{"url":"http://public2.vulnerablecode.io/api/packages/404377?format=json","purl":"pkg:apk/alpine/openjdk7@7.221.2.6.18-r0?arch=s390x&distroversion=v3.11&reponame=community","type":"apk","namespace":"alpine","name":"openjdk7","version":"7.221.2.6.18-r0","qualifiers":{"arch":"s390x","distroversion":"v3.11","reponame":"community"},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":"7.231.2.6.19-r0","latest_non_vulnerable_version":"7.281.2.6.24-r0","affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/96341?format=json","vulnerability_id":"VCID-ep5h-8stb-bkge","summary":"Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 7u211, 8u202, 11.0.2 and 12; Java SE Embedded: 8u201. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Java SE, Java SE Embedded. Note: This vulnerability can only be exploited by supplying data to APIs in the specified Component without using Untrusted Java Web Start applications or Untrusted Java applets, such as through a web service. CVSS 3.0 Base Score 7.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H).","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-2602.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-2602.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-2602","reference_id":"","reference_type":"","scores":[{"value":"0.00233","scoring_system":"epss","scoring_elements":"0.46313","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00233","scoring_system":"epss","scoring_elements":"0.46297","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00233","scoring_system":"epss","scoring_elements":"0.46287","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00233","scoring_system":"epss","scoring_elements":"0.46331","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00233","scoring_system":"epss","scoring_elements":"0.46333","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00233","scoring_system":"epss","scoring_elements":"0.46264","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-2602"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2602","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2602"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2684","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2684"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2698","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2698"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1700440","reference_id":"1700440","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1700440"},{"reference_url":"https://usn.ubuntu.com/3975-1/","reference_id":"3975-1","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-02T15:53:10Z/"}],"url":"https://usn.ubuntu.com/3975-1/"},{"reference_url":"https://seclists.org/bugtraq/2019/May/75","reference_id":"75","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-02T15:53:10Z/"}],"url":"https://seclists.org/bugtraq/2019/May/75"},{"reference_url":"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03959en_us","reference_id":"display?docLocale=en_US&docId=emr_na-hpesbst03959en_us","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-02T15:53:10Z/"}],"url":"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03959en_us"},{"reference_url":"https://www.debian.org/security/2019/dsa-4453","reference_id":"dsa-4453","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-02T15:53:10Z/"}],"url":"https://www.debian.org/security/2019/dsa-4453"},{"reference_url":"https://security.gentoo.org/glsa/201908-10","reference_id":"GLSA-201908-10","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-02T15:53:10Z/"}],"url":"https://security.gentoo.org/glsa/201908-10"},{"reference_url":"https://kc.mcafee.com/corporate/index?page=content&id=SB10285","reference_id":"index?page=content&id=SB10285","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-02T15:53:10Z/"}],"url":"https://kc.mcafee.com/corporate/index?page=content&id=SB10285"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00007.html","reference_id":"msg00007.html","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-02T15:53:10Z/"}],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00007.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2019/05/msg00011.html","reference_id":"msg00011.html","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-02T15:53:10Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2019/05/msg00011.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00013.html","reference_id":"msg00013.html","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-02T15:53:10Z/"}],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00013.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00058.html","reference_id":"msg00058.html","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-02T15:53:10Z/"}],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00058.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00059.html","reference_id":"msg00059.html","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-02T15:53:10Z/"}],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00059.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:0774","reference_id":"RHSA-2019:0774","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:0774"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:0775","reference_id":"RHSA-2019:0775","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:0775"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:0778","reference_id":"RHSA-2019:0778","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:0778"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:0790","reference_id":"RHSA-2019:0790","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:0790"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:0791","reference_id":"RHSA-2019:0791","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:0791"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:1146","reference_id":"RHSA-2019:1146","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-02T15:53:10Z/"}],"url":"https://access.redhat.com/errata/RHSA-2019:1146"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:1163","reference_id":"RHSA-2019:1163","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-02T15:53:10Z/"}],"url":"https://access.redhat.com/errata/RHSA-2019:1163"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:1164","reference_id":"RHSA-2019:1164","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-02T15:53:10Z/"}],"url":"https://access.redhat.com/errata/RHSA-2019:1164"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:1165","reference_id":"RHSA-2019:1165","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-02T15:53:10Z/"}],"url":"https://access.redhat.com/errata/RHSA-2019:1165"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:1166","reference_id":"RHSA-2019:1166","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-02T15:53:10Z/"}],"url":"https://access.redhat.com/errata/RHSA-2019:1166"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:1238","reference_id":"RHSA-2019:1238","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-02T15:53:10Z/"}],"url":"https://access.redhat.com/errata/RHSA-2019:1238"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:1325","reference_id":"RHSA-2019:1325","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-02T15:53:10Z/"}],"url":"https://access.redhat.com/errata/RHSA-2019:1325"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:1518","reference_id":"RHSA-2019:1518","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-02T15:53:10Z/"}],"url":"https://access.redhat.com/errata/RHSA-2019:1518"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/404377?format=json","purl":"pkg:apk/alpine/openjdk7@7.221.2.6.18-r0?arch=s390x&distroversion=v3.11&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openjdk7@7.221.2.6.18-r0%3Farch=s390x&distroversion=v3.11&reponame=community"}],"aliases":["CVE-2019-2602"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ep5h-8stb-bkge"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/96342?format=json","vulnerability_id":"VCID-mg92-y18j-q7e2","summary":"Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: RMI). Supported versions that are affected are Java SE: 7u211, 8u202, 11.0.2 and 12; Java SE Embedded: 8u201. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Java SE, Java SE Embedded accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.0 Base Score 5.9 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N).","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-2684.json","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-2684.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-2684","reference_id":"","reference_type":"","scores":[{"value":"0.01264","scoring_system":"epss","scoring_elements":"0.79794","published_at":"2026-06-08T12:55:00Z"},{"value":"0.01264","scoring_system":"epss","scoring_elements":"0.79813","published_at":"2026-06-09T12:55:00Z"},{"value":"0.01264","scoring_system":"epss","scoring_elements":"0.7981","published_at":"2026-06-06T12:55:00Z"},{"value":"0.01264","scoring_system":"epss","scoring_elements":"0.79805","published_at":"2026-06-07T12:55:00Z"},{"value":"0.01264","scoring_system":"epss","scoring_elements":"0.79779","published_at":"2026-06-04T12:55:00Z"},{"value":"0.01264","scoring_system":"epss","scoring_elements":"0.79804","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-2684"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2602","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2602"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2684","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2684"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2698","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2698"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1700564","reference_id":"1700564","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1700564"},{"reference_url":"https://lists.apache.org/thread.html/38a01302c92ae513910d8c851a2d111736565bd698be4e3af3e4c063%40%3Cdev.tomcat.apache.org%3E","reference_id":"38a01302c92ae513910d8c851a2d111736565bd698be4e3af3e4c063%40%3Cdev.tomcat.apache.org%3E","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-02T13:59:32Z/"}],"url":"https://lists.apache.org/thread.html/38a01302c92ae513910d8c851a2d111736565bd698be4e3af3e4c063%40%3Cdev.tomcat.apache.org%3E"},{"reference_url":"https://usn.ubuntu.com/3975-1/","reference_id":"3975-1","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-02T13:59:32Z/"}],"url":"https://usn.ubuntu.com/3975-1/"},{"reference_url":"http://www.openwall.com/lists/oss-security/2020/09/01/4","reference_id":"4","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-02T13:59:32Z/"}],"url":"http://www.openwall.com/lists/oss-security/2020/09/01/4"},{"reference_url":"https://lists.apache.org/thread.html/71bd3e4e222479c266eaafc8d0c171ef5782a69b52f68df11b650ed7%40%3Cusers.tomcat.apache.org%3E","reference_id":"71bd3e4e222479c266eaafc8d0c171ef5782a69b52f68df11b650ed7%40%3Cusers.tomcat.apache.org%3E","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-02T13:59:32Z/"}],"url":"https://lists.apache.org/thread.html/71bd3e4e222479c266eaafc8d0c171ef5782a69b52f68df11b650ed7%40%3Cusers.tomcat.apache.org%3E"},{"reference_url":"https://seclists.org/bugtraq/2019/May/75","reference_id":"75","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-02T13:59:32Z/"}],"url":"https://seclists.org/bugtraq/2019/May/75"},{"reference_url":"https://lists.apache.org/thread.html/c58d6c3b49c615916b163809f963a55421cac2264885739508e68108%40%3Cannounce.apache.org%3E","reference_id":"c58d6c3b49c615916b163809f963a55421cac2264885739508e68108%40%3Cannounce.apache.org%3E","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-02T13:59:32Z/"}],"url":"https://lists.apache.org/thread.html/c58d6c3b49c615916b163809f963a55421cac2264885739508e68108%40%3Cannounce.apache.org%3E"},{"reference_url":"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03959en_us","reference_id":"display?docLocale=en_US&docId=emr_na-hpesbst03959en_us","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-02T13:59:32Z/"}],"url":"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03959en_us"},{"reference_url":"https://www.debian.org/security/2019/dsa-4453","reference_id":"dsa-4453","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-02T13:59:32Z/"}],"url":"https://www.debian.org/security/2019/dsa-4453"},{"reference_url":"https://lists.apache.org/thread.html/f7f54b4888060d99f59993f006e25005a2b58db0c07ff866bdcd6f17%40%3Cdev.tomcat.apache.org%3E","reference_id":"f7f54b4888060d99f59993f006e25005a2b58db0c07ff866bdcd6f17%40%3Cdev.tomcat.apache.org%3E","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-02T13:59:32Z/"}],"url":"https://lists.apache.org/thread.html/f7f54b4888060d99f59993f006e25005a2b58db0c07ff866bdcd6f17%40%3Cdev.tomcat.apache.org%3E"},{"reference_url":"https://security.gentoo.org/glsa/201908-10","reference_id":"GLSA-201908-10","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-02T13:59:32Z/"}],"url":"https://security.gentoo.org/glsa/201908-10"},{"reference_url":"https://support.f5.com/csp/article/K11175903?utm_source=f5support&amp%3Butm_medium=RSS","reference_id":"K11175903?utm_source=f5support&amp%3Butm_medium=RSS","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-02T13:59:32Z/"}],"url":"https://support.f5.com/csp/article/K11175903?utm_source=f5support&amp%3Butm_medium=RSS"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00007.html","reference_id":"msg00007.html","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-02T13:59:32Z/"}],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00007.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2019/05/msg00011.html","reference_id":"msg00011.html","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-02T13:59:32Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2019/05/msg00011.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00013.html","reference_id":"msg00013.html","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-02T13:59:32Z/"}],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00013.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00058.html","reference_id":"msg00058.html","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-02T13:59:32Z/"}],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00058.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00059.html","reference_id":"msg00059.html","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-02T13:59:32Z/"}],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00059.html"},{"reference_url":"https://lists.apache.org/thread.html/r1fd117082b992e7d43c1286e966c285f98aa362e685695d999ff42f7%40%3Cuser.cassandra.apache.org%3E","reference_id":"r1fd117082b992e7d43c1286e966c285f98aa362e685695d999ff42f7%40%3Cuser.cassandra.apache.org%3E","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-02T13:59:32Z/"}],"url":"https://lists.apache.org/thread.html/r1fd117082b992e7d43c1286e966c285f98aa362e685695d999ff42f7%40%3Cuser.cassandra.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r718e01f61b35409a4f7a3ccbc1cb5136a1558a9f9c2cb8d4ca9be1ce%40%3Cuser.cassandra.apache.org%3E","reference_id":"r718e01f61b35409a4f7a3ccbc1cb5136a1558a9f9c2cb8d4ca9be1ce%40%3Cuser.cassandra.apache.org%3E","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-02T13:59:32Z/"}],"url":"https://lists.apache.org/thread.html/r718e01f61b35409a4f7a3ccbc1cb5136a1558a9f9c2cb8d4ca9be1ce%40%3Cuser.cassandra.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rab8d90d28f944d84e4d7852f355a25c89451ae02c2decc4d355a9cfc%40%3Cuser.cassandra.apache.org%3E","reference_id":"rab8d90d28f944d84e4d7852f355a25c89451ae02c2decc4d355a9cfc%40%3Cuser.cassandra.apache.org%3E","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-02T13:59:32Z/"}],"url":"https://lists.apache.org/thread.html/rab8d90d28f944d84e4d7852f355a25c89451ae02c2decc4d355a9cfc%40%3Cuser.cassandra.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rcd7544b24d8fc32b7950ec4c117052410b661babaa857fb1fc641152%40%3Cdev.cassandra.apache.org%3E","reference_id":"rcd7544b24d8fc32b7950ec4c117052410b661babaa857fb1fc641152%40%3Cdev.cassandra.apache.org%3E","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-02T13:59:32Z/"}],"url":"https://lists.apache.org/thread.html/rcd7544b24d8fc32b7950ec4c117052410b661babaa857fb1fc641152%40%3Cdev.cassandra.apache.org%3E"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:0774","reference_id":"RHSA-2019:0774","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:0774"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:0775","reference_id":"RHSA-2019:0775","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:0775"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:0778","reference_id":"RHSA-2019:0778","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:0778"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:0790","reference_id":"RHSA-2019:0790","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:0790"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:0791","reference_id":"RHSA-2019:0791","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:0791"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:1146","reference_id":"RHSA-2019:1146","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-02T13:59:32Z/"}],"url":"https://access.redhat.com/errata/RHSA-2019:1146"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:1163","reference_id":"RHSA-2019:1163","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-02T13:59:32Z/"}],"url":"https://access.redhat.com/errata/RHSA-2019:1163"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:1164","reference_id":"RHSA-2019:1164","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-02T13:59:32Z/"}],"url":"https://access.redhat.com/errata/RHSA-2019:1164"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:1165","reference_id":"RHSA-2019:1165","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-02T13:59:32Z/"}],"url":"https://access.redhat.com/errata/RHSA-2019:1165"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:1166","reference_id":"RHSA-2019:1166","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-02T13:59:32Z/"}],"url":"https://access.redhat.com/errata/RHSA-2019:1166"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:1238","reference_id":"RHSA-2019:1238","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-02T13:59:32Z/"}],"url":"https://access.redhat.com/errata/RHSA-2019:1238"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:1325","reference_id":"RHSA-2019:1325","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-02T13:59:32Z/"}],"url":"https://access.redhat.com/errata/RHSA-2019:1325"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:1518","reference_id":"RHSA-2019:1518","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-02T13:59:32Z/"}],"url":"https://access.redhat.com/errata/RHSA-2019:1518"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/404377?format=json","purl":"pkg:apk/alpine/openjdk7@7.221.2.6.18-r0?arch=s390x&distroversion=v3.11&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openjdk7@7.221.2.6.18-r0%3Farch=s390x&distroversion=v3.11&reponame=community"}],"aliases":["CVE-2019-2684"],"risk_score":2.6,"exploitability":"0.5","weighted_severity":"5.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-mg92-y18j-q7e2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/96343?format=json","vulnerability_id":"VCID-skjr-x8fq-1kfb","summary":"Vulnerability in the Java SE component of Oracle Java SE (subcomponent: 2D). Supported versions that are affected are Java SE: 7u211 and 8u202. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks of this vulnerability can result in takeover of Java SE. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 8.1 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H).","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-2698.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-2698.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-2698","reference_id":"","reference_type":"","scores":[{"value":"0.0419","scoring_system":"epss","scoring_elements":"0.88947","published_at":"2026-06-09T12:55:00Z"},{"value":"0.0419","scoring_system":"epss","scoring_elements":"0.88913","published_at":"2026-06-04T12:55:00Z"},{"value":"0.0419","scoring_system":"epss","scoring_elements":"0.8893","published_at":"2026-06-08T12:55:00Z"},{"value":"0.0419","scoring_system":"epss","scoring_elements":"0.88931","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-2698"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2602","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2602"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2684","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2684"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2698","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2698"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1700447","reference_id":"1700447","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1700447"},{"reference_url":"https://usn.ubuntu.com/3975-1/","reference_id":"3975-1","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-02T15:55:44Z/"}],"url":"https://usn.ubuntu.com/3975-1/"},{"reference_url":"https://seclists.org/bugtraq/2019/May/75","reference_id":"75","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-02T15:55:44Z/"}],"url":"https://seclists.org/bugtraq/2019/May/75"},{"reference_url":"https://bugs.chromium.org/p/project-zero/issues/detail?id=1778","reference_id":"CVE-2019-2698","reference_type":"exploit","scores":[],"url":"https://bugs.chromium.org/p/project-zero/issues/detail?id=1778"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/46723.txt","reference_id":"CVE-2019-2698","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/46723.txt"},{"reference_url":"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03959en_us","reference_id":"display?docLocale=en_US&docId=emr_na-hpesbst03959en_us","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-02T15:55:44Z/"}],"url":"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03959en_us"},{"reference_url":"https://www.debian.org/security/2019/dsa-4453","reference_id":"dsa-4453","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-02T15:55:44Z/"}],"url":"https://www.debian.org/security/2019/dsa-4453"},{"reference_url":"https://security.gentoo.org/glsa/201908-10","reference_id":"GLSA-201908-10","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-02T15:55:44Z/"}],"url":"https://security.gentoo.org/glsa/201908-10"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2019/05/msg00011.html","reference_id":"msg00011.html","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-02T15:55:44Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2019/05/msg00011.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00013.html","reference_id":"msg00013.html","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-02T15:55:44Z/"}],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00013.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00058.html","reference_id":"msg00058.html","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-02T15:55:44Z/"}],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00058.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00059.html","reference_id":"msg00059.html","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-02T15:55:44Z/"}],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00059.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:0774","reference_id":"RHSA-2019:0774","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:0774"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:0775","reference_id":"RHSA-2019:0775","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:0775"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:0790","reference_id":"RHSA-2019:0790","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:0790"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:0791","reference_id":"RHSA-2019:0791","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:0791"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:1146","reference_id":"RHSA-2019:1146","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-02T15:55:44Z/"}],"url":"https://access.redhat.com/errata/RHSA-2019:1146"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:1163","reference_id":"RHSA-2019:1163","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-02T15:55:44Z/"}],"url":"https://access.redhat.com/errata/RHSA-2019:1163"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:1164","reference_id":"RHSA-2019:1164","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-02T15:55:44Z/"}],"url":"https://access.redhat.com/errata/RHSA-2019:1164"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:1165","reference_id":"RHSA-2019:1165","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-02T15:55:44Z/"}],"url":"https://access.redhat.com/errata/RHSA-2019:1165"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:1166","reference_id":"RHSA-2019:1166","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-02T15:55:44Z/"}],"url":"https://access.redhat.com/errata/RHSA-2019:1166"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:1238","reference_id":"RHSA-2019:1238","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-02T15:55:44Z/"}],"url":"https://access.redhat.com/errata/RHSA-2019:1238"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:1325","reference_id":"RHSA-2019:1325","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-02T15:55:44Z/"}],"url":"https://access.redhat.com/errata/RHSA-2019:1325"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/404377?format=json","purl":"pkg:apk/alpine/openjdk7@7.221.2.6.18-r0?arch=s390x&distroversion=v3.11&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openjdk7@7.221.2.6.18-r0%3Farch=s390x&distroversion=v3.11&reponame=community"}],"aliases":["CVE-2019-2698"],"risk_score":10.0,"exploitability":"2.0","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-skjr-x8fq-1kfb"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openjdk7@7.221.2.6.18-r0%3Farch=s390x&distroversion=v3.11&reponame=community"}