","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00065","scoring_system":"epss","scoring_elements":"0.20347","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00065","scoring_system":"epss","scoring_elements":"0.20223","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00065","scoring_system":"epss","scoring_elements":"0.20303","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00086","scoring_system":"epss","scoring_elements":"0.24864","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00086","scoring_system":"epss","scoring_elements":"0.24903","published_at":"2026-04-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-22049"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21930","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21930"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21937","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21937"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21938","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21938"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21939","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21939"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21954","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21954"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21967","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21967"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21968","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21968"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22006","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22006"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22036","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22036"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22041","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22041"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22045","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22045"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22049","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22049"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2221647","reference_id":"2221647","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2221647"},{"reference_url":"https://security.gentoo.org/glsa/202407-24","reference_id":"GLSA-202407-24","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202407-24"},{"reference_url":"https://security.gentoo.org/glsa/202412-07","reference_id":"GLSA-202412-07","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-07"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4157","reference_id":"RHSA-2023:4157","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4157"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4158","reference_id":"RHSA-2023:4158","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4158"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4159","reference_id":"RHSA-2023:4159","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4159"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4161","reference_id":"RHSA-2023:4161","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4161"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4162","reference_id":"RHSA-2023:4162","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4162"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4163","reference_id":"RHSA-2023:4163","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4163"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4164","reference_id":"RHSA-2023:4164","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4164"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4165","reference_id":"RHSA-2023:4165","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4165"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4166","reference_id":"RHSA-2023:4166","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4166"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4167","reference_id":"RHSA-2023:4167","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4167"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4168","reference_id":"RHSA-2023:4168","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4168"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4169","reference_id":"RHSA-2023:4169","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4169"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4170","reference_id":"RHSA-2023:4170","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4170"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4171","reference_id":"RHSA-2023:4171","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4171"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4172","reference_id":"RHSA-2023:4172","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4172"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4173","reference_id":"RHSA-2023:4173","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4173"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4174","reference_id":"RHSA-2023:4174","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4174"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4175","reference_id":"RHSA-2023:4175","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4175"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4176","reference_id":"RHSA-2023:4176","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4176"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4177","reference_id":"RHSA-2023:4177","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4177"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4178","reference_id":"RHSA-2023:4178","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4178"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4208","reference_id":"RHSA-2023:4208","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4208"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4209","reference_id":"RHSA-2023:4209","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4209"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4210","reference_id":"RHSA-2023:4210","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4210"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4211","reference_id":"RHSA-2023:4211","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4211"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4212","reference_id":"RHSA-2023:4212","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4212"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4233","reference_id":"RHSA-2023:4233","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4233"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4876","reference_id":"RHSA-2023:4876","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4876"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4877","reference_id":"RHSA-2023:4877","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4877"},{"reference_url":"https://usn.ubuntu.com/6263-1/","reference_id":"USN-6263-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6263-1/"},{"reference_url":"https://usn.ubuntu.com/6272-1/","reference_id":"USN-6272-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6272-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049131?format=json","purl":"pkg:deb/debian/openjdk-11@11.0.24%2B8-2~deb11u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11vj-5zz4-6fe7"},{"vulnerability":"VCID-13t7-vubq-8kae"},{"vulnerability":"VCID-4snj-etwf-eqe8"},{"vulnerability":"VCID-6196-gvhx-ruh8"},{"vulnerability":"VCID-9n5v-4daz-eyc2"},{"vulnerability":"VCID-apsn-z1br-3bdy"},{"vulnerability":"VCID-b32x-4pu4-jkh4"},{"vulnerability":"VCID-duy9-6f1p-vqah"},{"vulnerability":"VCID-e6dm-6767-9kdk"},{"vulnerability":"VCID-mt9c-tby1-wqe9"},{"vulnerability":"VCID-ntga-y6cv-a3df"},{"vulnerability":"VCID-nxx8-nehy-qyhg"},{"vulnerability":"VCID-p9na-7jta-9yg4"},{"vulnerability":"VCID-u81s-cs95-4yhx"},{"vulnerability":"VCID-vbw8-4j9f-eya5"},{"vulnerability":"VCID-vpnc-yu7r-bqb6"},{"vulnerability":"VCID-y8bc-k5qu-c7f5"},{"vulnerability":"VCID-z356-tw9t-q7bp"},{"vulnerability":"VCID-zkz6-9t74-5bb4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.24%252B8-2~deb11u1"}],"aliases":["CVE-2023-22049"],"risk_score":1.6,"exploitability":"0.5","weighted_severity":"3.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-gjgy-dfq7-zfb2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/34426?format=json","vulnerability_id":"VCID-h2w2-8e43-j3g6","summary":"Multiple vulnerabilities have been found in IcedTea, the worst of which could result in arbitrary code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21624.json","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21624.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-21624","reference_id":"","reference_type":"","scores":[{"value":"0.00201","scoring_system":"epss","scoring_elements":"0.42206","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00201","scoring_system":"epss","scoring_elements":"0.42234","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00201","scoring_system":"epss","scoring_elements":"0.42175","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00201","scoring_system":"epss","scoring_elements":"0.42226","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00201","scoring_system":"epss","scoring_elements":"0.42257","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00201","scoring_system":"epss","scoring_elements":"0.4222","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00201","scoring_system":"epss","scoring_elements":"0.42192","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-21624"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21618","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21618"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21619","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21619"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21624","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21624"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21626","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21626"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21628","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21628"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39399","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39399"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21835","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21835"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21843","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21843"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2133765","reference_id":"2133765","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2133765"},{"reference_url":"https://security.gentoo.org/glsa/202409-26","reference_id":"GLSA-202409-26","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202409-26"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:6999","reference_id":"RHSA-2022:6999","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:6999"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7000","reference_id":"RHSA-2022:7000","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7000"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7001","reference_id":"RHSA-2022:7001","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7001"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7002","reference_id":"RHSA-2022:7002","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7002"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7003","reference_id":"RHSA-2022:7003","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7003"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7004","reference_id":"RHSA-2022:7004","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7004"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7005","reference_id":"RHSA-2022:7005","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7005"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7006","reference_id":"RHSA-2022:7006","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7006"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7007","reference_id":"RHSA-2022:7007","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7007"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7008","reference_id":"RHSA-2022:7008","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7008"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7009","reference_id":"RHSA-2022:7009","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7009"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7010","reference_id":"RHSA-2022:7010","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7010"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7011","reference_id":"RHSA-2022:7011","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7011"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7012","reference_id":"RHSA-2022:7012","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7012"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7013","reference_id":"RHSA-2022:7013","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7013"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7049","reference_id":"RHSA-2022:7049","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7049"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7050","reference_id":"RHSA-2022:7050","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7050"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7051","reference_id":"RHSA-2022:7051","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7051"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7052","reference_id":"RHSA-2022:7052","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7052"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7053","reference_id":"RHSA-2022:7053","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7053"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7054","reference_id":"RHSA-2022:7054","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7054"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:8880","reference_id":"RHSA-2022:8880","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:8880"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0128","reference_id":"RHSA-2023:0128","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0128"},{"reference_url":"https://usn.ubuntu.com/5719-1/","reference_id":"USN-5719-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5719-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049131?format=json","purl":"pkg:deb/debian/openjdk-11@11.0.24%2B8-2~deb11u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11vj-5zz4-6fe7"},{"vulnerability":"VCID-13t7-vubq-8kae"},{"vulnerability":"VCID-4snj-etwf-eqe8"},{"vulnerability":"VCID-6196-gvhx-ruh8"},{"vulnerability":"VCID-9n5v-4daz-eyc2"},{"vulnerability":"VCID-apsn-z1br-3bdy"},{"vulnerability":"VCID-b32x-4pu4-jkh4"},{"vulnerability":"VCID-duy9-6f1p-vqah"},{"vulnerability":"VCID-e6dm-6767-9kdk"},{"vulnerability":"VCID-mt9c-tby1-wqe9"},{"vulnerability":"VCID-ntga-y6cv-a3df"},{"vulnerability":"VCID-nxx8-nehy-qyhg"},{"vulnerability":"VCID-p9na-7jta-9yg4"},{"vulnerability":"VCID-u81s-cs95-4yhx"},{"vulnerability":"VCID-vbw8-4j9f-eya5"},{"vulnerability":"VCID-vpnc-yu7r-bqb6"},{"vulnerability":"VCID-y8bc-k5qu-c7f5"},{"vulnerability":"VCID-z356-tw9t-q7bp"},{"vulnerability":"VCID-zkz6-9t74-5bb4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.24%252B8-2~deb11u1"}],"aliases":["CVE-2022-21624"],"risk_score":1.6,"exploitability":"0.5","weighted_severity":"3.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-h2w2-8e43-j3g6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/76840?format=json","vulnerability_id":"VCID-h7n1-qfs3-v3fw","summary":"OpenJDK: HTTP/2 client improper reverse DNS lookup (8315708)","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21012.json","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21012.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-21012","reference_id":"","reference_type":"","scores":[{"value":"0.00146","scoring_system":"epss","scoring_elements":"0.3498","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00146","scoring_system":"epss","scoring_elements":"0.35055","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00146","scoring_system":"epss","scoring_elements":"0.35082","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00146","scoring_system":"epss","scoring_elements":"0.34962","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00146","scoring_system":"epss","scoring_elements":"0.35007","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00146","scoring_system":"epss","scoring_elements":"0.35036","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00146","scoring_system":"epss","scoring_elements":"0.3504","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00146","scoring_system":"epss","scoring_elements":"0.35004","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-21012"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21011","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21011"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21012","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21012"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21068","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21068"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21085","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21085"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21094","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21094"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2274975","reference_id":"2274975","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2274975"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm:20.3.13:*:*:*:enterprise:*:*:*","reference_id":"cpe:2.3:a:oracle:graalvm:20.3.13:*:*:*:enterprise:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm:20.3.13:*:*:*:enterprise:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm:21.3.9:*:*:*:enterprise:*:*:*","reference_id":"cpe:2.3:a:oracle:graalvm:21.3.9:*:*:*:enterprise:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm:21.3.9:*:*:*:enterprise:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:17.0.10:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:graalvm_for_jdk:17.0.10:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:17.0.10:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:21.0.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:graalvm_for_jdk:21.0.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:21.0.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:22:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:graalvm_for_jdk:22:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:22:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:11.0.22:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:java_se:11.0.22:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:11.0.22:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:17.0.10:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:java_se:17.0.10:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:17.0.10:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:21.0.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:java_se:21.0.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:21.0.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:22:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:java_se:22:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:22:*:*:*:*:*:*:*"},{"reference_url":"https://www.oracle.com/security-alerts/cpuapr2024.html","reference_id":"cpuapr2024.html","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-26T15:15:43Z/"}],"url":"https://www.oracle.com/security-alerts/cpuapr2024.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2024/04/msg00014.html","reference_id":"msg00014.html","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-26T15:15:43Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2024/04/msg00014.html"},{"reference_url":"https://security.netapp.com/advisory/ntap-20240426-0004/","reference_id":"ntap-20240426-0004","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-26T15:15:43Z/"}],"url":"https://security.netapp.com/advisory/ntap-20240426-0004/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1819","reference_id":"RHSA-2024:1819","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1819"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1820","reference_id":"RHSA-2024:1820","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1820"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1821","reference_id":"RHSA-2024:1821","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1821"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1822","reference_id":"RHSA-2024:1822","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1822"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1823","reference_id":"RHSA-2024:1823","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1823"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1824","reference_id":"RHSA-2024:1824","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1824"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1825","reference_id":"RHSA-2024:1825","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1825"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1826","reference_id":"RHSA-2024:1826","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1826"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1827","reference_id":"RHSA-2024:1827","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1827"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1828","reference_id":"RHSA-2024:1828","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1828"},{"reference_url":"https://usn.ubuntu.com/6811-1/","reference_id":"USN-6811-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6811-1/"},{"reference_url":"https://usn.ubuntu.com/6812-1/","reference_id":"USN-6812-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6812-1/"},{"reference_url":"https://usn.ubuntu.com/6813-1/","reference_id":"USN-6813-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6813-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049131?format=json","purl":"pkg:deb/debian/openjdk-11@11.0.24%2B8-2~deb11u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11vj-5zz4-6fe7"},{"vulnerability":"VCID-13t7-vubq-8kae"},{"vulnerability":"VCID-4snj-etwf-eqe8"},{"vulnerability":"VCID-6196-gvhx-ruh8"},{"vulnerability":"VCID-9n5v-4daz-eyc2"},{"vulnerability":"VCID-apsn-z1br-3bdy"},{"vulnerability":"VCID-b32x-4pu4-jkh4"},{"vulnerability":"VCID-duy9-6f1p-vqah"},{"vulnerability":"VCID-e6dm-6767-9kdk"},{"vulnerability":"VCID-mt9c-tby1-wqe9"},{"vulnerability":"VCID-ntga-y6cv-a3df"},{"vulnerability":"VCID-nxx8-nehy-qyhg"},{"vulnerability":"VCID-p9na-7jta-9yg4"},{"vulnerability":"VCID-u81s-cs95-4yhx"},{"vulnerability":"VCID-vbw8-4j9f-eya5"},{"vulnerability":"VCID-vpnc-yu7r-bqb6"},{"vulnerability":"VCID-y8bc-k5qu-c7f5"},{"vulnerability":"VCID-z356-tw9t-q7bp"},{"vulnerability":"VCID-zkz6-9t74-5bb4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.24%252B8-2~deb11u1"}],"aliases":["CVE-2024-21012"],"risk_score":1.6,"exploitability":"0.5","weighted_severity":"3.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-h7n1-qfs3-v3fw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/76842?format=json","vulnerability_id":"VCID-htat-fksw-c3gk","summary":"OpenJDK: Pack200 excessive memory allocation (8322114)","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21085.json","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21085.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-21085","reference_id":"","reference_type":"","scores":[{"value":"0.00109","scoring_system":"epss","scoring_elements":"0.29114","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00109","scoring_system":"epss","scoring_elements":"0.29238","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00109","scoring_system":"epss","scoring_elements":"0.29288","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00109","scoring_system":"epss","scoring_elements":"0.29103","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00109","scoring_system":"epss","scoring_elements":"0.29166","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00109","scoring_system":"epss","scoring_elements":"0.29207","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00109","scoring_system":"epss","scoring_elements":"0.29213","published_at":"2026-04-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-21085"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21011","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21011"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21012","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21012"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21068","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21068"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21085","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21085"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21094","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21094"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1069678","reference_id":"1069678","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1069678"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2275001","reference_id":"2275001","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2275001"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm:20.3.13:*:*:*:enterprise:*:*:*","reference_id":"cpe:2.3:a:oracle:graalvm:20.3.13:*:*:*:enterprise:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm:20.3.13:*:*:*:enterprise:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm:21.3.9:*:*:*:enterprise:*:*:*","reference_id":"cpe:2.3:a:oracle:graalvm:21.3.9:*:*:*:enterprise:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm:21.3.9:*:*:*:enterprise:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:11.0.22:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:java_se:11.0.22:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:11.0.22:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:8u401:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:java_se:8u401:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:8u401:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:8u401:*:*:*:enterprise_performance:*:*:*","reference_id":"cpe:2.3:a:oracle:java_se:8u401:*:*:*:enterprise_performance:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:8u401:*:*:*:enterprise_performance:*:*:*"},{"reference_url":"https://www.oracle.com/security-alerts/cpuapr2024.html","reference_id":"cpuapr2024.html","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-13T20:35:49Z/"}],"url":"https://www.oracle.com/security-alerts/cpuapr2024.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2024/04/msg00014.html","reference_id":"msg00014.html","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-13T20:35:49Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2024/04/msg00014.html"},{"reference_url":"https://security.netapp.com/advisory/ntap-20240426-0004/","reference_id":"ntap-20240426-0004","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-13T20:35:49Z/"}],"url":"https://security.netapp.com/advisory/ntap-20240426-0004/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1815","reference_id":"RHSA-2024:1815","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1815"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1816","reference_id":"RHSA-2024:1816","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1816"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1817","reference_id":"RHSA-2024:1817","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1817"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1818","reference_id":"RHSA-2024:1818","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1818"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1819","reference_id":"RHSA-2024:1819","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1819"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1820","reference_id":"RHSA-2024:1820","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1820"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1821","reference_id":"RHSA-2024:1821","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1821"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1822","reference_id":"RHSA-2024:1822","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1822"},{"reference_url":"https://usn.ubuntu.com/6810-1/","reference_id":"USN-6810-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6810-1/"},{"reference_url":"https://usn.ubuntu.com/6811-1/","reference_id":"USN-6811-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6811-1/"},{"reference_url":"https://usn.ubuntu.com/7096-1/","reference_id":"USN-7096-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7096-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049131?format=json","purl":"pkg:deb/debian/openjdk-11@11.0.24%2B8-2~deb11u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11vj-5zz4-6fe7"},{"vulnerability":"VCID-13t7-vubq-8kae"},{"vulnerability":"VCID-4snj-etwf-eqe8"},{"vulnerability":"VCID-6196-gvhx-ruh8"},{"vulnerability":"VCID-9n5v-4daz-eyc2"},{"vulnerability":"VCID-apsn-z1br-3bdy"},{"vulnerability":"VCID-b32x-4pu4-jkh4"},{"vulnerability":"VCID-duy9-6f1p-vqah"},{"vulnerability":"VCID-e6dm-6767-9kdk"},{"vulnerability":"VCID-mt9c-tby1-wqe9"},{"vulnerability":"VCID-ntga-y6cv-a3df"},{"vulnerability":"VCID-nxx8-nehy-qyhg"},{"vulnerability":"VCID-p9na-7jta-9yg4"},{"vulnerability":"VCID-u81s-cs95-4yhx"},{"vulnerability":"VCID-vbw8-4j9f-eya5"},{"vulnerability":"VCID-vpnc-yu7r-bqb6"},{"vulnerability":"VCID-y8bc-k5qu-c7f5"},{"vulnerability":"VCID-z356-tw9t-q7bp"},{"vulnerability":"VCID-zkz6-9t74-5bb4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.24%252B8-2~deb11u1"}],"aliases":["CVE-2024-21085"],"risk_score":1.6,"exploitability":"0.5","weighted_severity":"3.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-htat-fksw-c3gk"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/34429?format=json","vulnerability_id":"VCID-jm9f-9y4b-qye7","summary":"Multiple vulnerabilities have been found in IcedTea, the worst of which could result in arbitrary code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-39399.json","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-39399.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-39399","reference_id":"","reference_type":"","scores":[{"value":"0.00286","scoring_system":"epss","scoring_elements":"0.52035","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00286","scoring_system":"epss","scoring_elements":"0.52061","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00286","scoring_system":"epss","scoring_elements":"0.52027","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00286","scoring_system":"epss","scoring_elements":"0.52081","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00286","scoring_system":"epss","scoring_elements":"0.52077","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00286","scoring_system":"epss","scoring_elements":"0.52129","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00286","scoring_system":"epss","scoring_elements":"0.52113","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00286","scoring_system":"epss","scoring_elements":"0.52098","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-39399"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21618","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21618"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21619","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21619"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21624","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21624"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21626","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21626"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21628","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21628"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39399","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39399"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21835","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21835"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21843","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21843"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2133776","reference_id":"2133776","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2133776"},{"reference_url":"https://security.gentoo.org/glsa/202409-26","reference_id":"GLSA-202409-26","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202409-26"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:6999","reference_id":"RHSA-2022:6999","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:6999"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7000","reference_id":"RHSA-2022:7000","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7000"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7001","reference_id":"RHSA-2022:7001","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7001"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7008","reference_id":"RHSA-2022:7008","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7008"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7009","reference_id":"RHSA-2022:7009","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7009"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7010","reference_id":"RHSA-2022:7010","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7010"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7011","reference_id":"RHSA-2022:7011","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7011"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7012","reference_id":"RHSA-2022:7012","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7012"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7013","reference_id":"RHSA-2022:7013","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7013"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7051","reference_id":"RHSA-2022:7051","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7051"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7052","reference_id":"RHSA-2022:7052","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7052"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7053","reference_id":"RHSA-2022:7053","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7053"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7054","reference_id":"RHSA-2022:7054","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7054"},{"reference_url":"https://usn.ubuntu.com/5719-1/","reference_id":"USN-5719-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5719-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049131?format=json","purl":"pkg:deb/debian/openjdk-11@11.0.24%2B8-2~deb11u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11vj-5zz4-6fe7"},{"vulnerability":"VCID-13t7-vubq-8kae"},{"vulnerability":"VCID-4snj-etwf-eqe8"},{"vulnerability":"VCID-6196-gvhx-ruh8"},{"vulnerability":"VCID-9n5v-4daz-eyc2"},{"vulnerability":"VCID-apsn-z1br-3bdy"},{"vulnerability":"VCID-b32x-4pu4-jkh4"},{"vulnerability":"VCID-duy9-6f1p-vqah"},{"vulnerability":"VCID-e6dm-6767-9kdk"},{"vulnerability":"VCID-mt9c-tby1-wqe9"},{"vulnerability":"VCID-ntga-y6cv-a3df"},{"vulnerability":"VCID-nxx8-nehy-qyhg"},{"vulnerability":"VCID-p9na-7jta-9yg4"},{"vulnerability":"VCID-u81s-cs95-4yhx"},{"vulnerability":"VCID-vbw8-4j9f-eya5"},{"vulnerability":"VCID-vpnc-yu7r-bqb6"},{"vulnerability":"VCID-y8bc-k5qu-c7f5"},{"vulnerability":"VCID-z356-tw9t-q7bp"},{"vulnerability":"VCID-zkz6-9t74-5bb4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.24%252B8-2~deb11u1"}],"aliases":["CVE-2022-39399"],"risk_score":1.6,"exploitability":"0.5","weighted_severity":"3.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-jm9f-9y4b-qye7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/31960?format=json","vulnerability_id":"VCID-jw6x-cntu-nfht","summary":"Multiple vulnerabilities have been discovered in OpenJDK, the worst of which could lead to remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-22036.json","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-22036.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-22036","reference_id":"","reference_type":"","scores":[{"value":"0.00097","scoring_system":"epss","scoring_elements":"0.26986","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00097","scoring_system":"epss","scoring_elements":"0.27022","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00097","scoring_system":"epss","scoring_elements":"0.26812","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00097","scoring_system":"epss","scoring_elements":"0.26881","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00097","scoring_system":"epss","scoring_elements":"0.26928","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00097","scoring_system":"epss","scoring_elements":"0.26932","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00097","scoring_system":"epss","scoring_elements":"0.26888","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00097","scoring_system":"epss","scoring_elements":"0.26831","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-22036"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21930","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21930"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21937","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21937"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21938","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21938"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21939","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21939"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21954","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21954"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21967","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21967"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21968","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21968"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22006","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22006"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22036","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22036"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22041","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22041"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22045","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22045"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22049","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22049"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2221634","reference_id":"2221634","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2221634"},{"reference_url":"https://security.gentoo.org/glsa/202407-24","reference_id":"GLSA-202407-24","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202407-24"},{"reference_url":"https://security.gentoo.org/glsa/202412-07","reference_id":"GLSA-202412-07","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-07"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4157","reference_id":"RHSA-2023:4157","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4157"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4158","reference_id":"RHSA-2023:4158","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4158"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4159","reference_id":"RHSA-2023:4159","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4159"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4161","reference_id":"RHSA-2023:4161","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4161"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4162","reference_id":"RHSA-2023:4162","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4162"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4163","reference_id":"RHSA-2023:4163","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4163"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4164","reference_id":"RHSA-2023:4164","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4164"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4165","reference_id":"RHSA-2023:4165","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4165"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4169","reference_id":"RHSA-2023:4169","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4169"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4170","reference_id":"RHSA-2023:4170","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4170"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4171","reference_id":"RHSA-2023:4171","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4171"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4175","reference_id":"RHSA-2023:4175","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4175"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4177","reference_id":"RHSA-2023:4177","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4177"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4208","reference_id":"RHSA-2023:4208","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4208"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4210","reference_id":"RHSA-2023:4210","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4210"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4211","reference_id":"RHSA-2023:4211","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4211"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4233","reference_id":"RHSA-2023:4233","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4233"},{"reference_url":"https://usn.ubuntu.com/6263-1/","reference_id":"USN-6263-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6263-1/"},{"reference_url":"https://usn.ubuntu.com/6272-1/","reference_id":"USN-6272-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6272-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049131?format=json","purl":"pkg:deb/debian/openjdk-11@11.0.24%2B8-2~deb11u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11vj-5zz4-6fe7"},{"vulnerability":"VCID-13t7-vubq-8kae"},{"vulnerability":"VCID-4snj-etwf-eqe8"},{"vulnerability":"VCID-6196-gvhx-ruh8"},{"vulnerability":"VCID-9n5v-4daz-eyc2"},{"vulnerability":"VCID-apsn-z1br-3bdy"},{"vulnerability":"VCID-b32x-4pu4-jkh4"},{"vulnerability":"VCID-duy9-6f1p-vqah"},{"vulnerability":"VCID-e6dm-6767-9kdk"},{"vulnerability":"VCID-mt9c-tby1-wqe9"},{"vulnerability":"VCID-ntga-y6cv-a3df"},{"vulnerability":"VCID-nxx8-nehy-qyhg"},{"vulnerability":"VCID-p9na-7jta-9yg4"},{"vulnerability":"VCID-u81s-cs95-4yhx"},{"vulnerability":"VCID-vbw8-4j9f-eya5"},{"vulnerability":"VCID-vpnc-yu7r-bqb6"},{"vulnerability":"VCID-y8bc-k5qu-c7f5"},{"vulnerability":"VCID-z356-tw9t-q7bp"},{"vulnerability":"VCID-zkz6-9t74-5bb4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.24%252B8-2~deb11u1"}],"aliases":["CVE-2023-22036"],"risk_score":1.6,"exploitability":"0.5","weighted_severity":"3.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-jw6x-cntu-nfht"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/31976?format=json","vulnerability_id":"VCID-jztz-7cuw-t7ep","summary":"Multiple vulnerabilities have been discovered in OpenJDK, the worst of which could lead to remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-20945.json","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-20945.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-20945","reference_id":"","reference_type":"","scores":[{"value":"0.0004","scoring_system":"epss","scoring_elements":"0.12193","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0004","scoring_system":"epss","scoring_elements":"0.1226","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0004","scoring_system":"epss","scoring_elements":"0.12267","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0004","scoring_system":"epss","scoring_elements":"0.12229","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0004","scoring_system":"epss","scoring_elements":"0.12285","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0004","scoring_system":"epss","scoring_elements":"0.12331","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0004","scoring_system":"epss","scoring_elements":"0.1213","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0004","scoring_system":"epss","scoring_elements":"0.12211","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-20945"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20918","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20918"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20919","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20919"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20921","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20921"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20926","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20926"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20932","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20932"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20945","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20945"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20952","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20952"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2257874","reference_id":"2257874","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2257874"},{"reference_url":"https://security.gentoo.org/glsa/202412-07","reference_id":"GLSA-202412-07","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-07"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0222","reference_id":"RHSA-2024:0222","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0222"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0223","reference_id":"RHSA-2024:0223","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0223"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0224","reference_id":"RHSA-2024:0224","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0224"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0225","reference_id":"RHSA-2024:0225","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0225"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0226","reference_id":"RHSA-2024:0226","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0226"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0228","reference_id":"RHSA-2024:0228","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0228"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0230","reference_id":"RHSA-2024:0230","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0230"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0231","reference_id":"RHSA-2024:0231","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0231"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0232","reference_id":"RHSA-2024:0232","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0232"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0233","reference_id":"RHSA-2024:0233","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0233"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0234","reference_id":"RHSA-2024:0234","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0234"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0235","reference_id":"RHSA-2024:0235","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0235"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0237","reference_id":"RHSA-2024:0237","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0237"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0239","reference_id":"RHSA-2024:0239","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0239"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0240","reference_id":"RHSA-2024:0240","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0240"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0241","reference_id":"RHSA-2024:0241","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0241"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0242","reference_id":"RHSA-2024:0242","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0242"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0244","reference_id":"RHSA-2024:0244","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0244"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0246","reference_id":"RHSA-2024:0246","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0246"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0247","reference_id":"RHSA-2024:0247","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0247"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0248","reference_id":"RHSA-2024:0248","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0248"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0249","reference_id":"RHSA-2024:0249","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0249"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0250","reference_id":"RHSA-2024:0250","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0250"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0265","reference_id":"RHSA-2024:0265","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0265"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0266","reference_id":"RHSA-2024:0266","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0266"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0267","reference_id":"RHSA-2024:0267","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0267"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1481","reference_id":"RHSA-2024:1481","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1481"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1482","reference_id":"RHSA-2024:1482","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1482"},{"reference_url":"https://usn.ubuntu.com/6660-1/","reference_id":"USN-6660-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6660-1/"},{"reference_url":"https://usn.ubuntu.com/6661-1/","reference_id":"USN-6661-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6661-1/"},{"reference_url":"https://usn.ubuntu.com/6662-1/","reference_id":"USN-6662-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6662-1/"},{"reference_url":"https://usn.ubuntu.com/6696-1/","reference_id":"USN-6696-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6696-1/"},{"reference_url":"https://usn.ubuntu.com/7096-1/","reference_id":"USN-7096-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7096-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049131?format=json","purl":"pkg:deb/debian/openjdk-11@11.0.24%2B8-2~deb11u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11vj-5zz4-6fe7"},{"vulnerability":"VCID-13t7-vubq-8kae"},{"vulnerability":"VCID-4snj-etwf-eqe8"},{"vulnerability":"VCID-6196-gvhx-ruh8"},{"vulnerability":"VCID-9n5v-4daz-eyc2"},{"vulnerability":"VCID-apsn-z1br-3bdy"},{"vulnerability":"VCID-b32x-4pu4-jkh4"},{"vulnerability":"VCID-duy9-6f1p-vqah"},{"vulnerability":"VCID-e6dm-6767-9kdk"},{"vulnerability":"VCID-mt9c-tby1-wqe9"},{"vulnerability":"VCID-ntga-y6cv-a3df"},{"vulnerability":"VCID-nxx8-nehy-qyhg"},{"vulnerability":"VCID-p9na-7jta-9yg4"},{"vulnerability":"VCID-u81s-cs95-4yhx"},{"vulnerability":"VCID-vbw8-4j9f-eya5"},{"vulnerability":"VCID-vpnc-yu7r-bqb6"},{"vulnerability":"VCID-y8bc-k5qu-c7f5"},{"vulnerability":"VCID-z356-tw9t-q7bp"},{"vulnerability":"VCID-zkz6-9t74-5bb4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.24%252B8-2~deb11u1"}],"aliases":["CVE-2024-20945"],"risk_score":2.1,"exploitability":"0.5","weighted_severity":"4.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-jztz-7cuw-t7ep"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/78474?format=json","vulnerability_id":"VCID-kq78-adbv-67a7","summary":"OpenJDK: improper connection handling during TLS handshake (8294474)","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-21930.json","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-21930.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-21930","reference_id":"","reference_type":"","scores":[{"value":"0.00155","scoring_system":"epss","scoring_elements":"0.36214","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00155","scoring_system":"epss","scoring_elements":"0.36276","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00155","scoring_system":"epss","scoring_elements":"0.36239","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00159","scoring_system":"epss","scoring_elements":"0.36941","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00159","scoring_system":"epss","scoring_elements":"0.36908","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00159","scoring_system":"epss","scoring_elements":"0.36839","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00159","scoring_system":"epss","scoring_elements":"0.36824","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00159","scoring_system":"epss","scoring_elements":"0.36774","published_at":"2026-04-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-21930"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21930","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21930"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21937","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21937"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21938","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21938"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21939","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21939"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21954","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21954"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21967","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21967"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21968","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21968"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22006","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22006"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22036","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22036"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22041","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22041"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22045","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22045"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22049","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22049"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1035957","reference_id":"1035957","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1035957"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036280","reference_id":"1036280","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036280"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2187435","reference_id":"2187435","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2187435"},{"reference_url":"https://www.debian.org/security/2023/dsa-5430","reference_id":"dsa-5430","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-22T19:44:31Z/"}],"url":"https://www.debian.org/security/2023/dsa-5430"},{"reference_url":"https://www.debian.org/security/2023/dsa-5478","reference_id":"dsa-5478","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-22T19:44:31Z/"}],"url":"https://www.debian.org/security/2023/dsa-5478"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2023/09/msg00018.html","reference_id":"msg00018.html","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-22T19:44:31Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2023/09/msg00018.html"},{"reference_url":"https://security.netapp.com/advisory/ntap-20230427-0008/","reference_id":"ntap-20230427-0008","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-22T19:44:31Z/"}],"url":"https://security.netapp.com/advisory/ntap-20230427-0008/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1875","reference_id":"RHSA-2023:1875","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1875"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1877","reference_id":"RHSA-2023:1877","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1877"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1878","reference_id":"RHSA-2023:1878","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1878"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1879","reference_id":"RHSA-2023:1879","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1879"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1880","reference_id":"RHSA-2023:1880","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1880"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1882","reference_id":"RHSA-2023:1882","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1882"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1883","reference_id":"RHSA-2023:1883","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1883"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1884","reference_id":"RHSA-2023:1884","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1884"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1885","reference_id":"RHSA-2023:1885","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1885"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1889","reference_id":"RHSA-2023:1889","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1889"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1890","reference_id":"RHSA-2023:1890","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1890"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1891","reference_id":"RHSA-2023:1891","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1891"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1892","reference_id":"RHSA-2023:1892","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1892"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1895","reference_id":"RHSA-2023:1895","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1895"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1898","reference_id":"RHSA-2023:1898","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1898"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1899","reference_id":"RHSA-2023:1899","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1899"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1900","reference_id":"RHSA-2023:1900","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1900"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1903","reference_id":"RHSA-2023:1903","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1903"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1904","reference_id":"RHSA-2023:1904","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1904"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1905","reference_id":"RHSA-2023:1905","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1905"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1906","reference_id":"RHSA-2023:1906","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1906"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1907","reference_id":"RHSA-2023:1907","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1907"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1908","reference_id":"RHSA-2023:1908","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1908"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1909","reference_id":"RHSA-2023:1909","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1909"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1910","reference_id":"RHSA-2023:1910","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1910"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1911","reference_id":"RHSA-2023:1911","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1911"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1912","reference_id":"RHSA-2023:1912","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1912"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4103","reference_id":"RHSA-2023:4103","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4103"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4160","reference_id":"RHSA-2023:4160","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4160"},{"reference_url":"https://usn.ubuntu.com/6077-1/","reference_id":"USN-6077-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6077-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049131?format=json","purl":"pkg:deb/debian/openjdk-11@11.0.24%2B8-2~deb11u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11vj-5zz4-6fe7"},{"vulnerability":"VCID-13t7-vubq-8kae"},{"vulnerability":"VCID-4snj-etwf-eqe8"},{"vulnerability":"VCID-6196-gvhx-ruh8"},{"vulnerability":"VCID-9n5v-4daz-eyc2"},{"vulnerability":"VCID-apsn-z1br-3bdy"},{"vulnerability":"VCID-b32x-4pu4-jkh4"},{"vulnerability":"VCID-duy9-6f1p-vqah"},{"vulnerability":"VCID-e6dm-6767-9kdk"},{"vulnerability":"VCID-mt9c-tby1-wqe9"},{"vulnerability":"VCID-ntga-y6cv-a3df"},{"vulnerability":"VCID-nxx8-nehy-qyhg"},{"vulnerability":"VCID-p9na-7jta-9yg4"},{"vulnerability":"VCID-u81s-cs95-4yhx"},{"vulnerability":"VCID-vbw8-4j9f-eya5"},{"vulnerability":"VCID-vpnc-yu7r-bqb6"},{"vulnerability":"VCID-y8bc-k5qu-c7f5"},{"vulnerability":"VCID-z356-tw9t-q7bp"},{"vulnerability":"VCID-zkz6-9t74-5bb4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.24%252B8-2~deb11u1"}],"aliases":["CVE-2023-21930"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-kq78-adbv-67a7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/74710?format=json","vulnerability_id":"VCID-n71d-tx76-vbbd","summary":"OpenJDK: Out-of-bounds access in 2D image handling (8324559)","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21145.json","reference_id":"","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21145.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-21145","reference_id":"","reference_type":"","scores":[{"value":"0.0045","scoring_system":"epss","scoring_elements":"0.6363","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0045","scoring_system":"epss","scoring_elements":"0.63636","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0045","scoring_system":"epss","scoring_elements":"0.63595","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0045","scoring_system":"epss","scoring_elements":"0.63647","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0045","scoring_system":"epss","scoring_elements":"0.63663","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0045","scoring_system":"epss","scoring_elements":"0.63678","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0045","scoring_system":"epss","scoring_elements":"0.63609","published_at":"2026-04-02T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-21145"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21131","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21131"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21138","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21138"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21140","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21140"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21144","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21144"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21145","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21145"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21147","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21147"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2297976","reference_id":"2297976","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2297976"},{"reference_url":"https://www.oracle.com/security-alerts/cpujul2024.html","reference_id":"cpujul2024.html","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-17T13:58:12Z/"}],"url":"https://www.oracle.com/security-alerts/cpujul2024.html"},{"reference_url":"https://security.netapp.com/advisory/ntap-20240719-0008/","reference_id":"ntap-20240719-0008","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-17T13:58:12Z/"}],"url":"https://security.netapp.com/advisory/ntap-20240719-0008/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4560","reference_id":"RHSA-2024:4560","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4560"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4561","reference_id":"RHSA-2024:4561","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4561"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4562","reference_id":"RHSA-2024:4562","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4562"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4563","reference_id":"RHSA-2024:4563","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4563"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4564","reference_id":"RHSA-2024:4564","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4564"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4565","reference_id":"RHSA-2024:4565","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4565"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4566","reference_id":"RHSA-2024:4566","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4566"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4567","reference_id":"RHSA-2024:4567","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4567"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4568","reference_id":"RHSA-2024:4568","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4568"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4569","reference_id":"RHSA-2024:4569","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4569"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4570","reference_id":"RHSA-2024:4570","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4570"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4571","reference_id":"RHSA-2024:4571","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4571"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4572","reference_id":"RHSA-2024:4572","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4572"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4573","reference_id":"RHSA-2024:4573","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4573"},{"reference_url":"https://usn.ubuntu.com/6929-1/","reference_id":"USN-6929-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6929-1/"},{"reference_url":"https://usn.ubuntu.com/6930-1/","reference_id":"USN-6930-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6930-1/"},{"reference_url":"https://usn.ubuntu.com/6931-1/","reference_id":"USN-6931-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6931-1/"},{"reference_url":"https://usn.ubuntu.com/6932-1/","reference_id":"USN-6932-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6932-1/"},{"reference_url":"https://usn.ubuntu.com/7096-1/","reference_id":"USN-7096-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7096-1/"},{"reference_url":"https://usn.ubuntu.com/7097-1/","reference_id":"USN-7097-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7097-1/"},{"reference_url":"https://usn.ubuntu.com/7098-1/","reference_id":"USN-7098-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7098-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049131?format=json","purl":"pkg:deb/debian/openjdk-11@11.0.24%2B8-2~deb11u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11vj-5zz4-6fe7"},{"vulnerability":"VCID-13t7-vubq-8kae"},{"vulnerability":"VCID-4snj-etwf-eqe8"},{"vulnerability":"VCID-6196-gvhx-ruh8"},{"vulnerability":"VCID-9n5v-4daz-eyc2"},{"vulnerability":"VCID-apsn-z1br-3bdy"},{"vulnerability":"VCID-b32x-4pu4-jkh4"},{"vulnerability":"VCID-duy9-6f1p-vqah"},{"vulnerability":"VCID-e6dm-6767-9kdk"},{"vulnerability":"VCID-mt9c-tby1-wqe9"},{"vulnerability":"VCID-ntga-y6cv-a3df"},{"vulnerability":"VCID-nxx8-nehy-qyhg"},{"vulnerability":"VCID-p9na-7jta-9yg4"},{"vulnerability":"VCID-u81s-cs95-4yhx"},{"vulnerability":"VCID-vbw8-4j9f-eya5"},{"vulnerability":"VCID-vpnc-yu7r-bqb6"},{"vulnerability":"VCID-y8bc-k5qu-c7f5"},{"vulnerability":"VCID-z356-tw9t-q7bp"},{"vulnerability":"VCID-zkz6-9t74-5bb4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.24%252B8-2~deb11u1"}],"aliases":["CVE-2024-21145"],"risk_score":2.1,"exploitability":"0.5","weighted_severity":"4.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-n71d-tx76-vbbd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/31970?format=json","vulnerability_id":"VCID-nr6u-aysf-7kgk","summary":"Multiple vulnerabilities have been discovered in OpenJDK, the worst of which could lead to remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-20919.json","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-20919.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-20919","reference_id":"","reference_type":"","scores":[{"value":"0.0017","scoring_system":"epss","scoring_elements":"0.38196","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0017","scoring_system":"epss","scoring_elements":"0.38237","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0017","scoring_system":"epss","scoring_elements":"0.38255","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0017","scoring_system":"epss","scoring_elements":"0.3822","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0017","scoring_system":"epss","scoring_elements":"0.38286","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0017","scoring_system":"epss","scoring_elements":"0.38309","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0017","scoring_system":"epss","scoring_elements":"0.38178","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0017","scoring_system":"epss","scoring_elements":"0.38228","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-20919"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20918","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20918"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20919","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20919"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20921","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20921"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20926","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20926"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20932","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20932"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20945","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20945"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20952","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20952"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2257853","reference_id":"2257853","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2257853"},{"reference_url":"https://security.gentoo.org/glsa/202412-07","reference_id":"GLSA-202412-07","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-07"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0222","reference_id":"RHSA-2024:0222","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0222"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0223","reference_id":"RHSA-2024:0223","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0223"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0224","reference_id":"RHSA-2024:0224","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0224"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0225","reference_id":"RHSA-2024:0225","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0225"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0226","reference_id":"RHSA-2024:0226","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0226"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0228","reference_id":"RHSA-2024:0228","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0228"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0230","reference_id":"RHSA-2024:0230","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0230"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0231","reference_id":"RHSA-2024:0231","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0231"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0232","reference_id":"RHSA-2024:0232","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0232"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0233","reference_id":"RHSA-2024:0233","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0233"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0234","reference_id":"RHSA-2024:0234","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0234"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0235","reference_id":"RHSA-2024:0235","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0235"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0237","reference_id":"RHSA-2024:0237","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0237"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0239","reference_id":"RHSA-2024:0239","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0239"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0240","reference_id":"RHSA-2024:0240","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0240"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0241","reference_id":"RHSA-2024:0241","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0241"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0242","reference_id":"RHSA-2024:0242","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0242"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0244","reference_id":"RHSA-2024:0244","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0244"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0246","reference_id":"RHSA-2024:0246","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0246"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0247","reference_id":"RHSA-2024:0247","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0247"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0248","reference_id":"RHSA-2024:0248","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0248"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0249","reference_id":"RHSA-2024:0249","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0249"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0250","reference_id":"RHSA-2024:0250","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0250"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0265","reference_id":"RHSA-2024:0265","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0265"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0266","reference_id":"RHSA-2024:0266","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0266"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0267","reference_id":"RHSA-2024:0267","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0267"},{"reference_url":"https://usn.ubuntu.com/6660-1/","reference_id":"USN-6660-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6660-1/"},{"reference_url":"https://usn.ubuntu.com/6661-1/","reference_id":"USN-6661-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6661-1/"},{"reference_url":"https://usn.ubuntu.com/6662-1/","reference_id":"USN-6662-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6662-1/"},{"reference_url":"https://usn.ubuntu.com/6696-1/","reference_id":"USN-6696-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6696-1/"},{"reference_url":"https://usn.ubuntu.com/7096-1/","reference_id":"USN-7096-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7096-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049131?format=json","purl":"pkg:deb/debian/openjdk-11@11.0.24%2B8-2~deb11u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11vj-5zz4-6fe7"},{"vulnerability":"VCID-13t7-vubq-8kae"},{"vulnerability":"VCID-4snj-etwf-eqe8"},{"vulnerability":"VCID-6196-gvhx-ruh8"},{"vulnerability":"VCID-9n5v-4daz-eyc2"},{"vulnerability":"VCID-apsn-z1br-3bdy"},{"vulnerability":"VCID-b32x-4pu4-jkh4"},{"vulnerability":"VCID-duy9-6f1p-vqah"},{"vulnerability":"VCID-e6dm-6767-9kdk"},{"vulnerability":"VCID-mt9c-tby1-wqe9"},{"vulnerability":"VCID-ntga-y6cv-a3df"},{"vulnerability":"VCID-nxx8-nehy-qyhg"},{"vulnerability":"VCID-p9na-7jta-9yg4"},{"vulnerability":"VCID-u81s-cs95-4yhx"},{"vulnerability":"VCID-vbw8-4j9f-eya5"},{"vulnerability":"VCID-vpnc-yu7r-bqb6"},{"vulnerability":"VCID-y8bc-k5qu-c7f5"},{"vulnerability":"VCID-z356-tw9t-q7bp"},{"vulnerability":"VCID-zkz6-9t74-5bb4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.24%252B8-2~deb11u1"}],"aliases":["CVE-2024-20919"],"risk_score":2.6,"exploitability":"0.5","weighted_severity":"5.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-nr6u-aysf-7kgk"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/78478?format=json","vulnerability_id":"VCID-q5gr-6u92-6ybk","summary":"OpenJDK: incorrect handling of NULL characters in ProcessBuilder (8295304)","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-21938.json","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-21938.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-21938","reference_id":"","reference_type":"","scores":[{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.25149","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.24993","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.25188","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.2496","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.25029","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.25073","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.25087","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.25047","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-21938"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21930","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21930"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21937","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21937"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21938","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21938"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21939","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21939"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21954","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21954"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21967","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21967"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21968","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21968"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22006","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22006"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22036","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22036"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22041","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22041"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22045","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22045"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22049","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22049"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1035957","reference_id":"1035957","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1035957"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036280","reference_id":"1036280","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036280"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2187758","reference_id":"2187758","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2187758"},{"reference_url":"https://www.debian.org/security/2023/dsa-5430","reference_id":"dsa-5430","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-16T14:39:35Z/"}],"url":"https://www.debian.org/security/2023/dsa-5430"},{"reference_url":"https://www.debian.org/security/2023/dsa-5478","reference_id":"dsa-5478","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-16T14:39:35Z/"}],"url":"https://www.debian.org/security/2023/dsa-5478"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2023/09/msg00018.html","reference_id":"msg00018.html","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-16T14:39:35Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2023/09/msg00018.html"},{"reference_url":"https://security.netapp.com/advisory/ntap-20230427-0008/","reference_id":"ntap-20230427-0008","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-16T14:39:35Z/"}],"url":"https://security.netapp.com/advisory/ntap-20230427-0008/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1875","reference_id":"RHSA-2023:1875","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1875"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1877","reference_id":"RHSA-2023:1877","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1877"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1878","reference_id":"RHSA-2023:1878","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1878"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1879","reference_id":"RHSA-2023:1879","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1879"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1880","reference_id":"RHSA-2023:1880","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1880"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1882","reference_id":"RHSA-2023:1882","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1882"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1883","reference_id":"RHSA-2023:1883","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1883"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1884","reference_id":"RHSA-2023:1884","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1884"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1885","reference_id":"RHSA-2023:1885","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1885"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1889","reference_id":"RHSA-2023:1889","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1889"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1890","reference_id":"RHSA-2023:1890","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1890"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1891","reference_id":"RHSA-2023:1891","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1891"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1892","reference_id":"RHSA-2023:1892","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1892"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1895","reference_id":"RHSA-2023:1895","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1895"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1898","reference_id":"RHSA-2023:1898","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1898"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1899","reference_id":"RHSA-2023:1899","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1899"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1900","reference_id":"RHSA-2023:1900","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1900"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1903","reference_id":"RHSA-2023:1903","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1903"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1904","reference_id":"RHSA-2023:1904","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1904"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1905","reference_id":"RHSA-2023:1905","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1905"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1906","reference_id":"RHSA-2023:1906","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1906"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1907","reference_id":"RHSA-2023:1907","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1907"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1908","reference_id":"RHSA-2023:1908","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1908"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1909","reference_id":"RHSA-2023:1909","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1909"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1910","reference_id":"RHSA-2023:1910","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1910"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1911","reference_id":"RHSA-2023:1911","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1911"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1912","reference_id":"RHSA-2023:1912","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1912"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4103","reference_id":"RHSA-2023:4103","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4103"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4160","reference_id":"RHSA-2023:4160","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4160"},{"reference_url":"https://usn.ubuntu.com/6077-1/","reference_id":"USN-6077-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6077-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049131?format=json","purl":"pkg:deb/debian/openjdk-11@11.0.24%2B8-2~deb11u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11vj-5zz4-6fe7"},{"vulnerability":"VCID-13t7-vubq-8kae"},{"vulnerability":"VCID-4snj-etwf-eqe8"},{"vulnerability":"VCID-6196-gvhx-ruh8"},{"vulnerability":"VCID-9n5v-4daz-eyc2"},{"vulnerability":"VCID-apsn-z1br-3bdy"},{"vulnerability":"VCID-b32x-4pu4-jkh4"},{"vulnerability":"VCID-duy9-6f1p-vqah"},{"vulnerability":"VCID-e6dm-6767-9kdk"},{"vulnerability":"VCID-mt9c-tby1-wqe9"},{"vulnerability":"VCID-ntga-y6cv-a3df"},{"vulnerability":"VCID-nxx8-nehy-qyhg"},{"vulnerability":"VCID-p9na-7jta-9yg4"},{"vulnerability":"VCID-u81s-cs95-4yhx"},{"vulnerability":"VCID-vbw8-4j9f-eya5"},{"vulnerability":"VCID-vpnc-yu7r-bqb6"},{"vulnerability":"VCID-y8bc-k5qu-c7f5"},{"vulnerability":"VCID-z356-tw9t-q7bp"},{"vulnerability":"VCID-zkz6-9t74-5bb4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.24%252B8-2~deb11u1"}],"aliases":["CVE-2023-21938"],"risk_score":1.6,"exploitability":"0.5","weighted_severity":"3.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-q5gr-6u92-6ybk"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/74709?format=json","vulnerability_id":"VCID-q9r9-wkqu-6bhu","summary":"OpenJDK: Pack200 increase loading time due to improper header validation (8322106)","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21144.json","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21144.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-21144","reference_id":"","reference_type":"","scores":[{"value":"0.00048","scoring_system":"epss","scoring_elements":"0.14775","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00048","scoring_system":"epss","scoring_elements":"0.14764","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00048","scoring_system":"epss","scoring_elements":"0.14855","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00048","scoring_system":"epss","scoring_elements":"0.14909","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00048","scoring_system":"epss","scoring_elements":"0.1487","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00048","scoring_system":"epss","scoring_elements":"0.14833","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00048","scoring_system":"epss","scoring_elements":"0.14886","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00048","scoring_system":"epss","scoring_elements":"0.14962","published_at":"2026-04-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-21144"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21131","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21131"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21138","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21138"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21140","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21140"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21144","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21144"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21145","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21145"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21147","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21147"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2297964","reference_id":"2297964","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2297964"},{"reference_url":"https://www.oracle.com/security-alerts/cpujul2024.html","reference_id":"cpujul2024.html","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-17T14:20:24Z/"}],"url":"https://www.oracle.com/security-alerts/cpujul2024.html"},{"reference_url":"https://security.netapp.com/advisory/ntap-20240719-0007/","reference_id":"ntap-20240719-0007","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-17T14:20:24Z/"}],"url":"https://security.netapp.com/advisory/ntap-20240719-0007/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4560","reference_id":"RHSA-2024:4560","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4560"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4561","reference_id":"RHSA-2024:4561","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4561"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4562","reference_id":"RHSA-2024:4562","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4562"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4563","reference_id":"RHSA-2024:4563","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4563"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4564","reference_id":"RHSA-2024:4564","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4564"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4565","reference_id":"RHSA-2024:4565","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4565"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4566","reference_id":"RHSA-2024:4566","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4566"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4567","reference_id":"RHSA-2024:4567","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4567"},{"reference_url":"https://usn.ubuntu.com/6929-1/","reference_id":"USN-6929-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6929-1/"},{"reference_url":"https://usn.ubuntu.com/6930-1/","reference_id":"USN-6930-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6930-1/"},{"reference_url":"https://usn.ubuntu.com/7096-1/","reference_id":"USN-7096-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7096-1/"},{"reference_url":"https://usn.ubuntu.com/7097-1/","reference_id":"USN-7097-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7097-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049131?format=json","purl":"pkg:deb/debian/openjdk-11@11.0.24%2B8-2~deb11u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11vj-5zz4-6fe7"},{"vulnerability":"VCID-13t7-vubq-8kae"},{"vulnerability":"VCID-4snj-etwf-eqe8"},{"vulnerability":"VCID-6196-gvhx-ruh8"},{"vulnerability":"VCID-9n5v-4daz-eyc2"},{"vulnerability":"VCID-apsn-z1br-3bdy"},{"vulnerability":"VCID-b32x-4pu4-jkh4"},{"vulnerability":"VCID-duy9-6f1p-vqah"},{"vulnerability":"VCID-e6dm-6767-9kdk"},{"vulnerability":"VCID-mt9c-tby1-wqe9"},{"vulnerability":"VCID-ntga-y6cv-a3df"},{"vulnerability":"VCID-nxx8-nehy-qyhg"},{"vulnerability":"VCID-p9na-7jta-9yg4"},{"vulnerability":"VCID-u81s-cs95-4yhx"},{"vulnerability":"VCID-vbw8-4j9f-eya5"},{"vulnerability":"VCID-vpnc-yu7r-bqb6"},{"vulnerability":"VCID-y8bc-k5qu-c7f5"},{"vulnerability":"VCID-z356-tw9t-q7bp"},{"vulnerability":"VCID-zkz6-9t74-5bb4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.24%252B8-2~deb11u1"}],"aliases":["CVE-2024-21144"],"risk_score":1.6,"exploitability":"0.5","weighted_severity":"3.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-q9r9-wkqu-6bhu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/53969?format=json","vulnerability_id":"VCID-rfs8-njaq-qkc8","summary":"Apache Xalan Java XSLT library integer truncation issue when processing malicious XSLT stylesheets\nThe Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets. This can be used to corrupt Java class files generated by the internal XSLTC compiler and execute arbitrary Java bytecode.\n\nA fix for this issue was published in September 2022 as part of an anticipated 2.7.3 release.","references":[{"reference_url":"http://packetstormsecurity.com/files/168186/Xalan-J-XSLTC-Integer-Truncation.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://packetstormsecurity.com/files/168186/Xalan-J-XSLTC-Integer-Truncation.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-34169.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-34169.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-34169","reference_id":"","reference_type":"","scores":[{"value":"0.06658","scoring_system":"epss","scoring_elements":"0.91212","published_at":"2026-04-11T12:55:00Z"},{"value":"0.06658","scoring_system":"epss","scoring_elements":"0.91206","published_at":"2026-04-09T12:55:00Z"},{"value":"0.06658","scoring_system":"epss","scoring_elements":"0.91199","published_at":"2026-04-08T12:55:00Z"},{"value":"0.06658","scoring_system":"epss","scoring_elements":"0.91186","published_at":"2026-04-07T12:55:00Z"},{"value":"0.06658","scoring_system":"epss","scoring_elements":"0.91216","published_at":"2026-04-12T12:55:00Z"},{"value":"0.06658","scoring_system":"epss","scoring_elements":"0.91215","published_at":"2026-04-13T12:55:00Z"},{"value":"0.08992","scoring_system":"epss","scoring_elements":"0.92592","published_at":"2026-04-04T12:55:00Z"},{"value":"0.08992","scoring_system":"epss","scoring_elements":"0.92585","published_at":"2026-04-02T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-34169"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21540","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21540"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21541","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21541"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21549","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21549"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34169","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34169"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://gitbox.apache.org/repos/asf?p=xalan-java.git","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://gitbox.apache.org/repos/asf?p=xalan-java.git"},{"reference_url":"https://gitbox.apache.org/repos/asf?p=xalan-java.git;a=commit;h=2e60d0a9a5b822c4abf9051857973b1c6babfe81","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://gitbox.apache.org/repos/asf?p=xalan-java.git;a=commit;h=2e60d0a9a5b822c4abf9051857973b1c6babfe81"},{"reference_url":"https://gitbox.apache.org/repos/asf?p=xalan-java.git;a=commit;h=ab57211e5d2e97cbed06786f919fa9b749c83573","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://gitbox.apache.org/repos/asf?p=xalan-java.git;a=commit;h=ab57211e5d2e97cbed06786f919fa9b749c83573"},{"reference_url":"https://gitbox.apache.org/repos/asf?p=xalan-java.git;a=commit;h=da3e0d06b467247643ce04e88d3346739d119f21","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://gitbox.apache.org/repos/asf?p=xalan-java.git;a=commit;h=da3e0d06b467247643ce04e88d3346739d119f21"},{"reference_url":"https://lists.apache.org/thread/12pxy4phsry6c34x2ol4fft6xlho4kyw","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread/12pxy4phsry6c34x2ol4fft6xlho4kyw"},{"reference_url":"https://lists.apache.org/thread/2qvl7r43wb4t8p9dd9om1bnkssk07sn8","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread/2qvl7r43wb4t8p9dd9om1bnkssk07sn8"},{"reference_url":"https://lists.apache.org/thread/x3f7xv3p1g32qj2hlg8wd57pwcpld471","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread/x3f7xv3p1g32qj2hlg8wd57pwcpld471"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2022/10/msg00024.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.debian.org/debian-lts-announce/2022/10/msg00024.html"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/H4YNJSJ64NPCNKFPNBYITNZU5H3L4D6L","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/H4YNJSJ64NPCNKFPNBYITNZU5H3L4D6L"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I5OZNAZJ4YHLOKRRRZSWRT5OJ25E4XLM","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I5OZNAZJ4YHLOKRRRZSWRT5OJ25E4XLM"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JN3EVGR7FD3ZLV5SBTJXUIDCMSK4QUE2","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JN3EVGR7FD3ZLV5SBTJXUIDCMSK4QUE2"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KO3DXNKZ4EU3UZBT6AAR4XRKCD73KLMO","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KO3DXNKZ4EU3UZBT6AAR4XRKCD73KLMO"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L3XPOTPPBZIPFBZHQE5E7OW6PDACUMCJ","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L3XPOTPPBZIPFBZHQE5E7OW6PDACUMCJ"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YULPNO3PAWMEQQZV2C54I3H3ZOXFZUTB","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YULPNO3PAWMEQQZV2C54I3H3ZOXFZUTB"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/H4YNJSJ64NPCNKFPNBYITNZU5H3L4D6L","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/H4YNJSJ64NPCNKFPNBYITNZU5H3L4D6L"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I5OZNAZJ4YHLOKRRRZSWRT5OJ25E4XLM","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I5OZNAZJ4YHLOKRRRZSWRT5OJ25E4XLM"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JN3EVGR7FD3ZLV5SBTJXUIDCMSK4QUE2","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JN3EVGR7FD3ZLV5SBTJXUIDCMSK4QUE2"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KO3DXNKZ4EU3UZBT6AAR4XRKCD73KLMO","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KO3DXNKZ4EU3UZBT6AAR4XRKCD73KLMO"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L3XPOTPPBZIPFBZHQE5E7OW6PDACUMCJ","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L3XPOTPPBZIPFBZHQE5E7OW6PDACUMCJ"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YULPNO3PAWMEQQZV2C54I3H3ZOXFZUTB","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YULPNO3PAWMEQQZV2C54I3H3ZOXFZUTB"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-34169","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-34169"},{"reference_url":"https://security.gentoo.org/glsa/202401-25","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.gentoo.org/glsa/202401-25"},{"reference_url":"https://security.netapp.com/advisory/ntap-20220729-0009","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.netapp.com/advisory/ntap-20220729-0009"},{"reference_url":"https://security.netapp.com/advisory/ntap-20240621-0006","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.netapp.com/advisory/ntap-20240621-0006"},{"reference_url":"https://www.debian.org/security/2022/dsa-5188","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.debian.org/security/2022/dsa-5188"},{"reference_url":"https://www.debian.org/security/2022/dsa-5192","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.debian.org/security/2022/dsa-5192"},{"reference_url":"https://www.debian.org/security/2022/dsa-5256","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.debian.org/security/2022/dsa-5256"},{"reference_url":"https://www.oracle.com/security-alerts/cpujul2022.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.oracle.com/security-alerts/cpujul2022.html"},{"reference_url":"https://xalan.apache.org","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://xalan.apache.org"},{"reference_url":"http://www.openwall.com/lists/oss-security/2022/07/19/5","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2022/07/19/5"},{"reference_url":"http://www.openwall.com/lists/oss-security/2022/07/19/6","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2022/07/19/6"},{"reference_url":"http://www.openwall.com/lists/oss-security/2022/07/20/2","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2022/07/20/2"},{"reference_url":"http://www.openwall.com/lists/oss-security/2022/07/20/3","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2022/07/20/3"},{"reference_url":"http://www.openwall.com/lists/oss-security/2022/10/18/2","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2022/10/18/2"},{"reference_url":"http://www.openwall.com/lists/oss-security/2022/11/04/8","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2022/11/04/8"},{"reference_url":"http://www.openwall.com/lists/oss-security/2022/11/07/2","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2022/11/07/2"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1015860","reference_id":"1015860","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1015860"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2108554","reference_id":"2108554","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2108554"},{"reference_url":"https://github.com/advisories/GHSA-9339-86wc-4qgf","reference_id":"GHSA-9339-86wc-4qgf","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-9339-86wc-4qgf"},{"reference_url":"https://security.gentoo.org/glsa/202405-16","reference_id":"GLSA-202405-16","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202405-16"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5681","reference_id":"RHSA-2022:5681","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5681"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5683","reference_id":"RHSA-2022:5683","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5683"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5684","reference_id":"RHSA-2022:5684","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5684"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5685","reference_id":"RHSA-2022:5685","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5685"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5687","reference_id":"RHSA-2022:5687","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5687"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5695","reference_id":"RHSA-2022:5695","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5695"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5696","reference_id":"RHSA-2022:5696","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5696"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5697","reference_id":"RHSA-2022:5697","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5697"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5698","reference_id":"RHSA-2022:5698","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5698"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5700","reference_id":"RHSA-2022:5700","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5700"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5701","reference_id":"RHSA-2022:5701","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5701"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5709","reference_id":"RHSA-2022:5709","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5709"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5726","reference_id":"RHSA-2022:5726","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5726"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5736","reference_id":"RHSA-2022:5736","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5736"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5753","reference_id":"RHSA-2022:5753","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5753"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5754","reference_id":"RHSA-2022:5754","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5754"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5755","reference_id":"RHSA-2022:5755","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5755"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5756","reference_id":"RHSA-2022:5756","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5756"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5757","reference_id":"RHSA-2022:5757","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5757"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5758","reference_id":"RHSA-2022:5758","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5758"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:3708","reference_id":"RHSA-2024:3708","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:3708"},{"reference_url":"https://usn.ubuntu.com/5546-1/","reference_id":"USN-5546-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5546-1/"},{"reference_url":"https://usn.ubuntu.com/5546-2/","reference_id":"USN-5546-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5546-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1037803?format=json","purl":"pkg:deb/debian/openjdk-11@11.0.16%2B8-1~deb10u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11vj-5zz4-6fe7"},{"vulnerability":"VCID-13t7-vubq-8kae"},{"vulnerability":"VCID-2tju-1r8k-sbf9"},{"vulnerability":"VCID-3tav-ffar-hfhb"},{"vulnerability":"VCID-47ae-xdqr-6qgb"},{"vulnerability":"VCID-4snj-etwf-eqe8"},{"vulnerability":"VCID-5et1-ytak-xqh7"},{"vulnerability":"VCID-6196-gvhx-ruh8"},{"vulnerability":"VCID-76rb-sg3r-bqce"},{"vulnerability":"VCID-8cup-qnc8-wudx"},{"vulnerability":"VCID-8wud-7t2q-xfa3"},{"vulnerability":"VCID-9n5v-4daz-eyc2"},{"vulnerability":"VCID-9urr-3gt2-mfhe"},{"vulnerability":"VCID-9uzg-sja9-hkcy"},{"vulnerability":"VCID-a282-ksr4-j3cu"},{"vulnerability":"VCID-a3xk-3wya-s3gm"},{"vulnerability":"VCID-a59u-h67v-yygm"},{"vulnerability":"VCID-apsn-z1br-3bdy"},{"vulnerability":"VCID-b32x-4pu4-jkh4"},{"vulnerability":"VCID-duy9-6f1p-vqah"},{"vulnerability":"VCID-dwh6-xw5k-mqg8"},{"vulnerability":"VCID-dyg2-udwy-cud7"},{"vulnerability":"VCID-e6dm-6767-9kdk"},{"vulnerability":"VCID-fau4-ajny-nfbd"},{"vulnerability":"VCID-fhj9-p1gx-c7hp"},{"vulnerability":"VCID-fwk5-wqvn-4qaz"},{"vulnerability":"VCID-fwv1-sj5y-xygd"},{"vulnerability":"VCID-gjgy-dfq7-zfb2"},{"vulnerability":"VCID-h2w2-8e43-j3g6"},{"vulnerability":"VCID-h7n1-qfs3-v3fw"},{"vulnerability":"VCID-htat-fksw-c3gk"},{"vulnerability":"VCID-jm9f-9y4b-qye7"},{"vulnerability":"VCID-jw6x-cntu-nfht"},{"vulnerability":"VCID-jztz-7cuw-t7ep"},{"vulnerability":"VCID-kq78-adbv-67a7"},{"vulnerability":"VCID-mt9c-tby1-wqe9"},{"vulnerability":"VCID-n71d-tx76-vbbd"},{"vulnerability":"VCID-nr6u-aysf-7kgk"},{"vulnerability":"VCID-ntga-y6cv-a3df"},{"vulnerability":"VCID-nxx8-nehy-qyhg"},{"vulnerability":"VCID-p9na-7jta-9yg4"},{"vulnerability":"VCID-q5gr-6u92-6ybk"},{"vulnerability":"VCID-q9r9-wkqu-6bhu"},{"vulnerability":"VCID-rfs8-njaq-qkc8"},{"vulnerability":"VCID-rggy-f3va-mfay"},{"vulnerability":"VCID-t4r8-ujpb-5kdk"},{"vulnerability":"VCID-t5sp-ea5b-f7af"},{"vulnerability":"VCID-u81s-cs95-4yhx"},{"vulnerability":"VCID-um54-6ggz-gqf9"},{"vulnerability":"VCID-vbw8-4j9f-eya5"},{"vulnerability":"VCID-vpnc-yu7r-bqb6"},{"vulnerability":"VCID-wn4r-ugaa-5ydb"},{"vulnerability":"VCID-x4ms-sbj7-aufu"},{"vulnerability":"VCID-xk2v-7cgk-13ex"},{"vulnerability":"VCID-y8bc-k5qu-c7f5"},{"vulnerability":"VCID-z356-tw9t-q7bp"},{"vulnerability":"VCID-zdra-bzqn-4ug9"},{"vulnerability":"VCID-zgpr-3zft-zqgt"},{"vulnerability":"VCID-zkz6-9t74-5bb4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.16%252B8-1~deb10u1"},{"url":"http://public2.vulnerablecode.io/api/packages/1049131?format=json","purl":"pkg:deb/debian/openjdk-11@11.0.24%2B8-2~deb11u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11vj-5zz4-6fe7"},{"vulnerability":"VCID-13t7-vubq-8kae"},{"vulnerability":"VCID-4snj-etwf-eqe8"},{"vulnerability":"VCID-6196-gvhx-ruh8"},{"vulnerability":"VCID-9n5v-4daz-eyc2"},{"vulnerability":"VCID-apsn-z1br-3bdy"},{"vulnerability":"VCID-b32x-4pu4-jkh4"},{"vulnerability":"VCID-duy9-6f1p-vqah"},{"vulnerability":"VCID-e6dm-6767-9kdk"},{"vulnerability":"VCID-mt9c-tby1-wqe9"},{"vulnerability":"VCID-ntga-y6cv-a3df"},{"vulnerability":"VCID-nxx8-nehy-qyhg"},{"vulnerability":"VCID-p9na-7jta-9yg4"},{"vulnerability":"VCID-u81s-cs95-4yhx"},{"vulnerability":"VCID-vbw8-4j9f-eya5"},{"vulnerability":"VCID-vpnc-yu7r-bqb6"},{"vulnerability":"VCID-y8bc-k5qu-c7f5"},{"vulnerability":"VCID-z356-tw9t-q7bp"},{"vulnerability":"VCID-zkz6-9t74-5bb4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.24%252B8-2~deb11u1"}],"aliases":["CVE-2022-34169","GHSA-9339-86wc-4qgf"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-rfs8-njaq-qkc8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/74713?format=json","vulnerability_id":"VCID-rggy-f3va-mfay","summary":"OpenJDK: RangeCheckElimination array index overflow (8323231)","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21147.json","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21147.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-21147","reference_id":"","reference_type":"","scores":[{"value":"0.00721","scoring_system":"epss","scoring_elements":"0.7248","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00721","scoring_system":"epss","scoring_elements":"0.72434","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00721","scoring_system":"epss","scoring_elements":"0.72472","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00721","scoring_system":"epss","scoring_elements":"0.72485","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00721","scoring_system":"epss","scoring_elements":"0.72508","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00721","scoring_system":"epss","scoring_elements":"0.7249","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00721","scoring_system":"epss","scoring_elements":"0.7244","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00721","scoring_system":"epss","scoring_elements":"0.72458","published_at":"2026-04-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-21147"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21131","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21131"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21138","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21138"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21140","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21140"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21144","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21144"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21145","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21145"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21147","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21147"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2297977","reference_id":"2297977","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2297977"},{"reference_url":"https://www.oracle.com/security-alerts/cpujul2024.html","reference_id":"cpujul2024.html","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-17T13:58:31Z/"}],"url":"https://www.oracle.com/security-alerts/cpujul2024.html"},{"reference_url":"https://security.netapp.com/advisory/ntap-20240719-0008/","reference_id":"ntap-20240719-0008","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-17T13:58:31Z/"}],"url":"https://security.netapp.com/advisory/ntap-20240719-0008/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4560","reference_id":"RHSA-2024:4560","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4560"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4561","reference_id":"RHSA-2024:4561","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4561"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4562","reference_id":"RHSA-2024:4562","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4562"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4563","reference_id":"RHSA-2024:4563","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4563"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4564","reference_id":"RHSA-2024:4564","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4564"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4565","reference_id":"RHSA-2024:4565","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4565"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4566","reference_id":"RHSA-2024:4566","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4566"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4567","reference_id":"RHSA-2024:4567","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4567"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4568","reference_id":"RHSA-2024:4568","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4568"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4569","reference_id":"RHSA-2024:4569","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4569"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4570","reference_id":"RHSA-2024:4570","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4570"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4571","reference_id":"RHSA-2024:4571","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4571"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4572","reference_id":"RHSA-2024:4572","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4572"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4573","reference_id":"RHSA-2024:4573","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4573"},{"reference_url":"https://usn.ubuntu.com/6929-1/","reference_id":"USN-6929-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6929-1/"},{"reference_url":"https://usn.ubuntu.com/6930-1/","reference_id":"USN-6930-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6930-1/"},{"reference_url":"https://usn.ubuntu.com/6931-1/","reference_id":"USN-6931-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6931-1/"},{"reference_url":"https://usn.ubuntu.com/6932-1/","reference_id":"USN-6932-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6932-1/"},{"reference_url":"https://usn.ubuntu.com/7096-1/","reference_id":"USN-7096-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7096-1/"},{"reference_url":"https://usn.ubuntu.com/7097-1/","reference_id":"USN-7097-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7097-1/"},{"reference_url":"https://usn.ubuntu.com/7098-1/","reference_id":"USN-7098-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7098-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049131?format=json","purl":"pkg:deb/debian/openjdk-11@11.0.24%2B8-2~deb11u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11vj-5zz4-6fe7"},{"vulnerability":"VCID-13t7-vubq-8kae"},{"vulnerability":"VCID-4snj-etwf-eqe8"},{"vulnerability":"VCID-6196-gvhx-ruh8"},{"vulnerability":"VCID-9n5v-4daz-eyc2"},{"vulnerability":"VCID-apsn-z1br-3bdy"},{"vulnerability":"VCID-b32x-4pu4-jkh4"},{"vulnerability":"VCID-duy9-6f1p-vqah"},{"vulnerability":"VCID-e6dm-6767-9kdk"},{"vulnerability":"VCID-mt9c-tby1-wqe9"},{"vulnerability":"VCID-ntga-y6cv-a3df"},{"vulnerability":"VCID-nxx8-nehy-qyhg"},{"vulnerability":"VCID-p9na-7jta-9yg4"},{"vulnerability":"VCID-u81s-cs95-4yhx"},{"vulnerability":"VCID-vbw8-4j9f-eya5"},{"vulnerability":"VCID-vpnc-yu7r-bqb6"},{"vulnerability":"VCID-y8bc-k5qu-c7f5"},{"vulnerability":"VCID-z356-tw9t-q7bp"},{"vulnerability":"VCID-zkz6-9t74-5bb4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.24%252B8-2~deb11u1"}],"aliases":["CVE-2024-21147"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-rggy-f3va-mfay"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60301?format=json","vulnerability_id":"VCID-t4r8-ujpb-5kdk","summary":"Multiple vulnerabilities have been discovered in OpenJDK, the worst of which can lead to remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21541.json","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21541.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-21541","reference_id":"","reference_type":"","scores":[{"value":"0.00401","scoring_system":"epss","scoring_elements":"0.60711","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00401","scoring_system":"epss","scoring_elements":"0.60761","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00401","scoring_system":"epss","scoring_elements":"0.60741","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00401","scoring_system":"epss","scoring_elements":"0.60706","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00401","scoring_system":"epss","scoring_elements":"0.60755","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00401","scoring_system":"epss","scoring_elements":"0.6077","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00401","scoring_system":"epss","scoring_elements":"0.60795","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00401","scoring_system":"epss","scoring_elements":"0.60781","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-21541"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21540","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21540"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21541","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21541"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21549","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21549"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34169","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34169"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2108543","reference_id":"2108543","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2108543"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/H4YNJSJ64NPCNKFPNBYITNZU5H3L4D6L/","reference_id":"H4YNJSJ64NPCNKFPNBYITNZU5H3L4D6L","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-11T20:42:01Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/H4YNJSJ64NPCNKFPNBYITNZU5H3L4D6L/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I5OZNAZJ4YHLOKRRRZSWRT5OJ25E4XLM/","reference_id":"I5OZNAZJ4YHLOKRRRZSWRT5OJ25E4XLM","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-11T20:42:01Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I5OZNAZJ4YHLOKRRRZSWRT5OJ25E4XLM/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JN3EVGR7FD3ZLV5SBTJXUIDCMSK4QUE2/","reference_id":"JN3EVGR7FD3ZLV5SBTJXUIDCMSK4QUE2","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-11T20:42:01Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JN3EVGR7FD3ZLV5SBTJXUIDCMSK4QUE2/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KO3DXNKZ4EU3UZBT6AAR4XRKCD73KLMO/","reference_id":"KO3DXNKZ4EU3UZBT6AAR4XRKCD73KLMO","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-11T20:42:01Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KO3DXNKZ4EU3UZBT6AAR4XRKCD73KLMO/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L3XPOTPPBZIPFBZHQE5E7OW6PDACUMCJ/","reference_id":"L3XPOTPPBZIPFBZHQE5E7OW6PDACUMCJ","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-11T20:42:01Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L3XPOTPPBZIPFBZHQE5E7OW6PDACUMCJ/"},{"reference_url":"https://security.netapp.com/advisory/ntap-20220729-0009/","reference_id":"ntap-20220729-0009","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-11T20:42:01Z/"}],"url":"https://security.netapp.com/advisory/ntap-20220729-0009/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5681","reference_id":"RHSA-2022:5681","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5681"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5683","reference_id":"RHSA-2022:5683","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5683"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5684","reference_id":"RHSA-2022:5684","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5684"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5685","reference_id":"RHSA-2022:5685","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5685"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5687","reference_id":"RHSA-2022:5687","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5687"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5695","reference_id":"RHSA-2022:5695","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5695"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5696","reference_id":"RHSA-2022:5696","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5696"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5697","reference_id":"RHSA-2022:5697","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5697"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5698","reference_id":"RHSA-2022:5698","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5698"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5700","reference_id":"RHSA-2022:5700","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5700"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5701","reference_id":"RHSA-2022:5701","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5701"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5709","reference_id":"RHSA-2022:5709","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5709"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5726","reference_id":"RHSA-2022:5726","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5726"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5736","reference_id":"RHSA-2022:5736","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5736"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5753","reference_id":"RHSA-2022:5753","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5753"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5754","reference_id":"RHSA-2022:5754","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5754"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5755","reference_id":"RHSA-2022:5755","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5755"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5756","reference_id":"RHSA-2022:5756","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5756"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5757","reference_id":"RHSA-2022:5757","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5757"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5758","reference_id":"RHSA-2022:5758","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5758"},{"reference_url":"https://usn.ubuntu.com/5546-1/","reference_id":"USN-5546-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5546-1/"},{"reference_url":"https://usn.ubuntu.com/5546-2/","reference_id":"USN-5546-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5546-2/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YULPNO3PAWMEQQZV2C54I3H3ZOXFZUTB/","reference_id":"YULPNO3PAWMEQQZV2C54I3H3ZOXFZUTB","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-11T20:42:01Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YULPNO3PAWMEQQZV2C54I3H3ZOXFZUTB/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1037803?format=json","purl":"pkg:deb/debian/openjdk-11@11.0.16%2B8-1~deb10u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11vj-5zz4-6fe7"},{"vulnerability":"VCID-13t7-vubq-8kae"},{"vulnerability":"VCID-2tju-1r8k-sbf9"},{"vulnerability":"VCID-3tav-ffar-hfhb"},{"vulnerability":"VCID-47ae-xdqr-6qgb"},{"vulnerability":"VCID-4snj-etwf-eqe8"},{"vulnerability":"VCID-5et1-ytak-xqh7"},{"vulnerability":"VCID-6196-gvhx-ruh8"},{"vulnerability":"VCID-76rb-sg3r-bqce"},{"vulnerability":"VCID-8cup-qnc8-wudx"},{"vulnerability":"VCID-8wud-7t2q-xfa3"},{"vulnerability":"VCID-9n5v-4daz-eyc2"},{"vulnerability":"VCID-9urr-3gt2-mfhe"},{"vulnerability":"VCID-9uzg-sja9-hkcy"},{"vulnerability":"VCID-a282-ksr4-j3cu"},{"vulnerability":"VCID-a3xk-3wya-s3gm"},{"vulnerability":"VCID-a59u-h67v-yygm"},{"vulnerability":"VCID-apsn-z1br-3bdy"},{"vulnerability":"VCID-b32x-4pu4-jkh4"},{"vulnerability":"VCID-duy9-6f1p-vqah"},{"vulnerability":"VCID-dwh6-xw5k-mqg8"},{"vulnerability":"VCID-dyg2-udwy-cud7"},{"vulnerability":"VCID-e6dm-6767-9kdk"},{"vulnerability":"VCID-fau4-ajny-nfbd"},{"vulnerability":"VCID-fhj9-p1gx-c7hp"},{"vulnerability":"VCID-fwk5-wqvn-4qaz"},{"vulnerability":"VCID-fwv1-sj5y-xygd"},{"vulnerability":"VCID-gjgy-dfq7-zfb2"},{"vulnerability":"VCID-h2w2-8e43-j3g6"},{"vulnerability":"VCID-h7n1-qfs3-v3fw"},{"vulnerability":"VCID-htat-fksw-c3gk"},{"vulnerability":"VCID-jm9f-9y4b-qye7"},{"vulnerability":"VCID-jw6x-cntu-nfht"},{"vulnerability":"VCID-jztz-7cuw-t7ep"},{"vulnerability":"VCID-kq78-adbv-67a7"},{"vulnerability":"VCID-mt9c-tby1-wqe9"},{"vulnerability":"VCID-n71d-tx76-vbbd"},{"vulnerability":"VCID-nr6u-aysf-7kgk"},{"vulnerability":"VCID-ntga-y6cv-a3df"},{"vulnerability":"VCID-nxx8-nehy-qyhg"},{"vulnerability":"VCID-p9na-7jta-9yg4"},{"vulnerability":"VCID-q5gr-6u92-6ybk"},{"vulnerability":"VCID-q9r9-wkqu-6bhu"},{"vulnerability":"VCID-rfs8-njaq-qkc8"},{"vulnerability":"VCID-rggy-f3va-mfay"},{"vulnerability":"VCID-t4r8-ujpb-5kdk"},{"vulnerability":"VCID-t5sp-ea5b-f7af"},{"vulnerability":"VCID-u81s-cs95-4yhx"},{"vulnerability":"VCID-um54-6ggz-gqf9"},{"vulnerability":"VCID-vbw8-4j9f-eya5"},{"vulnerability":"VCID-vpnc-yu7r-bqb6"},{"vulnerability":"VCID-wn4r-ugaa-5ydb"},{"vulnerability":"VCID-x4ms-sbj7-aufu"},{"vulnerability":"VCID-xk2v-7cgk-13ex"},{"vulnerability":"VCID-y8bc-k5qu-c7f5"},{"vulnerability":"VCID-z356-tw9t-q7bp"},{"vulnerability":"VCID-zdra-bzqn-4ug9"},{"vulnerability":"VCID-zgpr-3zft-zqgt"},{"vulnerability":"VCID-zkz6-9t74-5bb4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.16%252B8-1~deb10u1"},{"url":"http://public2.vulnerablecode.io/api/packages/1049131?format=json","purl":"pkg:deb/debian/openjdk-11@11.0.24%2B8-2~deb11u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11vj-5zz4-6fe7"},{"vulnerability":"VCID-13t7-vubq-8kae"},{"vulnerability":"VCID-4snj-etwf-eqe8"},{"vulnerability":"VCID-6196-gvhx-ruh8"},{"vulnerability":"VCID-9n5v-4daz-eyc2"},{"vulnerability":"VCID-apsn-z1br-3bdy"},{"vulnerability":"VCID-b32x-4pu4-jkh4"},{"vulnerability":"VCID-duy9-6f1p-vqah"},{"vulnerability":"VCID-e6dm-6767-9kdk"},{"vulnerability":"VCID-mt9c-tby1-wqe9"},{"vulnerability":"VCID-ntga-y6cv-a3df"},{"vulnerability":"VCID-nxx8-nehy-qyhg"},{"vulnerability":"VCID-p9na-7jta-9yg4"},{"vulnerability":"VCID-u81s-cs95-4yhx"},{"vulnerability":"VCID-vbw8-4j9f-eya5"},{"vulnerability":"VCID-vpnc-yu7r-bqb6"},{"vulnerability":"VCID-y8bc-k5qu-c7f5"},{"vulnerability":"VCID-z356-tw9t-q7bp"},{"vulnerability":"VCID-zkz6-9t74-5bb4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.24%252B8-2~deb11u1"}],"aliases":["CVE-2022-21541"],"risk_score":2.6,"exploitability":"0.5","weighted_severity":"5.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-t4r8-ujpb-5kdk"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/34427?format=json","vulnerability_id":"VCID-t5sp-ea5b-f7af","summary":"Multiple vulnerabilities have been found in IcedTea, the worst of which could result in arbitrary code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21626.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21626.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-21626","reference_id":"","reference_type":"","scores":[{"value":"0.00242","scoring_system":"epss","scoring_elements":"0.47467","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00242","scoring_system":"epss","scoring_elements":"0.47488","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00242","scoring_system":"epss","scoring_elements":"0.47437","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00242","scoring_system":"epss","scoring_elements":"0.47492","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00242","scoring_system":"epss","scoring_elements":"0.4749","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00242","scoring_system":"epss","scoring_elements":"0.47511","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00242","scoring_system":"epss","scoring_elements":"0.47487","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00242","scoring_system":"epss","scoring_elements":"0.47494","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-21626"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21619","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21619"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21624","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21624"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21626","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21626"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21628","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21628"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39399","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39399"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21835","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21835"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21843","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21843"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2133753","reference_id":"2133753","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2133753"},{"reference_url":"https://security.gentoo.org/glsa/202409-26","reference_id":"GLSA-202409-26","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202409-26"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:6999","reference_id":"RHSA-2022:6999","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:6999"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7000","reference_id":"RHSA-2022:7000","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7000"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7001","reference_id":"RHSA-2022:7001","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7001"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7002","reference_id":"RHSA-2022:7002","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7002"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7003","reference_id":"RHSA-2022:7003","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7003"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7004","reference_id":"RHSA-2022:7004","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7004"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7005","reference_id":"RHSA-2022:7005","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7005"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7006","reference_id":"RHSA-2022:7006","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7006"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7007","reference_id":"RHSA-2022:7007","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7007"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7008","reference_id":"RHSA-2022:7008","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7008"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7009","reference_id":"RHSA-2022:7009","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7009"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7010","reference_id":"RHSA-2022:7010","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7010"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7011","reference_id":"RHSA-2022:7011","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7011"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7012","reference_id":"RHSA-2022:7012","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7012"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7013","reference_id":"RHSA-2022:7013","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7013"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7049","reference_id":"RHSA-2022:7049","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7049"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7050","reference_id":"RHSA-2022:7050","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7050"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7051","reference_id":"RHSA-2022:7051","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7051"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7052","reference_id":"RHSA-2022:7052","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7052"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7053","reference_id":"RHSA-2022:7053","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7053"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7054","reference_id":"RHSA-2022:7054","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7054"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:8880","reference_id":"RHSA-2022:8880","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:8880"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0128","reference_id":"RHSA-2023:0128","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0128"},{"reference_url":"https://usn.ubuntu.com/5719-1/","reference_id":"USN-5719-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5719-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049131?format=json","purl":"pkg:deb/debian/openjdk-11@11.0.24%2B8-2~deb11u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11vj-5zz4-6fe7"},{"vulnerability":"VCID-13t7-vubq-8kae"},{"vulnerability":"VCID-4snj-etwf-eqe8"},{"vulnerability":"VCID-6196-gvhx-ruh8"},{"vulnerability":"VCID-9n5v-4daz-eyc2"},{"vulnerability":"VCID-apsn-z1br-3bdy"},{"vulnerability":"VCID-b32x-4pu4-jkh4"},{"vulnerability":"VCID-duy9-6f1p-vqah"},{"vulnerability":"VCID-e6dm-6767-9kdk"},{"vulnerability":"VCID-mt9c-tby1-wqe9"},{"vulnerability":"VCID-ntga-y6cv-a3df"},{"vulnerability":"VCID-nxx8-nehy-qyhg"},{"vulnerability":"VCID-p9na-7jta-9yg4"},{"vulnerability":"VCID-u81s-cs95-4yhx"},{"vulnerability":"VCID-vbw8-4j9f-eya5"},{"vulnerability":"VCID-vpnc-yu7r-bqb6"},{"vulnerability":"VCID-y8bc-k5qu-c7f5"},{"vulnerability":"VCID-z356-tw9t-q7bp"},{"vulnerability":"VCID-zkz6-9t74-5bb4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.24%252B8-2~deb11u1"}],"aliases":["CVE-2022-21626"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-t5sp-ea5b-f7af"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/34428?format=json","vulnerability_id":"VCID-um54-6ggz-gqf9","summary":"Multiple vulnerabilities have been found in IcedTea, the worst of which could result in arbitrary code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21628.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21628.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-21628","reference_id":"","reference_type":"","scores":[{"value":"0.00248","scoring_system":"epss","scoring_elements":"0.48077","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00248","scoring_system":"epss","scoring_elements":"0.48105","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00248","scoring_system":"epss","scoring_elements":"0.48098","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00248","scoring_system":"epss","scoring_elements":"0.48048","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00248","scoring_system":"epss","scoring_elements":"0.48101","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00248","scoring_system":"epss","scoring_elements":"0.48096","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00248","scoring_system":"epss","scoring_elements":"0.48119","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00248","scoring_system":"epss","scoring_elements":"0.48094","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-21628"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21618","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21618"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21619","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21619"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21624","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21624"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21626","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21626"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21628","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21628"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39399","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39399"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21835","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21835"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21843","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21843"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2133769","reference_id":"2133769","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2133769"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/37QDWJBGEPP65X43NXQTXQ7KASLUHON6/","reference_id":"37QDWJBGEPP65X43NXQTXQ7KASLUHON6","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-23T16:44:33Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/37QDWJBGEPP65X43NXQTXQ7KASLUHON6/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3ARF4QF4N3X5GSFHXUBWARGLISGKJ33R/","reference_id":"3ARF4QF4N3X5GSFHXUBWARGLISGKJ33R","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-23T16:44:33Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3ARF4QF4N3X5GSFHXUBWARGLISGKJ33R/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3QLQ7OD33W6LT3HWI7VYDFFJLV75Y73K/","reference_id":"3QLQ7OD33W6LT3HWI7VYDFFJLV75Y73K","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-23T16:44:33Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3QLQ7OD33W6LT3HWI7VYDFFJLV75Y73K/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EXSBV3W6EP6B7XJ63Z2FPVBH6HAPGJ5T/","reference_id":"EXSBV3W6EP6B7XJ63Z2FPVBH6HAPGJ5T","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-23T16:44:33Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EXSBV3W6EP6B7XJ63Z2FPVBH6HAPGJ5T/"},{"reference_url":"https://security.gentoo.org/glsa/202409-26","reference_id":"GLSA-202409-26","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202409-26"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HNGMDNIHAA73BEX6XPA2IMXJSGOKKYE6/","reference_id":"HNGMDNIHAA73BEX6XPA2IMXJSGOKKYE6","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-23T16:44:33Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HNGMDNIHAA73BEX6XPA2IMXJSGOKKYE6/"},{"reference_url":"https://security.netapp.com/advisory/ntap-20221028-0012/","reference_id":"ntap-20221028-0012","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-23T16:44:33Z/"}],"url":"https://security.netapp.com/advisory/ntap-20221028-0012/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PB3CIGOFG7CENUVVE4FFZT2HI5FO77XU/","reference_id":"PB3CIGOFG7CENUVVE4FFZT2HI5FO77XU","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-23T16:44:33Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PB3CIGOFG7CENUVVE4FFZT2HI5FO77XU/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:6999","reference_id":"RHSA-2022:6999","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:6999"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7000","reference_id":"RHSA-2022:7000","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7000"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7001","reference_id":"RHSA-2022:7001","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7001"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7002","reference_id":"RHSA-2022:7002","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7002"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7003","reference_id":"RHSA-2022:7003","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7003"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7004","reference_id":"RHSA-2022:7004","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7004"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7005","reference_id":"RHSA-2022:7005","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7005"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7006","reference_id":"RHSA-2022:7006","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7006"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7007","reference_id":"RHSA-2022:7007","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7007"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7008","reference_id":"RHSA-2022:7008","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7008"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7009","reference_id":"RHSA-2022:7009","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7009"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7010","reference_id":"RHSA-2022:7010","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7010"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7011","reference_id":"RHSA-2022:7011","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7011"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7012","reference_id":"RHSA-2022:7012","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7012"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7013","reference_id":"RHSA-2022:7013","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7013"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7049","reference_id":"RHSA-2022:7049","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7049"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7050","reference_id":"RHSA-2022:7050","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7050"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7051","reference_id":"RHSA-2022:7051","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7051"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7052","reference_id":"RHSA-2022:7052","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7052"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7053","reference_id":"RHSA-2022:7053","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7053"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7054","reference_id":"RHSA-2022:7054","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7054"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:8880","reference_id":"RHSA-2022:8880","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:8880"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0128","reference_id":"RHSA-2023:0128","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0128"},{"reference_url":"https://usn.ubuntu.com/5719-1/","reference_id":"USN-5719-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5719-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049131?format=json","purl":"pkg:deb/debian/openjdk-11@11.0.24%2B8-2~deb11u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11vj-5zz4-6fe7"},{"vulnerability":"VCID-13t7-vubq-8kae"},{"vulnerability":"VCID-4snj-etwf-eqe8"},{"vulnerability":"VCID-6196-gvhx-ruh8"},{"vulnerability":"VCID-9n5v-4daz-eyc2"},{"vulnerability":"VCID-apsn-z1br-3bdy"},{"vulnerability":"VCID-b32x-4pu4-jkh4"},{"vulnerability":"VCID-duy9-6f1p-vqah"},{"vulnerability":"VCID-e6dm-6767-9kdk"},{"vulnerability":"VCID-mt9c-tby1-wqe9"},{"vulnerability":"VCID-ntga-y6cv-a3df"},{"vulnerability":"VCID-nxx8-nehy-qyhg"},{"vulnerability":"VCID-p9na-7jta-9yg4"},{"vulnerability":"VCID-u81s-cs95-4yhx"},{"vulnerability":"VCID-vbw8-4j9f-eya5"},{"vulnerability":"VCID-vpnc-yu7r-bqb6"},{"vulnerability":"VCID-y8bc-k5qu-c7f5"},{"vulnerability":"VCID-z356-tw9t-q7bp"},{"vulnerability":"VCID-zkz6-9t74-5bb4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.24%252B8-2~deb11u1"}],"aliases":["CVE-2022-21628"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-um54-6ggz-gqf9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/31969?format=json","vulnerability_id":"VCID-wn4r-ugaa-5ydb","summary":"Multiple vulnerabilities have been discovered in OpenJDK, the worst of which could lead to remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-20918.json","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-20918.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-20918","reference_id":"","reference_type":"","scores":[{"value":"0.00238","scoring_system":"epss","scoring_elements":"0.46944","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00238","scoring_system":"epss","scoring_elements":"0.46923","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00238","scoring_system":"epss","scoring_elements":"0.4694","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00238","scoring_system":"epss","scoring_elements":"0.46888","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00238","scoring_system":"epss","scoring_elements":"0.46942","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00238","scoring_system":"epss","scoring_elements":"0.46939","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00238","scoring_system":"epss","scoring_elements":"0.46963","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00238","scoring_system":"epss","scoring_elements":"0.46936","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-20918"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20918","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20918"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20919","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20919"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20921","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20921"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20926","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20926"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20932","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20932"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20945","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20945"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20952","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20952"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2257728","reference_id":"2257728","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2257728"},{"reference_url":"https://security.gentoo.org/glsa/202412-07","reference_id":"GLSA-202412-07","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-07"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2024/01/msg00023.html","reference_id":"msg00023.html","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-01-25T05:01:02Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2024/01/msg00023.html"},{"reference_url":"https://security.netapp.com/advisory/ntap-20240201-0002/","reference_id":"ntap-20240201-0002","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-01-25T05:01:02Z/"}],"url":"https://security.netapp.com/advisory/ntap-20240201-0002/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0222","reference_id":"RHSA-2024:0222","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0222"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0223","reference_id":"RHSA-2024:0223","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0223"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0224","reference_id":"RHSA-2024:0224","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0224"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0225","reference_id":"RHSA-2024:0225","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0225"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0226","reference_id":"RHSA-2024:0226","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0226"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0228","reference_id":"RHSA-2024:0228","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0228"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0230","reference_id":"RHSA-2024:0230","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0230"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0231","reference_id":"RHSA-2024:0231","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0231"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0232","reference_id":"RHSA-2024:0232","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0232"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0233","reference_id":"RHSA-2024:0233","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0233"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0234","reference_id":"RHSA-2024:0234","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0234"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0235","reference_id":"RHSA-2024:0235","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0235"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0237","reference_id":"RHSA-2024:0237","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0237"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0239","reference_id":"RHSA-2024:0239","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0239"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0240","reference_id":"RHSA-2024:0240","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0240"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0241","reference_id":"RHSA-2024:0241","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0241"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0242","reference_id":"RHSA-2024:0242","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0242"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0244","reference_id":"RHSA-2024:0244","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0244"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0246","reference_id":"RHSA-2024:0246","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0246"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0247","reference_id":"RHSA-2024:0247","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0247"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0248","reference_id":"RHSA-2024:0248","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0248"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0249","reference_id":"RHSA-2024:0249","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0249"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0250","reference_id":"RHSA-2024:0250","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0250"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0265","reference_id":"RHSA-2024:0265","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0265"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0266","reference_id":"RHSA-2024:0266","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0266"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0267","reference_id":"RHSA-2024:0267","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0267"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1481","reference_id":"RHSA-2024:1481","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1481"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1482","reference_id":"RHSA-2024:1482","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1482"},{"reference_url":"https://usn.ubuntu.com/6660-1/","reference_id":"USN-6660-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6660-1/"},{"reference_url":"https://usn.ubuntu.com/6661-1/","reference_id":"USN-6661-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6661-1/"},{"reference_url":"https://usn.ubuntu.com/6662-1/","reference_id":"USN-6662-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6662-1/"},{"reference_url":"https://usn.ubuntu.com/6696-1/","reference_id":"USN-6696-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6696-1/"},{"reference_url":"https://usn.ubuntu.com/7096-1/","reference_id":"USN-7096-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7096-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049131?format=json","purl":"pkg:deb/debian/openjdk-11@11.0.24%2B8-2~deb11u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11vj-5zz4-6fe7"},{"vulnerability":"VCID-13t7-vubq-8kae"},{"vulnerability":"VCID-4snj-etwf-eqe8"},{"vulnerability":"VCID-6196-gvhx-ruh8"},{"vulnerability":"VCID-9n5v-4daz-eyc2"},{"vulnerability":"VCID-apsn-z1br-3bdy"},{"vulnerability":"VCID-b32x-4pu4-jkh4"},{"vulnerability":"VCID-duy9-6f1p-vqah"},{"vulnerability":"VCID-e6dm-6767-9kdk"},{"vulnerability":"VCID-mt9c-tby1-wqe9"},{"vulnerability":"VCID-ntga-y6cv-a3df"},{"vulnerability":"VCID-nxx8-nehy-qyhg"},{"vulnerability":"VCID-p9na-7jta-9yg4"},{"vulnerability":"VCID-u81s-cs95-4yhx"},{"vulnerability":"VCID-vbw8-4j9f-eya5"},{"vulnerability":"VCID-vpnc-yu7r-bqb6"},{"vulnerability":"VCID-y8bc-k5qu-c7f5"},{"vulnerability":"VCID-z356-tw9t-q7bp"},{"vulnerability":"VCID-zkz6-9t74-5bb4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.24%252B8-2~deb11u1"}],"aliases":["CVE-2024-20918"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wn4r-ugaa-5ydb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/31957?format=json","vulnerability_id":"VCID-x4ms-sbj7-aufu","summary":"Multiple vulnerabilities have been discovered in OpenJDK, the worst of which could lead to remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-22006.json","reference_id":"","reference_type":"","scores":[{"value":"3.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-22006.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-22006","reference_id":"","reference_type":"","scores":[{"value":"0.00147","scoring_system":"epss","scoring_elements":"0.35272","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00147","scoring_system":"epss","scoring_elements":"0.353","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00147","scoring_system":"epss","scoring_elements":"0.35182","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00147","scoring_system":"epss","scoring_elements":"0.35226","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00147","scoring_system":"epss","scoring_elements":"0.35251","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00147","scoring_system":"epss","scoring_elements":"0.35255","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00147","scoring_system":"epss","scoring_elements":"0.3522","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00147","scoring_system":"epss","scoring_elements":"0.35196","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-22006"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21930","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21930"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21937","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21937"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21938","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21938"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21939","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21939"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21954","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21954"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21967","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21967"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21968","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21968"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22006","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22006"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22036","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22036"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22041","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22041"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22045","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22045"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22049","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22049"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2221626","reference_id":"2221626","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2221626"},{"reference_url":"https://security.gentoo.org/glsa/202407-24","reference_id":"GLSA-202407-24","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202407-24"},{"reference_url":"https://security.gentoo.org/glsa/202412-07","reference_id":"GLSA-202412-07","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-07"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4157","reference_id":"RHSA-2023:4157","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4157"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4158","reference_id":"RHSA-2023:4158","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4158"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4159","reference_id":"RHSA-2023:4159","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4159"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4161","reference_id":"RHSA-2023:4161","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4161"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4162","reference_id":"RHSA-2023:4162","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4162"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4163","reference_id":"RHSA-2023:4163","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4163"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4164","reference_id":"RHSA-2023:4164","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4164"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4165","reference_id":"RHSA-2023:4165","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4165"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4169","reference_id":"RHSA-2023:4169","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4169"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4170","reference_id":"RHSA-2023:4170","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4170"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4171","reference_id":"RHSA-2023:4171","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4171"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4175","reference_id":"RHSA-2023:4175","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4175"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4177","reference_id":"RHSA-2023:4177","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4177"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4208","reference_id":"RHSA-2023:4208","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4208"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4210","reference_id":"RHSA-2023:4210","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4210"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4211","reference_id":"RHSA-2023:4211","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4211"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4233","reference_id":"RHSA-2023:4233","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4233"},{"reference_url":"https://usn.ubuntu.com/6263-1/","reference_id":"USN-6263-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6263-1/"},{"reference_url":"https://usn.ubuntu.com/6272-1/","reference_id":"USN-6272-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6272-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049131?format=json","purl":"pkg:deb/debian/openjdk-11@11.0.24%2B8-2~deb11u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11vj-5zz4-6fe7"},{"vulnerability":"VCID-13t7-vubq-8kae"},{"vulnerability":"VCID-4snj-etwf-eqe8"},{"vulnerability":"VCID-6196-gvhx-ruh8"},{"vulnerability":"VCID-9n5v-4daz-eyc2"},{"vulnerability":"VCID-apsn-z1br-3bdy"},{"vulnerability":"VCID-b32x-4pu4-jkh4"},{"vulnerability":"VCID-duy9-6f1p-vqah"},{"vulnerability":"VCID-e6dm-6767-9kdk"},{"vulnerability":"VCID-mt9c-tby1-wqe9"},{"vulnerability":"VCID-ntga-y6cv-a3df"},{"vulnerability":"VCID-nxx8-nehy-qyhg"},{"vulnerability":"VCID-p9na-7jta-9yg4"},{"vulnerability":"VCID-u81s-cs95-4yhx"},{"vulnerability":"VCID-vbw8-4j9f-eya5"},{"vulnerability":"VCID-vpnc-yu7r-bqb6"},{"vulnerability":"VCID-y8bc-k5qu-c7f5"},{"vulnerability":"VCID-z356-tw9t-q7bp"},{"vulnerability":"VCID-zkz6-9t74-5bb4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.24%252B8-2~deb11u1"}],"aliases":["CVE-2023-22006"],"risk_score":1.4,"exploitability":"0.5","weighted_severity":"2.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-x4ms-sbj7-aufu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/78476?format=json","vulnerability_id":"VCID-xk2v-7cgk-13ex","summary":"OpenJDK: certificate validation issue in TLS session negotiation (8298310)","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-21967.json","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-21967.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-21967","reference_id":"","reference_type":"","scores":[{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.2175","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.21607","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.21805","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.21556","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.21633","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.21691","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.21702","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.21664","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-21967"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21930","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21930"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21937","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21937"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21938","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21938"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21939","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21939"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21954","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21954"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21967","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21967"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21968","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21968"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22006","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22006"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22036","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22036"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22041","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22041"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22045","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22045"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22049","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22049"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1035957","reference_id":"1035957","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1035957"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036280","reference_id":"1036280","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036280"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2187704","reference_id":"2187704","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2187704"},{"reference_url":"https://www.debian.org/security/2023/dsa-5430","reference_id":"dsa-5430","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-17T13:34:32Z/"}],"url":"https://www.debian.org/security/2023/dsa-5430"},{"reference_url":"https://www.debian.org/security/2023/dsa-5478","reference_id":"dsa-5478","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-17T13:34:32Z/"}],"url":"https://www.debian.org/security/2023/dsa-5478"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2023/09/msg00018.html","reference_id":"msg00018.html","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-17T13:34:32Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2023/09/msg00018.html"},{"reference_url":"https://security.netapp.com/advisory/ntap-20230427-0008/","reference_id":"ntap-20230427-0008","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-17T13:34:32Z/"}],"url":"https://security.netapp.com/advisory/ntap-20230427-0008/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1875","reference_id":"RHSA-2023:1875","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1875"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1877","reference_id":"RHSA-2023:1877","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1877"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1878","reference_id":"RHSA-2023:1878","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1878"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1879","reference_id":"RHSA-2023:1879","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1879"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1880","reference_id":"RHSA-2023:1880","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1880"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1882","reference_id":"RHSA-2023:1882","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1882"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1883","reference_id":"RHSA-2023:1883","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1883"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1884","reference_id":"RHSA-2023:1884","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1884"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1885","reference_id":"RHSA-2023:1885","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1885"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1889","reference_id":"RHSA-2023:1889","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1889"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1890","reference_id":"RHSA-2023:1890","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1890"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1891","reference_id":"RHSA-2023:1891","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1891"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1892","reference_id":"RHSA-2023:1892","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1892"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1895","reference_id":"RHSA-2023:1895","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1895"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1898","reference_id":"RHSA-2023:1898","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1898"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1899","reference_id":"RHSA-2023:1899","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1899"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1900","reference_id":"RHSA-2023:1900","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1900"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1903","reference_id":"RHSA-2023:1903","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1903"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1904","reference_id":"RHSA-2023:1904","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1904"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1905","reference_id":"RHSA-2023:1905","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1905"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1906","reference_id":"RHSA-2023:1906","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1906"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1907","reference_id":"RHSA-2023:1907","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1907"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1908","reference_id":"RHSA-2023:1908","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1908"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1909","reference_id":"RHSA-2023:1909","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1909"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1910","reference_id":"RHSA-2023:1910","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1910"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1911","reference_id":"RHSA-2023:1911","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1911"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1912","reference_id":"RHSA-2023:1912","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1912"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4103","reference_id":"RHSA-2023:4103","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4103"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4160","reference_id":"RHSA-2023:4160","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4160"},{"reference_url":"https://usn.ubuntu.com/6077-1/","reference_id":"USN-6077-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6077-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049131?format=json","purl":"pkg:deb/debian/openjdk-11@11.0.24%2B8-2~deb11u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11vj-5zz4-6fe7"},{"vulnerability":"VCID-13t7-vubq-8kae"},{"vulnerability":"VCID-4snj-etwf-eqe8"},{"vulnerability":"VCID-6196-gvhx-ruh8"},{"vulnerability":"VCID-9n5v-4daz-eyc2"},{"vulnerability":"VCID-apsn-z1br-3bdy"},{"vulnerability":"VCID-b32x-4pu4-jkh4"},{"vulnerability":"VCID-duy9-6f1p-vqah"},{"vulnerability":"VCID-e6dm-6767-9kdk"},{"vulnerability":"VCID-mt9c-tby1-wqe9"},{"vulnerability":"VCID-ntga-y6cv-a3df"},{"vulnerability":"VCID-nxx8-nehy-qyhg"},{"vulnerability":"VCID-p9na-7jta-9yg4"},{"vulnerability":"VCID-u81s-cs95-4yhx"},{"vulnerability":"VCID-vbw8-4j9f-eya5"},{"vulnerability":"VCID-vpnc-yu7r-bqb6"},{"vulnerability":"VCID-y8bc-k5qu-c7f5"},{"vulnerability":"VCID-z356-tw9t-q7bp"},{"vulnerability":"VCID-zkz6-9t74-5bb4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.24%252B8-2~deb11u1"}],"aliases":["CVE-2023-21967"],"risk_score":2.6,"exploitability":"0.5","weighted_severity":"5.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xk2v-7cgk-13ex"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/76843?format=json","vulnerability_id":"VCID-zdra-bzqn-4ug9","summary":"OpenJDK: integer overflow in C1 compiler address generation (8322122)","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21068.json","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21068.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-21068","reference_id":"","reference_type":"","scores":[{"value":"0.0054","scoring_system":"epss","scoring_elements":"0.67616","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0054","scoring_system":"epss","scoring_elements":"0.67576","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0054","scoring_system":"epss","scoring_elements":"0.67597","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0054","scoring_system":"epss","scoring_elements":"0.67575","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0054","scoring_system":"epss","scoring_elements":"0.67627","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0054","scoring_system":"epss","scoring_elements":"0.6764","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0054","scoring_system":"epss","scoring_elements":"0.67663","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0054","scoring_system":"epss","scoring_elements":"0.67648","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-21068"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21011","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21011"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21012","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21012"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21068","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21068"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21085","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21085"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21094","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21094"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1069678","reference_id":"1069678","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1069678"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2275003","reference_id":"2275003","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2275003"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm:21.3.9:*:*:*:enterprise:*:*:*","reference_id":"cpe:2.3:a:oracle:graalvm:21.3.9:*:*:*:enterprise:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm:21.3.9:*:*:*:enterprise:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:17.0.10:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:graalvm_for_jdk:17.0.10:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:17.0.10:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:21.0.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:graalvm_for_jdk:21.0.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:21.0.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:22:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:graalvm_for_jdk:22:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:22:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:11.0.22:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:java_se:11.0.22:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:11.0.22:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:17.0.10:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:java_se:17.0.10:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:17.0.10:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:21.0.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:java_se:21.0.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:21.0.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:22:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:java_se:22:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:22:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:8u401:*:*:*:enterprise_performance:*:*:*","reference_id":"cpe:2.3:a:oracle:java_se:8u401:*:*:*:enterprise_performance:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:8u401:*:*:*:enterprise_performance:*:*:*"},{"reference_url":"https://www.oracle.com/security-alerts/cpuapr2024.html","reference_id":"cpuapr2024.html","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-03T19:30:18Z/"}],"url":"https://www.oracle.com/security-alerts/cpuapr2024.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2024/04/msg00014.html","reference_id":"msg00014.html","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-03T19:30:18Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2024/04/msg00014.html"},{"reference_url":"https://security.netapp.com/advisory/ntap-20240426-0004/","reference_id":"ntap-20240426-0004","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-03T19:30:18Z/"}],"url":"https://security.netapp.com/advisory/ntap-20240426-0004/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1815","reference_id":"RHSA-2024:1815","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1815"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1816","reference_id":"RHSA-2024:1816","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1816"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1817","reference_id":"RHSA-2024:1817","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1817"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1818","reference_id":"RHSA-2024:1818","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1818"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1819","reference_id":"RHSA-2024:1819","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1819"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1820","reference_id":"RHSA-2024:1820","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1820"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1821","reference_id":"RHSA-2024:1821","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1821"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1822","reference_id":"RHSA-2024:1822","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1822"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1823","reference_id":"RHSA-2024:1823","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1823"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1824","reference_id":"RHSA-2024:1824","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1824"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1825","reference_id":"RHSA-2024:1825","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1825"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1826","reference_id":"RHSA-2024:1826","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1826"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1827","reference_id":"RHSA-2024:1827","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1827"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1828","reference_id":"RHSA-2024:1828","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1828"},{"reference_url":"https://usn.ubuntu.com/6810-1/","reference_id":"USN-6810-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6810-1/"},{"reference_url":"https://usn.ubuntu.com/6811-1/","reference_id":"USN-6811-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6811-1/"},{"reference_url":"https://usn.ubuntu.com/6812-1/","reference_id":"USN-6812-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6812-1/"},{"reference_url":"https://usn.ubuntu.com/6813-1/","reference_id":"USN-6813-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6813-1/"},{"reference_url":"https://usn.ubuntu.com/7096-1/","reference_id":"USN-7096-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7096-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049131?format=json","purl":"pkg:deb/debian/openjdk-11@11.0.24%2B8-2~deb11u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11vj-5zz4-6fe7"},{"vulnerability":"VCID-13t7-vubq-8kae"},{"vulnerability":"VCID-4snj-etwf-eqe8"},{"vulnerability":"VCID-6196-gvhx-ruh8"},{"vulnerability":"VCID-9n5v-4daz-eyc2"},{"vulnerability":"VCID-apsn-z1br-3bdy"},{"vulnerability":"VCID-b32x-4pu4-jkh4"},{"vulnerability":"VCID-duy9-6f1p-vqah"},{"vulnerability":"VCID-e6dm-6767-9kdk"},{"vulnerability":"VCID-mt9c-tby1-wqe9"},{"vulnerability":"VCID-ntga-y6cv-a3df"},{"vulnerability":"VCID-nxx8-nehy-qyhg"},{"vulnerability":"VCID-p9na-7jta-9yg4"},{"vulnerability":"VCID-u81s-cs95-4yhx"},{"vulnerability":"VCID-vbw8-4j9f-eya5"},{"vulnerability":"VCID-vpnc-yu7r-bqb6"},{"vulnerability":"VCID-y8bc-k5qu-c7f5"},{"vulnerability":"VCID-z356-tw9t-q7bp"},{"vulnerability":"VCID-zkz6-9t74-5bb4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.24%252B8-2~deb11u1"}],"aliases":["CVE-2024-21068"],"risk_score":1.6,"exploitability":"0.5","weighted_severity":"3.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zdra-bzqn-4ug9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/74707?format=json","vulnerability_id":"VCID-zgpr-3zft-zqgt","summary":"OpenJDK: Range Check Elimination (RCE) pre-loop limit overflow (8320548)","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21140.json","reference_id":"","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21140.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-21140","reference_id":"","reference_type":"","scores":[{"value":"0.00568","scoring_system":"epss","scoring_elements":"0.68526","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00568","scoring_system":"epss","scoring_elements":"0.68475","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00568","scoring_system":"epss","scoring_elements":"0.68525","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00568","scoring_system":"epss","scoring_elements":"0.68543","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00568","scoring_system":"epss","scoring_elements":"0.68569","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00568","scoring_system":"epss","scoring_elements":"0.68556","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00568","scoring_system":"epss","scoring_elements":"0.68479","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00568","scoring_system":"epss","scoring_elements":"0.68498","published_at":"2026-04-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-21140"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21131","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21131"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21138","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21138"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21140","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21140"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21144","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21144"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21145","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21145"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21147","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21147"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2297963","reference_id":"2297963","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2297963"},{"reference_url":"https://www.oracle.com/security-alerts/cpujul2024.html","reference_id":"cpujul2024.html","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-17T13:27:50Z/"}],"url":"https://www.oracle.com/security-alerts/cpujul2024.html"},{"reference_url":"https://security.netapp.com/advisory/ntap-20240719-0008/","reference_id":"ntap-20240719-0008","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-17T13:27:50Z/"}],"url":"https://security.netapp.com/advisory/ntap-20240719-0008/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4560","reference_id":"RHSA-2024:4560","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4560"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4561","reference_id":"RHSA-2024:4561","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4561"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4562","reference_id":"RHSA-2024:4562","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4562"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4563","reference_id":"RHSA-2024:4563","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4563"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4564","reference_id":"RHSA-2024:4564","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4564"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4565","reference_id":"RHSA-2024:4565","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4565"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4566","reference_id":"RHSA-2024:4566","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4566"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4567","reference_id":"RHSA-2024:4567","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4567"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4568","reference_id":"RHSA-2024:4568","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4568"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4569","reference_id":"RHSA-2024:4569","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4569"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4570","reference_id":"RHSA-2024:4570","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4570"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4571","reference_id":"RHSA-2024:4571","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4571"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4572","reference_id":"RHSA-2024:4572","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4572"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4573","reference_id":"RHSA-2024:4573","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4573"},{"reference_url":"https://usn.ubuntu.com/6929-1/","reference_id":"USN-6929-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6929-1/"},{"reference_url":"https://usn.ubuntu.com/6930-1/","reference_id":"USN-6930-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6930-1/"},{"reference_url":"https://usn.ubuntu.com/6931-1/","reference_id":"USN-6931-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6931-1/"},{"reference_url":"https://usn.ubuntu.com/6932-1/","reference_id":"USN-6932-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6932-1/"},{"reference_url":"https://usn.ubuntu.com/7096-1/","reference_id":"USN-7096-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7096-1/"},{"reference_url":"https://usn.ubuntu.com/7097-1/","reference_id":"USN-7097-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7097-1/"},{"reference_url":"https://usn.ubuntu.com/7098-1/","reference_id":"USN-7098-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7098-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049131?format=json","purl":"pkg:deb/debian/openjdk-11@11.0.24%2B8-2~deb11u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11vj-5zz4-6fe7"},{"vulnerability":"VCID-13t7-vubq-8kae"},{"vulnerability":"VCID-4snj-etwf-eqe8"},{"vulnerability":"VCID-6196-gvhx-ruh8"},{"vulnerability":"VCID-9n5v-4daz-eyc2"},{"vulnerability":"VCID-apsn-z1br-3bdy"},{"vulnerability":"VCID-b32x-4pu4-jkh4"},{"vulnerability":"VCID-duy9-6f1p-vqah"},{"vulnerability":"VCID-e6dm-6767-9kdk"},{"vulnerability":"VCID-mt9c-tby1-wqe9"},{"vulnerability":"VCID-ntga-y6cv-a3df"},{"vulnerability":"VCID-nxx8-nehy-qyhg"},{"vulnerability":"VCID-p9na-7jta-9yg4"},{"vulnerability":"VCID-u81s-cs95-4yhx"},{"vulnerability":"VCID-vbw8-4j9f-eya5"},{"vulnerability":"VCID-vpnc-yu7r-bqb6"},{"vulnerability":"VCID-y8bc-k5qu-c7f5"},{"vulnerability":"VCID-z356-tw9t-q7bp"},{"vulnerability":"VCID-zkz6-9t74-5bb4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.24%252B8-2~deb11u1"}],"aliases":["CVE-2024-21140"],"risk_score":2.1,"exploitability":"0.5","weighted_severity":"4.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zgpr-3zft-zqgt"}],"risk_score":"3.9","resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.24%252B8-2~deb11u1"}