{"url":"http://public2.vulnerablecode.io/api/packages/326478?format=json","purl":"pkg:apk/alpine/openjdk8@8.372.07-r0?arch=armhf&distroversion=v3.22&reponame=community","type":"apk","namespace":"alpine","name":"openjdk8","version":"8.372.07-r0","qualifiers":{"arch":"armhf","distroversion":"v3.22","reponame":"community"},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":"8.382.05-r0","latest_non_vulnerable_version":"8.452.09-r0","affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/96436?format=json","vulnerability_id":"VCID-8fy5-u3g9-yuhy","summary":"Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Networking).  Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and  22.3.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition.  Successful attacks of this vulnerability can result in  unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 3.7 (Integrity impacts).  CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N).","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-21937.json","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-21937.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-21937","reference_id":"","reference_type":"","scores":[{"value":"0.00099","scoring_system":"epss","scoring_elements":"0.27159","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00099","scoring_system":"epss","scoring_elements":"0.27091","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00099","scoring_system":"epss","scoring_elements":"0.27224","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00099","scoring_system":"epss","scoring_elements":"0.27171","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00099","scoring_system":"epss","scoring_elements":"0.27132","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00099","scoring_system":"epss","scoring_elements":"0.27082","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-21937"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21930","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21930"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21937","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21937"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21938","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21938"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21939","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21939"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21954","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21954"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21967","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21967"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21968","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21968"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22006","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22006"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22036","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22036"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22041","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22041"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22045","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22045"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22049","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22049"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1035957","reference_id":"1035957","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1035957"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036280","reference_id":"1036280","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036280"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2187790","reference_id":"2187790","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2187790"},{"reference_url":"https://www.debian.org/security/2023/dsa-5430","reference_id":"dsa-5430","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-17T13:34:57Z/"}],"url":"https://www.debian.org/security/2023/dsa-5430"},{"reference_url":"https://www.debian.org/security/2023/dsa-5478","reference_id":"dsa-5478","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-17T13:34:57Z/"}],"url":"https://www.debian.org/security/2023/dsa-5478"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2023/09/msg00018.html","reference_id":"msg00018.html","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-17T13:34:57Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2023/09/msg00018.html"},{"reference_url":"https://security.netapp.com/advisory/ntap-20230427-0008/","reference_id":"ntap-20230427-0008","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-17T13:34:57Z/"}],"url":"https://security.netapp.com/advisory/ntap-20230427-0008/"},{"reference_url":"https://security.netapp.com/advisory/ntap-20240621-0006/","reference_id":"ntap-20240621-0006","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-17T13:34:57Z/"}],"url":"https://security.netapp.com/advisory/ntap-20240621-0006/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1875","reference_id":"RHSA-2023:1875","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1875"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1877","reference_id":"RHSA-2023:1877","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1877"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1878","reference_id":"RHSA-2023:1878","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1878"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1879","reference_id":"RHSA-2023:1879","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1879"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1880","reference_id":"RHSA-2023:1880","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1880"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1882","reference_id":"RHSA-2023:1882","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1882"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1883","reference_id":"RHSA-2023:1883","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1883"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1884","reference_id":"RHSA-2023:1884","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1884"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1885","reference_id":"RHSA-2023:1885","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1885"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1889","reference_id":"RHSA-2023:1889","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1889"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1890","reference_id":"RHSA-2023:1890","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1890"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1891","reference_id":"RHSA-2023:1891","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1891"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1892","reference_id":"RHSA-2023:1892","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1892"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1895","reference_id":"RHSA-2023:1895","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1895"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1898","reference_id":"RHSA-2023:1898","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1898"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1899","reference_id":"RHSA-2023:1899","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1899"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1900","reference_id":"RHSA-2023:1900","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1900"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1903","reference_id":"RHSA-2023:1903","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1903"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1904","reference_id":"RHSA-2023:1904","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1904"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1905","reference_id":"RHSA-2023:1905","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1905"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1906","reference_id":"RHSA-2023:1906","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1906"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1907","reference_id":"RHSA-2023:1907","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1907"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1908","reference_id":"RHSA-2023:1908","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1908"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1909","reference_id":"RHSA-2023:1909","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1909"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1910","reference_id":"RHSA-2023:1910","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1910"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1911","reference_id":"RHSA-2023:1911","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1911"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1912","reference_id":"RHSA-2023:1912","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1912"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4103","reference_id":"RHSA-2023:4103","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4103"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4160","reference_id":"RHSA-2023:4160","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4160"},{"reference_url":"https://usn.ubuntu.com/6077-1/","reference_id":"USN-6077-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6077-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/326478?format=json","purl":"pkg:apk/alpine/openjdk8@8.372.07-r0?arch=armhf&distroversion=v3.22&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openjdk8@8.372.07-r0%3Farch=armhf&distroversion=v3.22&reponame=community"}],"aliases":["CVE-2023-21937"],"risk_score":1.6,"exploitability":"0.5","weighted_severity":"3.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8fy5-u3g9-yuhy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/96440?format=json","vulnerability_id":"VCID-eccq-rjg6-wfgd","summary":"Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE).  Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and  22.3.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition.  Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.9 (Availability impacts).  CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H).","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-21967.json","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-21967.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-21967","reference_id":"","reference_type":"","scores":[{"value":"0.0008","scoring_system":"epss","scoring_elements":"0.23695","published_at":"2026-06-04T12:55:00Z"},{"value":"0.0008","scoring_system":"epss","scoring_elements":"0.23681","published_at":"2026-06-09T12:55:00Z"},{"value":"0.0008","scoring_system":"epss","scoring_elements":"0.2379","published_at":"2026-06-05T12:55:00Z"},{"value":"0.0008","scoring_system":"epss","scoring_elements":"0.23776","published_at":"2026-06-06T12:55:00Z"},{"value":"0.0008","scoring_system":"epss","scoring_elements":"0.2373","published_at":"2026-06-07T12:55:00Z"},{"value":"0.0008","scoring_system":"epss","scoring_elements":"0.23676","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-21967"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21930","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21930"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21937","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21937"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21938","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21938"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21939","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21939"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21954","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21954"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21967","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21967"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21968","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21968"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22006","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22006"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22036","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22036"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22041","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22041"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22045","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22045"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22049","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22049"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1035957","reference_id":"1035957","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1035957"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036280","reference_id":"1036280","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036280"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2187704","reference_id":"2187704","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2187704"},{"reference_url":"https://www.debian.org/security/2023/dsa-5430","reference_id":"dsa-5430","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-17T13:34:32Z/"}],"url":"https://www.debian.org/security/2023/dsa-5430"},{"reference_url":"https://www.debian.org/security/2023/dsa-5478","reference_id":"dsa-5478","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-17T13:34:32Z/"}],"url":"https://www.debian.org/security/2023/dsa-5478"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2023/09/msg00018.html","reference_id":"msg00018.html","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-17T13:34:32Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2023/09/msg00018.html"},{"reference_url":"https://security.netapp.com/advisory/ntap-20230427-0008/","reference_id":"ntap-20230427-0008","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-17T13:34:32Z/"}],"url":"https://security.netapp.com/advisory/ntap-20230427-0008/"},{"reference_url":"https://security.netapp.com/advisory/ntap-20240621-0006/","reference_id":"ntap-20240621-0006","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-17T13:34:32Z/"}],"url":"https://security.netapp.com/advisory/ntap-20240621-0006/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1875","reference_id":"RHSA-2023:1875","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1875"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1877","reference_id":"RHSA-2023:1877","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1877"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1878","reference_id":"RHSA-2023:1878","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1878"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1879","reference_id":"RHSA-2023:1879","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1879"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1880","reference_id":"RHSA-2023:1880","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1880"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1882","reference_id":"RHSA-2023:1882","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1882"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1883","reference_id":"RHSA-2023:1883","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1883"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1884","reference_id":"RHSA-2023:1884","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1884"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1885","reference_id":"RHSA-2023:1885","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1885"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1889","reference_id":"RHSA-2023:1889","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1889"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1890","reference_id":"RHSA-2023:1890","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1890"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1891","reference_id":"RHSA-2023:1891","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1891"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1892","reference_id":"RHSA-2023:1892","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1892"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1895","reference_id":"RHSA-2023:1895","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1895"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1898","reference_id":"RHSA-2023:1898","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1898"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1899","reference_id":"RHSA-2023:1899","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1899"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1900","reference_id":"RHSA-2023:1900","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1900"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1903","reference_id":"RHSA-2023:1903","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1903"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1904","reference_id":"RHSA-2023:1904","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1904"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1905","reference_id":"RHSA-2023:1905","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1905"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1906","reference_id":"RHSA-2023:1906","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1906"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1907","reference_id":"RHSA-2023:1907","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1907"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1908","reference_id":"RHSA-2023:1908","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1908"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1909","reference_id":"RHSA-2023:1909","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1909"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1910","reference_id":"RHSA-2023:1910","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1910"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1911","reference_id":"RHSA-2023:1911","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1911"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1912","reference_id":"RHSA-2023:1912","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1912"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4103","reference_id":"RHSA-2023:4103","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4103"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4160","reference_id":"RHSA-2023:4160","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4160"},{"reference_url":"https://usn.ubuntu.com/6077-1/","reference_id":"USN-6077-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6077-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/326478?format=json","purl":"pkg:apk/alpine/openjdk8@8.372.07-r0?arch=armhf&distroversion=v3.22&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openjdk8@8.372.07-r0%3Farch=armhf&distroversion=v3.22&reponame=community"}],"aliases":["CVE-2023-21967"],"risk_score":2.6,"exploitability":"0.5","weighted_severity":"5.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-eccq-rjg6-wfgd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/96435?format=json","vulnerability_id":"VCID-h698-fsc4-wydx","summary":"Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE).  Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and  22.3.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via TLS to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition.  Successful attacks of this vulnerability can result in  unauthorized creation, deletion or modification access to critical data or all Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data as well as  unauthorized access to critical data or complete access to all Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 7.4 (Confidentiality and Integrity impacts).  CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N).","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-21930.json","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-21930.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-21930","reference_id":"","reference_type":"","scores":[{"value":"0.00174","scoring_system":"epss","scoring_elements":"0.38523","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00174","scoring_system":"epss","scoring_elements":"0.38568","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00174","scoring_system":"epss","scoring_elements":"0.38612","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00174","scoring_system":"epss","scoring_elements":"0.38615","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00174","scoring_system":"epss","scoring_elements":"0.38587","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00174","scoring_system":"epss","scoring_elements":"0.38559","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-21930"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21930","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21930"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21937","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21937"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21938","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21938"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21939","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21939"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21954","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21954"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21967","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21967"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21968","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21968"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22006","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22006"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22036","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22036"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22041","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22041"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22045","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22045"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22049","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22049"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1035957","reference_id":"1035957","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1035957"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036280","reference_id":"1036280","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036280"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2187435","reference_id":"2187435","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2187435"},{"reference_url":"https://www.debian.org/security/2023/dsa-5430","reference_id":"dsa-5430","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-22T19:44:31Z/"}],"url":"https://www.debian.org/security/2023/dsa-5430"},{"reference_url":"https://www.debian.org/security/2023/dsa-5478","reference_id":"dsa-5478","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-22T19:44:31Z/"}],"url":"https://www.debian.org/security/2023/dsa-5478"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2023/09/msg00018.html","reference_id":"msg00018.html","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-22T19:44:31Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2023/09/msg00018.html"},{"reference_url":"https://security.netapp.com/advisory/ntap-20230427-0008/","reference_id":"ntap-20230427-0008","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-22T19:44:31Z/"}],"url":"https://security.netapp.com/advisory/ntap-20230427-0008/"},{"reference_url":"https://security.netapp.com/advisory/ntap-20240621-0006/","reference_id":"ntap-20240621-0006","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-22T19:44:31Z/"}],"url":"https://security.netapp.com/advisory/ntap-20240621-0006/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1875","reference_id":"RHSA-2023:1875","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1875"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1877","reference_id":"RHSA-2023:1877","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1877"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1878","reference_id":"RHSA-2023:1878","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1878"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1879","reference_id":"RHSA-2023:1879","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1879"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1880","reference_id":"RHSA-2023:1880","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1880"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1882","reference_id":"RHSA-2023:1882","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1882"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1883","reference_id":"RHSA-2023:1883","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1883"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1884","reference_id":"RHSA-2023:1884","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1884"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1885","reference_id":"RHSA-2023:1885","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1885"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1889","reference_id":"RHSA-2023:1889","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1889"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1890","reference_id":"RHSA-2023:1890","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1890"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1891","reference_id":"RHSA-2023:1891","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1891"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1892","reference_id":"RHSA-2023:1892","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1892"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1895","reference_id":"RHSA-2023:1895","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1895"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1898","reference_id":"RHSA-2023:1898","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1898"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1899","reference_id":"RHSA-2023:1899","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1899"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1900","reference_id":"RHSA-2023:1900","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1900"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1903","reference_id":"RHSA-2023:1903","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1903"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1904","reference_id":"RHSA-2023:1904","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1904"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1905","reference_id":"RHSA-2023:1905","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1905"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1906","reference_id":"RHSA-2023:1906","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1906"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1907","reference_id":"RHSA-2023:1907","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1907"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1908","reference_id":"RHSA-2023:1908","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1908"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1909","reference_id":"RHSA-2023:1909","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1909"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1910","reference_id":"RHSA-2023:1910","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1910"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1911","reference_id":"RHSA-2023:1911","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1911"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1912","reference_id":"RHSA-2023:1912","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1912"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4103","reference_id":"RHSA-2023:4103","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4103"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4160","reference_id":"RHSA-2023:4160","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4160"},{"reference_url":"https://usn.ubuntu.com/6077-1/","reference_id":"USN-6077-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6077-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/326478?format=json","purl":"pkg:apk/alpine/openjdk8@8.372.07-r0?arch=armhf&distroversion=v3.22&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openjdk8@8.372.07-r0%3Farch=armhf&distroversion=v3.22&reponame=community"}],"aliases":["CVE-2023-21930"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-h698-fsc4-wydx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/96437?format=json","vulnerability_id":"VCID-w6dm-mezz-k7hg","summary":"Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries).  Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.8, 21.3.4 and  22.3.0. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition.  Successful attacks of this vulnerability can result in  unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.1 Base Score 3.7 (Integrity impacts).  CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N).","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-21938.json","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-21938.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-21938","reference_id":"","reference_type":"","scores":[{"value":"0.00099","scoring_system":"epss","scoring_elements":"0.27159","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00099","scoring_system":"epss","scoring_elements":"0.27091","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00099","scoring_system":"epss","scoring_elements":"0.27224","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00099","scoring_system":"epss","scoring_elements":"0.27171","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00099","scoring_system":"epss","scoring_elements":"0.27132","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00099","scoring_system":"epss","scoring_elements":"0.27082","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-21938"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21930","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21930"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21937","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21937"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21938","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21938"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21939","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21939"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21954","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21954"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21967","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21967"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21968","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21968"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22006","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22006"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22036","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22036"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22041","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22041"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22045","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22045"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22049","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22049"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1035957","reference_id":"1035957","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1035957"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036280","reference_id":"1036280","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036280"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2187758","reference_id":"2187758","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2187758"},{"reference_url":"https://www.debian.org/security/2023/dsa-5430","reference_id":"dsa-5430","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-16T14:39:35Z/"}],"url":"https://www.debian.org/security/2023/dsa-5430"},{"reference_url":"https://www.debian.org/security/2023/dsa-5478","reference_id":"dsa-5478","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-16T14:39:35Z/"}],"url":"https://www.debian.org/security/2023/dsa-5478"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2023/09/msg00018.html","reference_id":"msg00018.html","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-16T14:39:35Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2023/09/msg00018.html"},{"reference_url":"https://security.netapp.com/advisory/ntap-20230427-0008/","reference_id":"ntap-20230427-0008","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-16T14:39:35Z/"}],"url":"https://security.netapp.com/advisory/ntap-20230427-0008/"},{"reference_url":"https://security.netapp.com/advisory/ntap-20240621-0006/","reference_id":"ntap-20240621-0006","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-16T14:39:35Z/"}],"url":"https://security.netapp.com/advisory/ntap-20240621-0006/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1875","reference_id":"RHSA-2023:1875","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1875"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1877","reference_id":"RHSA-2023:1877","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1877"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1878","reference_id":"RHSA-2023:1878","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1878"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1879","reference_id":"RHSA-2023:1879","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1879"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1880","reference_id":"RHSA-2023:1880","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1880"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1882","reference_id":"RHSA-2023:1882","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1882"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1883","reference_id":"RHSA-2023:1883","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1883"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1884","reference_id":"RHSA-2023:1884","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1884"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1885","reference_id":"RHSA-2023:1885","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1885"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1889","reference_id":"RHSA-2023:1889","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1889"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1890","reference_id":"RHSA-2023:1890","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1890"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1891","reference_id":"RHSA-2023:1891","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1891"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1892","reference_id":"RHSA-2023:1892","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1892"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1895","reference_id":"RHSA-2023:1895","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1895"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1898","reference_id":"RHSA-2023:1898","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1898"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1899","reference_id":"RHSA-2023:1899","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1899"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1900","reference_id":"RHSA-2023:1900","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1900"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1903","reference_id":"RHSA-2023:1903","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1903"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1904","reference_id":"RHSA-2023:1904","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1904"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1905","reference_id":"RHSA-2023:1905","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1905"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1906","reference_id":"RHSA-2023:1906","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1906"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1907","reference_id":"RHSA-2023:1907","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1907"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1908","reference_id":"RHSA-2023:1908","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1908"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1909","reference_id":"RHSA-2023:1909","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1909"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1910","reference_id":"RHSA-2023:1910","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1910"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1911","reference_id":"RHSA-2023:1911","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1911"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1912","reference_id":"RHSA-2023:1912","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1912"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4103","reference_id":"RHSA-2023:4103","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4103"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4160","reference_id":"RHSA-2023:4160","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4160"},{"reference_url":"https://usn.ubuntu.com/6077-1/","reference_id":"USN-6077-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6077-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/326478?format=json","purl":"pkg:apk/alpine/openjdk8@8.372.07-r0?arch=armhf&distroversion=v3.22&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openjdk8@8.372.07-r0%3Farch=armhf&distroversion=v3.22&reponame=community"}],"aliases":["CVE-2023-21938"],"risk_score":1.6,"exploitability":"0.5","weighted_severity":"3.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-w6dm-mezz-k7hg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/96441?format=json","vulnerability_id":"VCID-ybu5-news-1ybw","summary":"Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries).  Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and  22.3.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition.  Successful attacks of this vulnerability can result in  unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 3.7 (Integrity impacts).  CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N).","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-21968.json","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-21968.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-21968","reference_id":"","reference_type":"","scores":[{"value":"0.00072","scoring_system":"epss","scoring_elements":"0.21977","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00072","scoring_system":"epss","scoring_elements":"0.21951","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00072","scoring_system":"epss","scoring_elements":"0.2206","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00072","scoring_system":"epss","scoring_elements":"0.22046","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00072","scoring_system":"epss","scoring_elements":"0.21998","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00072","scoring_system":"epss","scoring_elements":"0.21941","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-21968"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21930","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21930"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21937","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21937"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21938","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21938"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21939","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21939"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21954","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21954"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21967","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21967"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21968","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21968"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22006","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22006"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22036","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22036"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22041","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22041"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22045","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22045"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22049","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22049"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1035957","reference_id":"1035957","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1035957"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036280","reference_id":"1036280","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036280"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2187802","reference_id":"2187802","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2187802"},{"reference_url":"https://www.debian.org/security/2023/dsa-5430","reference_id":"dsa-5430","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2023-11-30T19:25:47Z/"}],"url":"https://www.debian.org/security/2023/dsa-5430"},{"reference_url":"https://www.debian.org/security/2023/dsa-5478","reference_id":"dsa-5478","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2023-11-30T19:25:47Z/"}],"url":"https://www.debian.org/security/2023/dsa-5478"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2023/09/msg00018.html","reference_id":"msg00018.html","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2023-11-30T19:25:47Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2023/09/msg00018.html"},{"reference_url":"https://security.netapp.com/advisory/ntap-20230427-0008/","reference_id":"ntap-20230427-0008","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2023-11-30T19:25:47Z/"}],"url":"https://security.netapp.com/advisory/ntap-20230427-0008/"},{"reference_url":"https://security.netapp.com/advisory/ntap-20240621-0006/","reference_id":"ntap-20240621-0006","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2023-11-30T19:25:47Z/"}],"url":"https://security.netapp.com/advisory/ntap-20240621-0006/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1875","reference_id":"RHSA-2023:1875","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1875"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1877","reference_id":"RHSA-2023:1877","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1877"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1878","reference_id":"RHSA-2023:1878","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1878"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1879","reference_id":"RHSA-2023:1879","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1879"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1880","reference_id":"RHSA-2023:1880","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1880"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1882","reference_id":"RHSA-2023:1882","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1882"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1883","reference_id":"RHSA-2023:1883","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1883"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1884","reference_id":"RHSA-2023:1884","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1884"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1885","reference_id":"RHSA-2023:1885","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1885"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1889","reference_id":"RHSA-2023:1889","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1889"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1890","reference_id":"RHSA-2023:1890","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1890"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1891","reference_id":"RHSA-2023:1891","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1891"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1892","reference_id":"RHSA-2023:1892","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1892"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1895","reference_id":"RHSA-2023:1895","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1895"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1898","reference_id":"RHSA-2023:1898","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1898"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1899","reference_id":"RHSA-2023:1899","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1899"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1900","reference_id":"RHSA-2023:1900","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1900"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1903","reference_id":"RHSA-2023:1903","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1903"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1904","reference_id":"RHSA-2023:1904","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1904"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1905","reference_id":"RHSA-2023:1905","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1905"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1906","reference_id":"RHSA-2023:1906","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1906"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1907","reference_id":"RHSA-2023:1907","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1907"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1908","reference_id":"RHSA-2023:1908","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1908"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1909","reference_id":"RHSA-2023:1909","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1909"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1910","reference_id":"RHSA-2023:1910","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1910"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1911","reference_id":"RHSA-2023:1911","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1911"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1912","reference_id":"RHSA-2023:1912","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1912"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4103","reference_id":"RHSA-2023:4103","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4103"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4160","reference_id":"RHSA-2023:4160","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4160"},{"reference_url":"https://usn.ubuntu.com/6077-1/","reference_id":"USN-6077-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6077-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/326478?format=json","purl":"pkg:apk/alpine/openjdk8@8.372.07-r0?arch=armhf&distroversion=v3.22&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openjdk8@8.372.07-r0%3Farch=armhf&distroversion=v3.22&reponame=community"}],"aliases":["CVE-2023-21968"],"risk_score":1.6,"exploitability":"0.5","weighted_severity":"3.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ybu5-news-1ybw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/96439?format=json","vulnerability_id":"VCID-zjr6-vskg-u3ax","summary":"Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot).  Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and  22.3.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition.  Successful attacks of this vulnerability can result in  unauthorized access to critical data or complete access to all Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.9 (Confidentiality impacts).  CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N).","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-21954.json","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-21954.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-21954","reference_id":"","reference_type":"","scores":[{"value":"0.00056","scoring_system":"epss","scoring_elements":"0.17708","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00056","scoring_system":"epss","scoring_elements":"0.17691","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00056","scoring_system":"epss","scoring_elements":"0.17786","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00056","scoring_system":"epss","scoring_elements":"0.17781","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00056","scoring_system":"epss","scoring_elements":"0.17748","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00056","scoring_system":"epss","scoring_elements":"0.17673","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-21954"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21930","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21930"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21937","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21937"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21938","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21938"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21939","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21939"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21954","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21954"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21967","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21967"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21968","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21968"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22006","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22006"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22036","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22036"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22041","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22041"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22045","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22045"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22049","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22049"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1035957","reference_id":"1035957","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1035957"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036280","reference_id":"1036280","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036280"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2187441","reference_id":"2187441","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2187441"},{"reference_url":"https://www.debian.org/security/2023/dsa-5430","reference_id":"dsa-5430","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-16T14:39:04Z/"}],"url":"https://www.debian.org/security/2023/dsa-5430"},{"reference_url":"https://www.debian.org/security/2023/dsa-5478","reference_id":"dsa-5478","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-16T14:39:04Z/"}],"url":"https://www.debian.org/security/2023/dsa-5478"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2023/09/msg00018.html","reference_id":"msg00018.html","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-16T14:39:04Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2023/09/msg00018.html"},{"reference_url":"https://security.netapp.com/advisory/ntap-20230427-0008/","reference_id":"ntap-20230427-0008","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-16T14:39:04Z/"}],"url":"https://security.netapp.com/advisory/ntap-20230427-0008/"},{"reference_url":"https://security.netapp.com/advisory/ntap-20240621-0006/","reference_id":"ntap-20240621-0006","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-16T14:39:04Z/"}],"url":"https://security.netapp.com/advisory/ntap-20240621-0006/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1875","reference_id":"RHSA-2023:1875","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1875"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1877","reference_id":"RHSA-2023:1877","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1877"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1878","reference_id":"RHSA-2023:1878","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1878"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1879","reference_id":"RHSA-2023:1879","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1879"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1880","reference_id":"RHSA-2023:1880","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1880"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1882","reference_id":"RHSA-2023:1882","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1882"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1883","reference_id":"RHSA-2023:1883","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1883"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1884","reference_id":"RHSA-2023:1884","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1884"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1885","reference_id":"RHSA-2023:1885","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1885"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1889","reference_id":"RHSA-2023:1889","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1889"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1890","reference_id":"RHSA-2023:1890","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1890"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1891","reference_id":"RHSA-2023:1891","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1891"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1892","reference_id":"RHSA-2023:1892","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1892"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1895","reference_id":"RHSA-2023:1895","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1895"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1898","reference_id":"RHSA-2023:1898","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1898"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1899","reference_id":"RHSA-2023:1899","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1899"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1900","reference_id":"RHSA-2023:1900","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1900"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1903","reference_id":"RHSA-2023:1903","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1903"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1904","reference_id":"RHSA-2023:1904","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1904"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1905","reference_id":"RHSA-2023:1905","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1905"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1906","reference_id":"RHSA-2023:1906","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1906"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1907","reference_id":"RHSA-2023:1907","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1907"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1908","reference_id":"RHSA-2023:1908","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1908"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1909","reference_id":"RHSA-2023:1909","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1909"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1910","reference_id":"RHSA-2023:1910","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1910"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1911","reference_id":"RHSA-2023:1911","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1911"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1912","reference_id":"RHSA-2023:1912","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1912"},{"reference_url":"https://usn.ubuntu.com/6077-1/","reference_id":"USN-6077-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6077-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/326478?format=json","purl":"pkg:apk/alpine/openjdk8@8.372.07-r0?arch=armhf&distroversion=v3.22&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openjdk8@8.372.07-r0%3Farch=armhf&distroversion=v3.22&reponame=community"}],"aliases":["CVE-2023-21954"],"risk_score":2.6,"exploitability":"0.5","weighted_severity":"5.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zjr6-vskg-u3ax"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/96438?format=json","vulnerability_id":"VCID-zkty-xxxc-pyfu","summary":"Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Swing).  Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and  22.3.1. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition.  Successful attacks of this vulnerability can result in  unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Integrity impacts).  CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N).","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-21939.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-21939.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-21939","reference_id":"","reference_type":"","scores":[{"value":"0.01156","scoring_system":"epss","scoring_elements":"0.78914","published_at":"2026-06-09T12:55:00Z"},{"value":"0.01156","scoring_system":"epss","scoring_elements":"0.78896","published_at":"2026-06-08T12:55:00Z"},{"value":"0.02108","scoring_system":"epss","scoring_elements":"0.84434","published_at":"2026-06-07T12:55:00Z"},{"value":"0.02108","scoring_system":"epss","scoring_elements":"0.84415","published_at":"2026-06-04T12:55:00Z"},{"value":"0.02108","scoring_system":"epss","scoring_elements":"0.84438","published_at":"2026-06-05T12:55:00Z"},{"value":"0.02108","scoring_system":"epss","scoring_elements":"0.84441","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-21939"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21930","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21930"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21937","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21937"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21938","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21938"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21939","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21939"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21954","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21954"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21967","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21967"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21968","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21968"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22006","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22006"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22036","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22036"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22041","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22041"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22045","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22045"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22049","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22049"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1035957","reference_id":"1035957","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1035957"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036280","reference_id":"1036280","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036280"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2187724","reference_id":"2187724","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2187724"},{"reference_url":"https://www.debian.org/security/2023/dsa-5430","reference_id":"dsa-5430","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-05T19:26:29Z/"}],"url":"https://www.debian.org/security/2023/dsa-5430"},{"reference_url":"https://www.debian.org/security/2023/dsa-5478","reference_id":"dsa-5478","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-05T19:26:29Z/"}],"url":"https://www.debian.org/security/2023/dsa-5478"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2023/09/msg00018.html","reference_id":"msg00018.html","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-05T19:26:29Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2023/09/msg00018.html"},{"reference_url":"https://security.netapp.com/advisory/ntap-20230427-0008/","reference_id":"ntap-20230427-0008","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-05T19:26:29Z/"}],"url":"https://security.netapp.com/advisory/ntap-20230427-0008/"},{"reference_url":"https://security.netapp.com/advisory/ntap-20240621-0006/","reference_id":"ntap-20240621-0006","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-05T19:26:29Z/"}],"url":"https://security.netapp.com/advisory/ntap-20240621-0006/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1875","reference_id":"RHSA-2023:1875","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1875"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1877","reference_id":"RHSA-2023:1877","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1877"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1878","reference_id":"RHSA-2023:1878","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1878"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1879","reference_id":"RHSA-2023:1879","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1879"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1880","reference_id":"RHSA-2023:1880","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1880"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1882","reference_id":"RHSA-2023:1882","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1882"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1883","reference_id":"RHSA-2023:1883","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1883"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1884","reference_id":"RHSA-2023:1884","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1884"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1885","reference_id":"RHSA-2023:1885","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1885"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1889","reference_id":"RHSA-2023:1889","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1889"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1890","reference_id":"RHSA-2023:1890","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1890"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1891","reference_id":"RHSA-2023:1891","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1891"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1892","reference_id":"RHSA-2023:1892","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1892"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1895","reference_id":"RHSA-2023:1895","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1895"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1898","reference_id":"RHSA-2023:1898","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1898"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1899","reference_id":"RHSA-2023:1899","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1899"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1900","reference_id":"RHSA-2023:1900","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1900"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1903","reference_id":"RHSA-2023:1903","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1903"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1904","reference_id":"RHSA-2023:1904","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1904"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1905","reference_id":"RHSA-2023:1905","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1905"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1906","reference_id":"RHSA-2023:1906","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1906"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1907","reference_id":"RHSA-2023:1907","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1907"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1908","reference_id":"RHSA-2023:1908","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1908"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1909","reference_id":"RHSA-2023:1909","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1909"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1910","reference_id":"RHSA-2023:1910","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1910"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1911","reference_id":"RHSA-2023:1911","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1911"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1912","reference_id":"RHSA-2023:1912","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1912"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4103","reference_id":"RHSA-2023:4103","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4103"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4160","reference_id":"RHSA-2023:4160","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4160"},{"reference_url":"https://usn.ubuntu.com/6077-1/","reference_id":"USN-6077-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6077-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/326478?format=json","purl":"pkg:apk/alpine/openjdk8@8.372.07-r0?arch=armhf&distroversion=v3.22&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openjdk8@8.372.07-r0%3Farch=armhf&distroversion=v3.22&reponame=community"}],"aliases":["CVE-2023-21939"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zkty-xxxc-pyfu"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openjdk8@8.372.07-r0%3Farch=armhf&distroversion=v3.22&reponame=community"}