Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/395748?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/395748?format=api", "purl": "pkg:apk/alpine/openjdk11@11.0.19_p7-r0?arch=x86_64&distroversion=v3.21&reponame=community", "type": "apk", "namespace": "alpine", "name": "openjdk11", "version": "11.0.19_p7-r0", "qualifiers": { "arch": "x86_64", "distroversion": "v3.21", "reponame": "community" }, "subpath": "", "is_vulnerable": false, "next_non_vulnerable_version": "11.0.20_p8-r0", "latest_non_vulnerable_version": "11.0.30_p7-r0", "affected_by_vulnerabilities": [], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96436?format=api", "vulnerability_id": "VCID-8fy5-u3g9-yuhy", "summary": "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Networking). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 3.7 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N).", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-21937.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-21937.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-21937", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00099", "scoring_system": "epss", "scoring_elements": "0.27159", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00099", "scoring_system": "epss", "scoring_elements": "0.27091", "published_at": "2026-06-09T12:55:00Z" }, { "value": "0.00099", "scoring_system": "epss", "scoring_elements": "0.27224", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00099", "scoring_system": "epss", "scoring_elements": "0.27171", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00099", "scoring_system": "epss", "scoring_elements": "0.27132", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00099", "scoring_system": "epss", "scoring_elements": "0.27082", "published_at": "2026-06-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-21937" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21930", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21930" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21937", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21937" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21938", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21938" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21939", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21939" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21954", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21954" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21967", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21967" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21968", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21968" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22006", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22006" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22036", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22036" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22041", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22041" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22045", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22045" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22049", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22049" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1035957", "reference_id": "1035957", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1035957" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036280", "reference_id": "1036280", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036280" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2187790", "reference_id": "2187790", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2187790" }, { "reference_url": "https://www.debian.org/security/2023/dsa-5430", "reference_id": "dsa-5430", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-17T13:34:57Z/" } ], "url": "https://www.debian.org/security/2023/dsa-5430" }, { "reference_url": "https://www.debian.org/security/2023/dsa-5478", "reference_id": "dsa-5478", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-17T13:34:57Z/" } ], "url": "https://www.debian.org/security/2023/dsa-5478" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00018.html", "reference_id": "msg00018.html", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-17T13:34:57Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00018.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20230427-0008/", "reference_id": "ntap-20230427-0008", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-17T13:34:57Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20230427-0008/" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20240621-0006/", "reference_id": "ntap-20240621-0006", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-17T13:34:57Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20240621-0006/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1875", "reference_id": "RHSA-2023:1875", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1875" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1877", "reference_id": "RHSA-2023:1877", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1877" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1878", "reference_id": "RHSA-2023:1878", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1878" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1879", "reference_id": "RHSA-2023:1879", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1879" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1880", "reference_id": "RHSA-2023:1880", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1880" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1882", "reference_id": "RHSA-2023:1882", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1882" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1883", "reference_id": "RHSA-2023:1883", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1883" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1884", "reference_id": "RHSA-2023:1884", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1884" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1885", "reference_id": "RHSA-2023:1885", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1885" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1889", "reference_id": "RHSA-2023:1889", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1889" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1890", "reference_id": "RHSA-2023:1890", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1890" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1891", "reference_id": "RHSA-2023:1891", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1891" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1892", "reference_id": "RHSA-2023:1892", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1892" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1895", "reference_id": "RHSA-2023:1895", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1895" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1898", "reference_id": "RHSA-2023:1898", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1898" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1899", "reference_id": "RHSA-2023:1899", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1899" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1900", "reference_id": "RHSA-2023:1900", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1900" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1903", "reference_id": "RHSA-2023:1903", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1903" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1904", "reference_id": "RHSA-2023:1904", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1904" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1905", "reference_id": "RHSA-2023:1905", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1905" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1906", "reference_id": "RHSA-2023:1906", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1906" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1907", "reference_id": "RHSA-2023:1907", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1907" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1908", "reference_id": "RHSA-2023:1908", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1908" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1909", "reference_id": "RHSA-2023:1909", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1909" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1910", "reference_id": "RHSA-2023:1910", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1910" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1911", "reference_id": "RHSA-2023:1911", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1911" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1912", "reference_id": "RHSA-2023:1912", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1912" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4103", "reference_id": "RHSA-2023:4103", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4103" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4160", "reference_id": "RHSA-2023:4160", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4160" }, { "reference_url": "https://usn.ubuntu.com/6077-1/", "reference_id": "USN-6077-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6077-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/395748?format=api", "purl": "pkg:apk/alpine/openjdk11@11.0.19_p7-r0?arch=x86_64&distroversion=v3.21&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openjdk11@11.0.19_p7-r0%3Farch=x86_64&distroversion=v3.21&reponame=community" } ], "aliases": [ "CVE-2023-21937" ], "risk_score": 1.6, "exploitability": "0.5", "weighted_severity": "3.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8fy5-u3g9-yuhy" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96440?format=api", "vulnerability_id": "VCID-eccq-rjg6-wfgd", "summary": "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H).", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-21967.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-21967.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-21967", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.23695", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.23681", "published_at": "2026-06-09T12:55:00Z" }, { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.2379", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.23776", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.2373", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.23676", "published_at": "2026-06-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-21967" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21930", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21930" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21937", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21937" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21938", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21938" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21939", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21939" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21954", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21954" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21967", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21967" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21968", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21968" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22006", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22006" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22036", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22036" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22041", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22041" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22045", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22045" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22049", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22049" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1035957", "reference_id": "1035957", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1035957" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036280", "reference_id": "1036280", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036280" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2187704", "reference_id": "2187704", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2187704" }, { "reference_url": "https://www.debian.org/security/2023/dsa-5430", "reference_id": "dsa-5430", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-17T13:34:32Z/" } ], "url": "https://www.debian.org/security/2023/dsa-5430" }, { "reference_url": "https://www.debian.org/security/2023/dsa-5478", "reference_id": "dsa-5478", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-17T13:34:32Z/" } ], "url": "https://www.debian.org/security/2023/dsa-5478" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00018.html", "reference_id": "msg00018.html", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-17T13:34:32Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00018.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20230427-0008/", "reference_id": "ntap-20230427-0008", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-17T13:34:32Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20230427-0008/" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20240621-0006/", "reference_id": "ntap-20240621-0006", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-17T13:34:32Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20240621-0006/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1875", "reference_id": "RHSA-2023:1875", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1875" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1877", "reference_id": "RHSA-2023:1877", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1877" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1878", "reference_id": "RHSA-2023:1878", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1878" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1879", "reference_id": "RHSA-2023:1879", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1879" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1880", "reference_id": "RHSA-2023:1880", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1880" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1882", "reference_id": "RHSA-2023:1882", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1882" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1883", "reference_id": "RHSA-2023:1883", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1883" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1884", "reference_id": "RHSA-2023:1884", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1884" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1885", "reference_id": "RHSA-2023:1885", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1885" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1889", "reference_id": "RHSA-2023:1889", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1889" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1890", "reference_id": "RHSA-2023:1890", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1890" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1891", "reference_id": "RHSA-2023:1891", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1891" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1892", "reference_id": "RHSA-2023:1892", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1892" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1895", "reference_id": "RHSA-2023:1895", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1895" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1898", "reference_id": "RHSA-2023:1898", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1898" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1899", "reference_id": "RHSA-2023:1899", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1899" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1900", "reference_id": "RHSA-2023:1900", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1900" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1903", "reference_id": "RHSA-2023:1903", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1903" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1904", "reference_id": "RHSA-2023:1904", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1904" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1905", "reference_id": "RHSA-2023:1905", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1905" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1906", "reference_id": "RHSA-2023:1906", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1906" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1907", "reference_id": "RHSA-2023:1907", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1907" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1908", "reference_id": "RHSA-2023:1908", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1908" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1909", "reference_id": "RHSA-2023:1909", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1909" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1910", "reference_id": "RHSA-2023:1910", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1910" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1911", "reference_id": "RHSA-2023:1911", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1911" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1912", "reference_id": "RHSA-2023:1912", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1912" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4103", "reference_id": "RHSA-2023:4103", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4103" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4160", "reference_id": "RHSA-2023:4160", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4160" }, { "reference_url": "https://usn.ubuntu.com/6077-1/", "reference_id": "USN-6077-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6077-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/395748?format=api", "purl": "pkg:apk/alpine/openjdk11@11.0.19_p7-r0?arch=x86_64&distroversion=v3.21&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openjdk11@11.0.19_p7-r0%3Farch=x86_64&distroversion=v3.21&reponame=community" } ], "aliases": [ "CVE-2023-21967" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-eccq-rjg6-wfgd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96435?format=api", "vulnerability_id": "VCID-h698-fsc4-wydx", "summary": "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via TLS to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data as well as unauthorized access to critical data or complete access to all Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 7.4 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N).", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-21930.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-21930.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-21930", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00174", "scoring_system": "epss", "scoring_elements": "0.38523", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00174", "scoring_system": "epss", "scoring_elements": "0.38568", "published_at": "2026-06-09T12:55:00Z" }, { "value": "0.00174", "scoring_system": "epss", "scoring_elements": "0.38612", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00174", "scoring_system": "epss", "scoring_elements": "0.38615", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00174", "scoring_system": "epss", "scoring_elements": "0.38587", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00174", "scoring_system": "epss", "scoring_elements": "0.38559", "published_at": "2026-06-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-21930" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21930", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21930" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21937", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21937" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21938", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21938" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21939", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21939" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21954", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21954" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21967", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21967" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21968", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21968" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22006", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22006" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22036", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22036" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22041", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22041" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22045", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22045" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22049", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22049" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1035957", "reference_id": "1035957", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1035957" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036280", "reference_id": "1036280", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036280" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2187435", "reference_id": "2187435", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2187435" }, { "reference_url": "https://www.debian.org/security/2023/dsa-5430", "reference_id": "dsa-5430", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-22T19:44:31Z/" } ], "url": "https://www.debian.org/security/2023/dsa-5430" }, { "reference_url": "https://www.debian.org/security/2023/dsa-5478", "reference_id": "dsa-5478", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-22T19:44:31Z/" } ], "url": "https://www.debian.org/security/2023/dsa-5478" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00018.html", "reference_id": "msg00018.html", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-22T19:44:31Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00018.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20230427-0008/", "reference_id": "ntap-20230427-0008", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-22T19:44:31Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20230427-0008/" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20240621-0006/", "reference_id": "ntap-20240621-0006", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-22T19:44:31Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20240621-0006/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1875", "reference_id": "RHSA-2023:1875", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1875" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1877", "reference_id": "RHSA-2023:1877", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1877" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1878", "reference_id": "RHSA-2023:1878", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1878" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1879", "reference_id": "RHSA-2023:1879", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1879" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1880", "reference_id": "RHSA-2023:1880", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1880" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1882", "reference_id": "RHSA-2023:1882", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1882" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1883", "reference_id": "RHSA-2023:1883", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1883" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1884", "reference_id": "RHSA-2023:1884", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1884" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1885", "reference_id": "RHSA-2023:1885", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1885" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1889", "reference_id": "RHSA-2023:1889", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1889" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1890", "reference_id": "RHSA-2023:1890", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1890" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1891", "reference_id": "RHSA-2023:1891", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1891" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1892", "reference_id": "RHSA-2023:1892", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1892" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1895", "reference_id": "RHSA-2023:1895", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1895" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1898", "reference_id": "RHSA-2023:1898", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1898" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1899", "reference_id": "RHSA-2023:1899", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1899" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1900", "reference_id": "RHSA-2023:1900", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1900" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1903", "reference_id": "RHSA-2023:1903", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1903" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1904", "reference_id": "RHSA-2023:1904", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1904" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1905", "reference_id": "RHSA-2023:1905", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1905" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1906", "reference_id": "RHSA-2023:1906", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1906" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1907", "reference_id": "RHSA-2023:1907", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1907" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1908", "reference_id": "RHSA-2023:1908", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1908" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1909", "reference_id": "RHSA-2023:1909", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1909" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1910", "reference_id": "RHSA-2023:1910", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1910" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1911", "reference_id": "RHSA-2023:1911", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1911" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1912", "reference_id": "RHSA-2023:1912", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1912" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4103", "reference_id": "RHSA-2023:4103", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4103" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4160", "reference_id": "RHSA-2023:4160", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4160" }, { "reference_url": "https://usn.ubuntu.com/6077-1/", "reference_id": "USN-6077-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6077-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/395748?format=api", "purl": "pkg:apk/alpine/openjdk11@11.0.19_p7-r0?arch=x86_64&distroversion=v3.21&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openjdk11@11.0.19_p7-r0%3Farch=x86_64&distroversion=v3.21&reponame=community" } ], "aliases": [ "CVE-2023-21930" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.7", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-h698-fsc4-wydx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96437?format=api", "vulnerability_id": "VCID-w6dm-mezz-k7hg", "summary": "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.8, 21.3.4 and 22.3.0. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.1 Base Score 3.7 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N).", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-21938.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-21938.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-21938", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00099", "scoring_system": "epss", "scoring_elements": "0.27159", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00099", "scoring_system": "epss", "scoring_elements": "0.27091", "published_at": "2026-06-09T12:55:00Z" }, { "value": "0.00099", "scoring_system": "epss", "scoring_elements": "0.27224", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00099", "scoring_system": "epss", "scoring_elements": "0.27171", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00099", "scoring_system": "epss", "scoring_elements": "0.27132", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00099", "scoring_system": "epss", "scoring_elements": "0.27082", "published_at": "2026-06-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-21938" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21930", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21930" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21937", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21937" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21938", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21938" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21939", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21939" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21954", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21954" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21967", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21967" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21968", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21968" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22006", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22006" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22036", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22036" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22041", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22041" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22045", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22045" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22049", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22049" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1035957", "reference_id": "1035957", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1035957" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036280", "reference_id": "1036280", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036280" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2187758", "reference_id": "2187758", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2187758" }, { "reference_url": "https://www.debian.org/security/2023/dsa-5430", "reference_id": "dsa-5430", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-16T14:39:35Z/" } ], "url": "https://www.debian.org/security/2023/dsa-5430" }, { "reference_url": "https://www.debian.org/security/2023/dsa-5478", "reference_id": "dsa-5478", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-16T14:39:35Z/" } ], "url": "https://www.debian.org/security/2023/dsa-5478" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00018.html", "reference_id": "msg00018.html", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-16T14:39:35Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00018.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20230427-0008/", "reference_id": "ntap-20230427-0008", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-16T14:39:35Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20230427-0008/" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20240621-0006/", "reference_id": "ntap-20240621-0006", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-16T14:39:35Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20240621-0006/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1875", "reference_id": "RHSA-2023:1875", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1875" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1877", "reference_id": "RHSA-2023:1877", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1877" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1878", "reference_id": "RHSA-2023:1878", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1878" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1879", "reference_id": "RHSA-2023:1879", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1879" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1880", "reference_id": "RHSA-2023:1880", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1880" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1882", "reference_id": "RHSA-2023:1882", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1882" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1883", "reference_id": "RHSA-2023:1883", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1883" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1884", "reference_id": "RHSA-2023:1884", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1884" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1885", "reference_id": "RHSA-2023:1885", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1885" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1889", "reference_id": "RHSA-2023:1889", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1889" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1890", "reference_id": "RHSA-2023:1890", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1890" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1891", "reference_id": "RHSA-2023:1891", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1891" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1892", "reference_id": "RHSA-2023:1892", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1892" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1895", "reference_id": "RHSA-2023:1895", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1895" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1898", "reference_id": "RHSA-2023:1898", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1898" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1899", "reference_id": "RHSA-2023:1899", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1899" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1900", "reference_id": "RHSA-2023:1900", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1900" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1903", "reference_id": "RHSA-2023:1903", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1903" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1904", "reference_id": "RHSA-2023:1904", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1904" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1905", "reference_id": "RHSA-2023:1905", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1905" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1906", "reference_id": "RHSA-2023:1906", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1906" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1907", "reference_id": "RHSA-2023:1907", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1907" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1908", "reference_id": "RHSA-2023:1908", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1908" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1909", "reference_id": "RHSA-2023:1909", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1909" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1910", "reference_id": "RHSA-2023:1910", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1910" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1911", "reference_id": "RHSA-2023:1911", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1911" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1912", "reference_id": "RHSA-2023:1912", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1912" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4103", "reference_id": "RHSA-2023:4103", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4103" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4160", "reference_id": "RHSA-2023:4160", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4160" }, { "reference_url": "https://usn.ubuntu.com/6077-1/", "reference_id": "USN-6077-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6077-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/395748?format=api", "purl": "pkg:apk/alpine/openjdk11@11.0.19_p7-r0?arch=x86_64&distroversion=v3.21&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openjdk11@11.0.19_p7-r0%3Farch=x86_64&distroversion=v3.21&reponame=community" } ], "aliases": [ "CVE-2023-21938" ], "risk_score": 1.6, "exploitability": "0.5", "weighted_severity": "3.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-w6dm-mezz-k7hg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96441?format=api", "vulnerability_id": "VCID-ybu5-news-1ybw", "summary": "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 3.7 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N).", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-21968.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-21968.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-21968", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00072", "scoring_system": "epss", "scoring_elements": "0.21977", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00072", "scoring_system": "epss", "scoring_elements": "0.21951", "published_at": "2026-06-09T12:55:00Z" }, { "value": "0.00072", "scoring_system": "epss", "scoring_elements": "0.2206", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00072", "scoring_system": "epss", "scoring_elements": "0.22046", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00072", "scoring_system": "epss", "scoring_elements": "0.21998", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00072", "scoring_system": "epss", "scoring_elements": "0.21941", "published_at": "2026-06-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-21968" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21930", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21930" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21937", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21937" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21938", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21938" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21939", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21939" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21954", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21954" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21967", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21967" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21968", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21968" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22006", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22006" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22036", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22036" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22041", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22041" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22045", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22045" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22049", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22049" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1035957", "reference_id": "1035957", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1035957" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036280", "reference_id": "1036280", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036280" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2187802", "reference_id": "2187802", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2187802" }, { "reference_url": "https://www.debian.org/security/2023/dsa-5430", "reference_id": "dsa-5430", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2023-11-30T19:25:47Z/" } ], "url": "https://www.debian.org/security/2023/dsa-5430" }, { "reference_url": "https://www.debian.org/security/2023/dsa-5478", "reference_id": "dsa-5478", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2023-11-30T19:25:47Z/" } ], "url": "https://www.debian.org/security/2023/dsa-5478" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00018.html", "reference_id": "msg00018.html", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2023-11-30T19:25:47Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00018.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20230427-0008/", "reference_id": "ntap-20230427-0008", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2023-11-30T19:25:47Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20230427-0008/" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20240621-0006/", "reference_id": "ntap-20240621-0006", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2023-11-30T19:25:47Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20240621-0006/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1875", "reference_id": "RHSA-2023:1875", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1875" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1877", "reference_id": "RHSA-2023:1877", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1877" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1878", "reference_id": "RHSA-2023:1878", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1878" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1879", "reference_id": "RHSA-2023:1879", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1879" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1880", "reference_id": "RHSA-2023:1880", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1880" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1882", "reference_id": "RHSA-2023:1882", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1882" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1883", "reference_id": "RHSA-2023:1883", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1883" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1884", "reference_id": "RHSA-2023:1884", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1884" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1885", "reference_id": "RHSA-2023:1885", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1885" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1889", "reference_id": "RHSA-2023:1889", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1889" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1890", "reference_id": "RHSA-2023:1890", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1890" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1891", "reference_id": "RHSA-2023:1891", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1891" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1892", "reference_id": "RHSA-2023:1892", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1892" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1895", "reference_id": "RHSA-2023:1895", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1895" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1898", "reference_id": "RHSA-2023:1898", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1898" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1899", "reference_id": "RHSA-2023:1899", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1899" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1900", "reference_id": "RHSA-2023:1900", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1900" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1903", "reference_id": "RHSA-2023:1903", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1903" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1904", "reference_id": "RHSA-2023:1904", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1904" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1905", "reference_id": "RHSA-2023:1905", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1905" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1906", "reference_id": "RHSA-2023:1906", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1906" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1907", "reference_id": "RHSA-2023:1907", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1907" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1908", "reference_id": "RHSA-2023:1908", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1908" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1909", "reference_id": "RHSA-2023:1909", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1909" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1910", "reference_id": "RHSA-2023:1910", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1910" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1911", "reference_id": "RHSA-2023:1911", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1911" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1912", "reference_id": "RHSA-2023:1912", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1912" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4103", "reference_id": "RHSA-2023:4103", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4103" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4160", "reference_id": "RHSA-2023:4160", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4160" }, { "reference_url": "https://usn.ubuntu.com/6077-1/", "reference_id": "USN-6077-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6077-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/395748?format=api", "purl": "pkg:apk/alpine/openjdk11@11.0.19_p7-r0?arch=x86_64&distroversion=v3.21&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openjdk11@11.0.19_p7-r0%3Farch=x86_64&distroversion=v3.21&reponame=community" } ], "aliases": [ "CVE-2023-21968" ], "risk_score": 1.6, "exploitability": "0.5", "weighted_severity": "3.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ybu5-news-1ybw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96439?format=api", "vulnerability_id": "VCID-zjr6-vskg-u3ax", "summary": "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.9 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N).", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-21954.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-21954.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-21954", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00056", "scoring_system": "epss", "scoring_elements": "0.17708", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00056", "scoring_system": "epss", "scoring_elements": "0.17691", "published_at": "2026-06-09T12:55:00Z" }, { "value": "0.00056", "scoring_system": "epss", "scoring_elements": "0.17786", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00056", "scoring_system": "epss", "scoring_elements": "0.17781", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00056", "scoring_system": "epss", "scoring_elements": "0.17748", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00056", "scoring_system": "epss", "scoring_elements": "0.17673", "published_at": "2026-06-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-21954" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21930", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21930" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21937", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21937" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21938", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21938" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21939", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21939" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21954", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21954" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21967", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21967" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21968", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21968" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22006", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22006" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22036", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22036" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22041", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22041" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22045", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22045" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22049", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22049" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1035957", "reference_id": "1035957", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1035957" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036280", "reference_id": "1036280", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036280" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2187441", "reference_id": "2187441", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2187441" }, { "reference_url": "https://www.debian.org/security/2023/dsa-5430", "reference_id": "dsa-5430", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-16T14:39:04Z/" } ], "url": "https://www.debian.org/security/2023/dsa-5430" }, { "reference_url": "https://www.debian.org/security/2023/dsa-5478", "reference_id": "dsa-5478", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-16T14:39:04Z/" } ], "url": "https://www.debian.org/security/2023/dsa-5478" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00018.html", "reference_id": "msg00018.html", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-16T14:39:04Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00018.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20230427-0008/", "reference_id": "ntap-20230427-0008", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-16T14:39:04Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20230427-0008/" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20240621-0006/", "reference_id": "ntap-20240621-0006", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-16T14:39:04Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20240621-0006/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1875", "reference_id": "RHSA-2023:1875", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1875" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1877", "reference_id": "RHSA-2023:1877", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1877" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1878", "reference_id": "RHSA-2023:1878", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1878" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1879", "reference_id": "RHSA-2023:1879", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1879" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1880", "reference_id": "RHSA-2023:1880", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1880" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1882", "reference_id": "RHSA-2023:1882", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1882" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1883", "reference_id": "RHSA-2023:1883", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1883" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1884", "reference_id": "RHSA-2023:1884", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1884" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1885", "reference_id": "RHSA-2023:1885", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1885" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1889", "reference_id": "RHSA-2023:1889", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1889" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1890", "reference_id": "RHSA-2023:1890", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1890" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1891", "reference_id": "RHSA-2023:1891", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1891" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1892", "reference_id": "RHSA-2023:1892", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1892" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1895", "reference_id": "RHSA-2023:1895", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1895" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1898", "reference_id": "RHSA-2023:1898", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1898" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1899", "reference_id": "RHSA-2023:1899", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1899" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1900", "reference_id": "RHSA-2023:1900", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1900" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1903", "reference_id": "RHSA-2023:1903", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1903" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1904", "reference_id": "RHSA-2023:1904", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1904" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1905", "reference_id": "RHSA-2023:1905", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1905" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1906", "reference_id": "RHSA-2023:1906", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1906" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1907", "reference_id": "RHSA-2023:1907", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1907" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1908", "reference_id": "RHSA-2023:1908", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1908" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1909", "reference_id": "RHSA-2023:1909", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1909" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1910", "reference_id": "RHSA-2023:1910", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1910" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1911", "reference_id": "RHSA-2023:1911", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1911" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1912", "reference_id": "RHSA-2023:1912", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1912" }, { "reference_url": "https://usn.ubuntu.com/6077-1/", "reference_id": "USN-6077-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6077-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/395748?format=api", "purl": "pkg:apk/alpine/openjdk11@11.0.19_p7-r0?arch=x86_64&distroversion=v3.21&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openjdk11@11.0.19_p7-r0%3Farch=x86_64&distroversion=v3.21&reponame=community" } ], "aliases": [ "CVE-2023-21954" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zjr6-vskg-u3ax" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96438?format=api", "vulnerability_id": "VCID-zkty-xxxc-pyfu", "summary": "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Swing). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N).", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-21939.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-21939.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-21939", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01156", "scoring_system": "epss", "scoring_elements": "0.78914", "published_at": "2026-06-09T12:55:00Z" }, { "value": "0.01156", "scoring_system": "epss", "scoring_elements": "0.78896", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.02108", "scoring_system": "epss", "scoring_elements": "0.84434", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.02108", "scoring_system": "epss", "scoring_elements": "0.84415", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.02108", "scoring_system": "epss", "scoring_elements": "0.84438", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.02108", "scoring_system": "epss", "scoring_elements": "0.84441", "published_at": "2026-06-06T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-21939" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21930", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21930" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21937", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21937" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21938", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21938" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21939", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21939" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21954", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21954" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21967", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21967" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21968", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21968" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22006", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22006" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22036", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22036" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22041", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22041" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22045", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22045" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22049", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22049" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1035957", "reference_id": "1035957", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1035957" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036280", "reference_id": "1036280", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036280" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2187724", "reference_id": "2187724", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2187724" }, { "reference_url": "https://www.debian.org/security/2023/dsa-5430", "reference_id": "dsa-5430", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-05T19:26:29Z/" } ], "url": "https://www.debian.org/security/2023/dsa-5430" }, { "reference_url": "https://www.debian.org/security/2023/dsa-5478", "reference_id": "dsa-5478", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-05T19:26:29Z/" } ], "url": "https://www.debian.org/security/2023/dsa-5478" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00018.html", "reference_id": "msg00018.html", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-05T19:26:29Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00018.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20230427-0008/", "reference_id": "ntap-20230427-0008", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-05T19:26:29Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20230427-0008/" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20240621-0006/", "reference_id": "ntap-20240621-0006", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-05T19:26:29Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20240621-0006/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1875", "reference_id": "RHSA-2023:1875", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1875" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1877", "reference_id": "RHSA-2023:1877", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1877" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1878", "reference_id": "RHSA-2023:1878", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1878" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1879", "reference_id": "RHSA-2023:1879", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1879" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1880", "reference_id": "RHSA-2023:1880", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1880" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1882", "reference_id": "RHSA-2023:1882", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1882" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1883", "reference_id": "RHSA-2023:1883", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1883" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1884", "reference_id": "RHSA-2023:1884", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1884" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1885", "reference_id": "RHSA-2023:1885", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1885" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1889", "reference_id": "RHSA-2023:1889", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1889" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1890", "reference_id": "RHSA-2023:1890", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1890" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1891", "reference_id": "RHSA-2023:1891", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1891" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1892", "reference_id": "RHSA-2023:1892", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1892" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1895", "reference_id": "RHSA-2023:1895", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1895" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1898", "reference_id": "RHSA-2023:1898", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1898" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1899", "reference_id": "RHSA-2023:1899", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1899" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1900", "reference_id": "RHSA-2023:1900", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1900" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1903", "reference_id": "RHSA-2023:1903", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1903" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1904", "reference_id": "RHSA-2023:1904", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1904" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1905", "reference_id": "RHSA-2023:1905", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1905" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1906", "reference_id": "RHSA-2023:1906", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1906" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1907", "reference_id": "RHSA-2023:1907", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1907" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1908", "reference_id": "RHSA-2023:1908", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1908" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1909", "reference_id": "RHSA-2023:1909", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1909" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1910", "reference_id": "RHSA-2023:1910", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1910" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1911", "reference_id": "RHSA-2023:1911", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1911" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1912", "reference_id": "RHSA-2023:1912", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1912" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4103", "reference_id": "RHSA-2023:4103", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4103" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4160", "reference_id": "RHSA-2023:4160", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4160" }, { "reference_url": "https://usn.ubuntu.com/6077-1/", "reference_id": "USN-6077-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6077-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/395748?format=api", "purl": "pkg:apk/alpine/openjdk11@11.0.19_p7-r0?arch=x86_64&distroversion=v3.21&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openjdk11@11.0.19_p7-r0%3Farch=x86_64&distroversion=v3.21&reponame=community" } ], "aliases": [ "CVE-2023-21939" ], "risk_score": 2.4, "exploitability": "0.5", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zkty-xxxc-pyfu" } ], "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openjdk11@11.0.19_p7-r0%3Farch=x86_64&distroversion=v3.21&reponame=community" }