{"url":"http://public2.vulnerablecode.io/api/packages/354950?format=json","purl":"pkg:apk/alpine/openjdk17@17.0.10_p7-r0?arch=s390x&distroversion=v3.21&reponame=community","type":"apk","namespace":"alpine","name":"openjdk17","version":"17.0.10_p7-r0","qualifiers":{"arch":"s390x","distroversion":"v3.21","reponame":"community"},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":"17.0.11_p9-r0","latest_non_vulnerable_version":"17.0.18_p8-r0","affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/91464?format=json","vulnerability_id":"VCID-3mtb-zvse-pqdb","summary":"OpenJDK: arbitrary Java code execution in Nashorn (8314284)","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-20926.json","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-20926.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-20926","reference_id":"","reference_type":"","scores":[{"value":"0.00249","scoring_system":"epss","scoring_elements":"0.48368","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-20926"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20918","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20918"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20919","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20919"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20921","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20921"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20926","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20926"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20932","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20932"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20945","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20945"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20952","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20952"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2257850","reference_id":"2257850","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2257850"},{"reference_url":"https://security.gentoo.org/glsa/202412-07","reference_id":"GLSA-202412-07","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-07"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2024/01/msg00023.html","reference_id":"msg00023.html","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-15T16:03:46Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2024/01/msg00023.html"},{"reference_url":"https://security.netapp.com/advisory/ntap-20240201-0002/","reference_id":"ntap-20240201-0002","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-15T16:03:46Z/"}],"url":"https://security.netapp.com/advisory/ntap-20240201-0002/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0222","reference_id":"RHSA-2024:0222","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0222"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0223","reference_id":"RHSA-2024:0223","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0223"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0224","reference_id":"RHSA-2024:0224","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0224"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0225","reference_id":"RHSA-2024:0225","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0225"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0226","reference_id":"RHSA-2024:0226","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0226"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0228","reference_id":"RHSA-2024:0228","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0228"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0230","reference_id":"RHSA-2024:0230","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0230"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0231","reference_id":"RHSA-2024:0231","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0231"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0232","reference_id":"RHSA-2024:0232","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0232"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0233","reference_id":"RHSA-2024:0233","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0233"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0234","reference_id":"RHSA-2024:0234","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0234"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0235","reference_id":"RHSA-2024:0235","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0235"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0237","reference_id":"RHSA-2024:0237","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0237"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0239","reference_id":"RHSA-2024:0239","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0239"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0265","reference_id":"RHSA-2024:0265","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0265"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0266","reference_id":"RHSA-2024:0266","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0266"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1481","reference_id":"RHSA-2024:1481","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1481"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1482","reference_id":"RHSA-2024:1482","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1482"},{"reference_url":"https://usn.ubuntu.com/6660-1/","reference_id":"USN-6660-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6660-1/"},{"reference_url":"https://usn.ubuntu.com/6696-1/","reference_id":"USN-6696-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6696-1/"},{"reference_url":"https://usn.ubuntu.com/7096-1/","reference_id":"USN-7096-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7096-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/354950?format=json","purl":"pkg:apk/alpine/openjdk17@17.0.10_p7-r0?arch=s390x&distroversion=v3.21&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openjdk17@17.0.10_p7-r0%3Farch=s390x&distroversion=v3.21&reponame=community"}],"aliases":["CVE-2024-20926"],"risk_score":2.6,"exploitability":"0.5","weighted_severity":"5.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3mtb-zvse-pqdb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/46392?format=json","vulnerability_id":"VCID-e3cz-9mdx-cfhp","summary":"Java: DoS Vulnerability in JSON-JAVA\nA denial of service vulnerability in JSON-Java was discovered by [ClusterFuzz](https://google.github.io/clusterfuzz/).  A bug in the parser means that an input string of modest size can lead to indefinite amounts of memory being used. There are two issues: (1) the parser bug can be used to circumvent a check that is supposed to prevent the key in a JSON object from itself being another JSON object; (2) if a key does end up being a JSON object then it gets converted into a string, using `\\` to escape special characters, including `\\` itself. So by nesting JSON objects, with a key that is a JSON object that has a key that is a JSON object, and so on, we can get an exponential number of `\\` characters in the escaped string.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-5072.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-5072.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-5072","reference_id":"","reference_type":"","scores":[{"value":"0.00677","scoring_system":"epss","scoring_elements":"0.71955","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-5072"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5072","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5072"},{"reference_url":"https://github.com/stleary/JSON-java","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/stleary/JSON-java"},{"reference_url":"https://github.com/stleary/JSON-java/commit/60662e2f8384d3449822a3a1179bfe8de67b55bb","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/stleary/JSON-java/commit/60662e2f8384d3449822a3a1179bfe8de67b55bb"},{"reference_url":"https://github.com/stleary/JSON-java/issues/758","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-21T16:23:55Z/"}],"url":"https://github.com/stleary/JSON-java/issues/758"},{"reference_url":"https://github.com/stleary/JSON-java/issues/771","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-21T16:23:55Z/"}],"url":"https://github.com/stleary/JSON-java/issues/771"},{"reference_url":"https://github.com/stleary/JSON-java/pull/759","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/stleary/JSON-java/pull/759"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1053882","reference_id":"1053882","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1053882"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1053883","reference_id":"1053883","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1053883"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1053884","reference_id":"1053884","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1053884"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2246417","reference_id":"2246417","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2246417"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-5072","reference_id":"CVE-2023-5072","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-5072"},{"reference_url":"https://github.com/advisories/GHSA-4jq9-2xhw-jpx7","reference_id":"GHSA-4jq9-2xhw-jpx7","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-4jq9-2xhw-jpx7"},{"reference_url":"https://github.com/google/security-research/security/advisories/GHSA-4jq9-2xhw-jpx7","reference_id":"GHSA-4jq9-2xhw-jpx7","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/google/security-research/security/advisories/GHSA-4jq9-2xhw-jpx7"},{"reference_url":"https://security.netapp.com/advisory/ntap-20240621-0007/","reference_id":"ntap-20240621-0007","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-21T16:23:55Z/"}],"url":"https://security.netapp.com/advisory/ntap-20240621-0007/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7617","reference_id":"RHSA-2023:7617","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:7617"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7678","reference_id":"RHSA-2023:7678","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:7678"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7842","reference_id":"RHSA-2023:7842","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:7842"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7845","reference_id":"RHSA-2023:7845","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:7845"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0148","reference_id":"RHSA-2024:0148","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0148"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4271","reference_id":"RHSA-2024:4271","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4271"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/354950?format=json","purl":"pkg:apk/alpine/openjdk17@17.0.10_p7-r0?arch=s390x&distroversion=v3.21&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openjdk17@17.0.10_p7-r0%3Farch=s390x&distroversion=v3.21&reponame=community"}],"aliases":["CVE-2023-5072","GHSA-4jq9-2xhw-jpx7"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-e3cz-9mdx-cfhp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/275755?format=json","vulnerability_id":"VCID-hwmy-au3k-8yee","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-20955","reference_id":"","reference_type":"","scores":[{"value":"0.00508","scoring_system":"epss","scoring_elements":"0.66693","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-20955"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/354950?format=json","purl":"pkg:apk/alpine/openjdk17@17.0.10_p7-r0?arch=s390x&distroversion=v3.21&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openjdk17@17.0.10_p7-r0%3Farch=s390x&distroversion=v3.21&reponame=community"}],"aliases":["CVE-2024-20955"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hwmy-au3k-8yee"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/91452?format=json","vulnerability_id":"VCID-jua2-s4g6-v3h2","summary":"OpenJDK: incorrect handling of ZIP files with duplicate entries (8276123)","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-20932.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-20932.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-20932","reference_id":"","reference_type":"","scores":[{"value":"0.00131","scoring_system":"epss","scoring_elements":"0.32282","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-20932"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20918","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20918"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20919","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20919"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20921","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20921"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20926","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20926"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20932","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20932"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20945","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20945"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20952","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20952"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2257720","reference_id":"2257720","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2257720"},{"reference_url":"https://security.gentoo.org/glsa/202412-07","reference_id":"GLSA-202412-07","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-07"},{"reference_url":"https://security.netapp.com/advisory/ntap-20240201-0002/","reference_id":"ntap-20240201-0002","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-30T15:51:25Z/"}],"url":"https://security.netapp.com/advisory/ntap-20240201-0002/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0240","reference_id":"RHSA-2024:0240","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0240"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0241","reference_id":"RHSA-2024:0241","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0241"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0242","reference_id":"RHSA-2024:0242","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0242"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0244","reference_id":"RHSA-2024:0244","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0244"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0246","reference_id":"RHSA-2024:0246","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0246"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0267","reference_id":"RHSA-2024:0267","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0267"},{"reference_url":"https://usn.ubuntu.com/6661-1/","reference_id":"USN-6661-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6661-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/354950?format=json","purl":"pkg:apk/alpine/openjdk17@17.0.10_p7-r0?arch=s390x&distroversion=v3.21&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openjdk17@17.0.10_p7-r0%3Farch=s390x&distroversion=v3.21&reponame=community"}],"aliases":["CVE-2024-20932"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-jua2-s4g6-v3h2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/91468?format=json","vulnerability_id":"VCID-ka8g-1h5k-2qbj","summary":"OpenJDK: range check loop optimization issue (8314307)","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-20921.json","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-20921.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-20921","reference_id":"","reference_type":"","scores":[{"value":"0.0022","scoring_system":"epss","scoring_elements":"0.44728","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-20921"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20918","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20918"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20919","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20919"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20921","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20921"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20926","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20926"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20932","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20932"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20945","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20945"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20952","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20952"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2257859","reference_id":"2257859","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2257859"},{"reference_url":"https://security.gentoo.org/glsa/202412-07","reference_id":"GLSA-202412-07","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-07"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0222","reference_id":"RHSA-2024:0222","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0222"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0223","reference_id":"RHSA-2024:0223","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0223"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0224","reference_id":"RHSA-2024:0224","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0224"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0225","reference_id":"RHSA-2024:0225","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0225"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0226","reference_id":"RHSA-2024:0226","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0226"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0228","reference_id":"RHSA-2024:0228","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0228"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0230","reference_id":"RHSA-2024:0230","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0230"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0231","reference_id":"RHSA-2024:0231","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0231"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0232","reference_id":"RHSA-2024:0232","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0232"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0233","reference_id":"RHSA-2024:0233","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0233"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0234","reference_id":"RHSA-2024:0234","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0234"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0235","reference_id":"RHSA-2024:0235","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0235"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0237","reference_id":"RHSA-2024:0237","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0237"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0239","reference_id":"RHSA-2024:0239","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0239"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0240","reference_id":"RHSA-2024:0240","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0240"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0241","reference_id":"RHSA-2024:0241","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0241"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0242","reference_id":"RHSA-2024:0242","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0242"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0244","reference_id":"RHSA-2024:0244","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0244"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0246","reference_id":"RHSA-2024:0246","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0246"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0247","reference_id":"RHSA-2024:0247","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0247"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0248","reference_id":"RHSA-2024:0248","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0248"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0249","reference_id":"RHSA-2024:0249","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0249"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0250","reference_id":"RHSA-2024:0250","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0250"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0265","reference_id":"RHSA-2024:0265","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0265"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0266","reference_id":"RHSA-2024:0266","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0266"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0267","reference_id":"RHSA-2024:0267","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0267"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1481","reference_id":"RHSA-2024:1481","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1481"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1482","reference_id":"RHSA-2024:1482","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1482"},{"reference_url":"https://usn.ubuntu.com/6660-1/","reference_id":"USN-6660-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6660-1/"},{"reference_url":"https://usn.ubuntu.com/6661-1/","reference_id":"USN-6661-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6661-1/"},{"reference_url":"https://usn.ubuntu.com/6662-1/","reference_id":"USN-6662-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6662-1/"},{"reference_url":"https://usn.ubuntu.com/6696-1/","reference_id":"USN-6696-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6696-1/"},{"reference_url":"https://usn.ubuntu.com/7096-1/","reference_id":"USN-7096-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7096-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/354950?format=json","purl":"pkg:apk/alpine/openjdk17@17.0.10_p7-r0?arch=s390x&distroversion=v3.21&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openjdk17@17.0.10_p7-r0%3Farch=s390x&distroversion=v3.21&reponame=community"}],"aliases":["CVE-2024-20921"],"risk_score":2.6,"exploitability":"0.5","weighted_severity":"5.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ka8g-1h5k-2qbj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/91454?format=json","vulnerability_id":"VCID-kkk4-xqv1-gug4","summary":"OpenJDK: array out-of-bounds access due to missing range check in C1 compiler (8314468)","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-20918.json","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-20918.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-20918","reference_id":"","reference_type":"","scores":[{"value":"0.00235","scoring_system":"epss","scoring_elements":"0.46648","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-20918"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20918","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20918"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20919","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20919"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20921","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20921"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20926","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20926"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20932","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20932"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20945","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20945"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20952","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20952"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2257728","reference_id":"2257728","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2257728"},{"reference_url":"https://security.gentoo.org/glsa/202412-07","reference_id":"GLSA-202412-07","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-07"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2024/01/msg00023.html","reference_id":"msg00023.html","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-01-25T05:01:02Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2024/01/msg00023.html"},{"reference_url":"https://security.netapp.com/advisory/ntap-20240201-0002/","reference_id":"ntap-20240201-0002","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-01-25T05:01:02Z/"}],"url":"https://security.netapp.com/advisory/ntap-20240201-0002/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0222","reference_id":"RHSA-2024:0222","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0222"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0223","reference_id":"RHSA-2024:0223","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0223"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0224","reference_id":"RHSA-2024:0224","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0224"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0225","reference_id":"RHSA-2024:0225","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0225"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0226","reference_id":"RHSA-2024:0226","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0226"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0228","reference_id":"RHSA-2024:0228","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0228"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0230","reference_id":"RHSA-2024:0230","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0230"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0231","reference_id":"RHSA-2024:0231","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0231"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0232","reference_id":"RHSA-2024:0232","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0232"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0233","reference_id":"RHSA-2024:0233","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0233"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0234","reference_id":"RHSA-2024:0234","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0234"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0235","reference_id":"RHSA-2024:0235","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0235"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0237","reference_id":"RHSA-2024:0237","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0237"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0239","reference_id":"RHSA-2024:0239","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0239"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0240","reference_id":"RHSA-2024:0240","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0240"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0241","reference_id":"RHSA-2024:0241","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0241"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0242","reference_id":"RHSA-2024:0242","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0242"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0244","reference_id":"RHSA-2024:0244","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0244"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0246","reference_id":"RHSA-2024:0246","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0246"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0247","reference_id":"RHSA-2024:0247","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0247"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0248","reference_id":"RHSA-2024:0248","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0248"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0249","reference_id":"RHSA-2024:0249","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0249"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0250","reference_id":"RHSA-2024:0250","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0250"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0265","reference_id":"RHSA-2024:0265","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0265"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0266","reference_id":"RHSA-2024:0266","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0266"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0267","reference_id":"RHSA-2024:0267","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0267"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1481","reference_id":"RHSA-2024:1481","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1481"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1482","reference_id":"RHSA-2024:1482","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1482"},{"reference_url":"https://usn.ubuntu.com/6660-1/","reference_id":"USN-6660-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6660-1/"},{"reference_url":"https://usn.ubuntu.com/6661-1/","reference_id":"USN-6661-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6661-1/"},{"reference_url":"https://usn.ubuntu.com/6662-1/","reference_id":"USN-6662-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6662-1/"},{"reference_url":"https://usn.ubuntu.com/6696-1/","reference_id":"USN-6696-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6696-1/"},{"reference_url":"https://usn.ubuntu.com/7096-1/","reference_id":"USN-7096-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7096-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/354950?format=json","purl":"pkg:apk/alpine/openjdk17@17.0.10_p7-r0?arch=s390x&distroversion=v3.21&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openjdk17@17.0.10_p7-r0%3Farch=s390x&distroversion=v3.21&reponame=community"}],"aliases":["CVE-2024-20918"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-kkk4-xqv1-gug4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/91465?format=json","vulnerability_id":"VCID-t82y-9a1j-6few","summary":"OpenJDK: JVM class file verifier flaw allows unverified bytecode execution (8314295)","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-20919.json","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-20919.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-20919","reference_id":"","reference_type":"","scores":[{"value":"0.00156","scoring_system":"epss","scoring_elements":"0.3619","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-20919"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20918","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20918"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20919","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20919"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20921","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20921"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20926","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20926"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20932","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20932"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20945","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20945"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20952","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20952"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2257853","reference_id":"2257853","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2257853"},{"reference_url":"https://security.gentoo.org/glsa/202412-07","reference_id":"GLSA-202412-07","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-07"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0222","reference_id":"RHSA-2024:0222","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0222"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0223","reference_id":"RHSA-2024:0223","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0223"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0224","reference_id":"RHSA-2024:0224","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0224"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0225","reference_id":"RHSA-2024:0225","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0225"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0226","reference_id":"RHSA-2024:0226","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0226"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0228","reference_id":"RHSA-2024:0228","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0228"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0230","reference_id":"RHSA-2024:0230","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0230"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0231","reference_id":"RHSA-2024:0231","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0231"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0232","reference_id":"RHSA-2024:0232","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0232"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0233","reference_id":"RHSA-2024:0233","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0233"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0234","reference_id":"RHSA-2024:0234","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0234"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0235","reference_id":"RHSA-2024:0235","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0235"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0237","reference_id":"RHSA-2024:0237","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0237"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0239","reference_id":"RHSA-2024:0239","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0239"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0240","reference_id":"RHSA-2024:0240","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0240"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0241","reference_id":"RHSA-2024:0241","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0241"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0242","reference_id":"RHSA-2024:0242","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0242"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0244","reference_id":"RHSA-2024:0244","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0244"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0246","reference_id":"RHSA-2024:0246","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0246"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0247","reference_id":"RHSA-2024:0247","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0247"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0248","reference_id":"RHSA-2024:0248","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0248"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0249","reference_id":"RHSA-2024:0249","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0249"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0250","reference_id":"RHSA-2024:0250","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0250"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0265","reference_id":"RHSA-2024:0265","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0265"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0266","reference_id":"RHSA-2024:0266","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0266"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0267","reference_id":"RHSA-2024:0267","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0267"},{"reference_url":"https://usn.ubuntu.com/6660-1/","reference_id":"USN-6660-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6660-1/"},{"reference_url":"https://usn.ubuntu.com/6661-1/","reference_id":"USN-6661-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6661-1/"},{"reference_url":"https://usn.ubuntu.com/6662-1/","reference_id":"USN-6662-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6662-1/"},{"reference_url":"https://usn.ubuntu.com/6696-1/","reference_id":"USN-6696-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6696-1/"},{"reference_url":"https://usn.ubuntu.com/7096-1/","reference_id":"USN-7096-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7096-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/354950?format=json","purl":"pkg:apk/alpine/openjdk17@17.0.10_p7-r0?arch=s390x&distroversion=v3.21&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openjdk17@17.0.10_p7-r0%3Farch=s390x&distroversion=v3.21&reponame=community"}],"aliases":["CVE-2024-20919"],"risk_score":2.6,"exploitability":"0.5","weighted_severity":"5.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-t82y-9a1j-6few"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/91459?format=json","vulnerability_id":"VCID-xk5g-kcya-fycf","summary":"OpenJDK: RSA padding issue and timing side-channel attack against TLS (8317547)","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-20952.json","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-20952.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-20952","reference_id":"","reference_type":"","scores":[{"value":"0.00319","scoring_system":"epss","scoring_elements":"0.55353","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-20952"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20918","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20918"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20919","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20919"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20921","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20921"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20926","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20926"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20932","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20932"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20945","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20945"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20952","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20952"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2257837","reference_id":"2257837","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2257837"},{"reference_url":"https://security.gentoo.org/glsa/202412-07","reference_id":"GLSA-202412-07","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-07"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2024/01/msg00023.html","reference_id":"msg00023.html","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-01-25T05:01:04Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2024/01/msg00023.html"},{"reference_url":"https://security.netapp.com/advisory/ntap-20240201-0002/","reference_id":"ntap-20240201-0002","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-01-25T05:01:04Z/"}],"url":"https://security.netapp.com/advisory/ntap-20240201-0002/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0222","reference_id":"RHSA-2024:0222","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0222"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0223","reference_id":"RHSA-2024:0223","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0223"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0224","reference_id":"RHSA-2024:0224","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0224"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0225","reference_id":"RHSA-2024:0225","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0225"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0226","reference_id":"RHSA-2024:0226","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0226"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0228","reference_id":"RHSA-2024:0228","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0228"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0230","reference_id":"RHSA-2024:0230","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0230"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0231","reference_id":"RHSA-2024:0231","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0231"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0232","reference_id":"RHSA-2024:0232","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0232"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0233","reference_id":"RHSA-2024:0233","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0233"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0234","reference_id":"RHSA-2024:0234","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0234"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0235","reference_id":"RHSA-2024:0235","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0235"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0237","reference_id":"RHSA-2024:0237","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0237"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0239","reference_id":"RHSA-2024:0239","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0239"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0240","reference_id":"RHSA-2024:0240","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0240"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0241","reference_id":"RHSA-2024:0241","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0241"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0242","reference_id":"RHSA-2024:0242","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0242"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0244","reference_id":"RHSA-2024:0244","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0244"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0246","reference_id":"RHSA-2024:0246","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0246"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0247","reference_id":"RHSA-2024:0247","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0247"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0248","reference_id":"RHSA-2024:0248","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0248"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0249","reference_id":"RHSA-2024:0249","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0249"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0250","reference_id":"RHSA-2024:0250","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0250"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0265","reference_id":"RHSA-2024:0265","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0265"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0266","reference_id":"RHSA-2024:0266","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0266"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0267","reference_id":"RHSA-2024:0267","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0267"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1481","reference_id":"RHSA-2024:1481","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1481"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1482","reference_id":"RHSA-2024:1482","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1482"},{"reference_url":"https://usn.ubuntu.com/6660-1/","reference_id":"USN-6660-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6660-1/"},{"reference_url":"https://usn.ubuntu.com/6661-1/","reference_id":"USN-6661-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6661-1/"},{"reference_url":"https://usn.ubuntu.com/6662-1/","reference_id":"USN-6662-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6662-1/"},{"reference_url":"https://usn.ubuntu.com/6696-1/","reference_id":"USN-6696-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6696-1/"},{"reference_url":"https://usn.ubuntu.com/7096-1/","reference_id":"USN-7096-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7096-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/354950?format=json","purl":"pkg:apk/alpine/openjdk17@17.0.10_p7-r0?arch=s390x&distroversion=v3.21&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openjdk17@17.0.10_p7-r0%3Farch=s390x&distroversion=v3.21&reponame=community"}],"aliases":["CVE-2024-20952"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xk5g-kcya-fycf"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openjdk17@17.0.10_p7-r0%3Farch=s390x&distroversion=v3.21&reponame=community"}