{"url":"http://public2.vulnerablecode.io/api/packages/472148?format=json","purl":"pkg:apk/alpine/openjdk7@7.211.2.6.17-r0?arch=x86_64&distroversion=v3.9&reponame=community","type":"apk","namespace":"alpine","name":"openjdk7","version":"7.211.2.6.17-r0","qualifiers":{"arch":"x86_64","distroversion":"v3.9","reponame":"community"},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":"7.221.2.6.18-r0","latest_non_vulnerable_version":"7.261.2.6.22-r0","affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/275902?format=json","vulnerability_id":"VCID-58dt-j8yh-2qa9","summary":"","references":[],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/472148?format=json","purl":"pkg:apk/alpine/openjdk7@7.211.2.6.17-r0?arch=x86_64&distroversion=v3.9&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openjdk7@7.211.2.6.17-r0%3Farch=x86_64&distroversion=v3.9&reponame=community"}],"aliases":["CVE_2019-2426"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-58dt-j8yh-2qa9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/76359?format=json","vulnerability_id":"VCID-dguz-ebv3-1qas","summary":"An issue was discovered in libjpeg 9a and 9d. The alloc_sarray function in jmemmgr.c allows remote attackers to cause a denial of service (divide-by-zero error) via a crafted file.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-11212.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-11212.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-11212","reference_id":"","reference_type":"","scores":[{"value":"0.02115","scoring_system":"epss","scoring_elements":"0.84454","published_at":"2026-06-09T12:55:00Z"},{"value":"0.02115","scoring_system":"epss","scoring_elements":"0.8446","published_at":"2026-06-06T12:55:00Z"},{"value":"0.02115","scoring_system":"epss","scoring_elements":"0.84452","published_at":"2026-06-07T12:55:00Z"},{"value":"0.02115","scoring_system":"epss","scoring_elements":"0.8444","published_at":"2026-06-08T12:55:00Z"},{"value":"0.02569","scoring_system":"epss","scoring_elements":"0.85839","published_at":"2026-06-05T12:55:00Z"},{"value":"0.02569","scoring_system":"epss","scoring_elements":"0.85817","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-11212"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11212","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11212"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1579973","reference_id":"1579973","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1579973"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=902176","reference_id":"902176","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=902176"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:0469","reference_id":"RHSA-2019:0469","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:0469"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:0472","reference_id":"RHSA-2019:0472","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:0472"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:0473","reference_id":"RHSA-2019:0473","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:0473"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:0474","reference_id":"RHSA-2019:0474","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:0474"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:0640","reference_id":"RHSA-2019:0640","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:0640"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:1238","reference_id":"RHSA-2019:1238","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:1238"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2052","reference_id":"RHSA-2019:2052","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:2052"},{"reference_url":"https://usn.ubuntu.com/3706-1/","reference_id":"USN-3706-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3706-1/"},{"reference_url":"https://usn.ubuntu.com/3706-2/","reference_id":"USN-3706-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3706-2/"},{"reference_url":"https://usn.ubuntu.com/5497-1/","reference_id":"USN-5497-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5497-1/"},{"reference_url":"https://usn.ubuntu.com/USN-5336-1/","reference_id":"USN-USN-5336-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/USN-5336-1/"},{"reference_url":"https://usn.ubuntu.com/USN-5497-2/","reference_id":"USN-USN-5497-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/USN-5497-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/472148?format=json","purl":"pkg:apk/alpine/openjdk7@7.211.2.6.17-r0?arch=x86_64&distroversion=v3.9&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openjdk7@7.211.2.6.17-r0%3Farch=x86_64&distroversion=v3.9&reponame=community"}],"aliases":["CVE-2018-11212"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-dguz-ebv3-1qas"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/96339?format=json","vulnerability_id":"VCID-qjfm-ydh8-dygd","summary":"Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 7u201, 8u192 and 11.0.1; Java SE Embedded: 8u191. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Java SE accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 3.1 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N).","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-2422.json","reference_id":"","reference_type":"","scores":[{"value":"3.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-2422.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-2422","reference_id":"","reference_type":"","scores":[{"value":"0.00267","scoring_system":"epss","scoring_elements":"0.50445","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00267","scoring_system":"epss","scoring_elements":"0.50415","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00267","scoring_system":"epss","scoring_elements":"0.50397","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00267","scoring_system":"epss","scoring_elements":"0.50426","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00326","scoring_system":"epss","scoring_elements":"0.5587","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00326","scoring_system":"epss","scoring_elements":"0.55926","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-2422"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2422","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2422"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"http://www.securityfocus.com/bid/106596","reference_id":"106596","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-02T14:03:02Z/"}],"url":"http://www.securityfocus.com/bid/106596"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1665945","reference_id":"1665945","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1665945"},{"reference_url":"https://seclists.org/bugtraq/2019/Mar/27","reference_id":"27","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-02T14:03:02Z/"}],"url":"https://seclists.org/bugtraq/2019/Mar/27"},{"reference_url":"https://usn.ubuntu.com/3875-1/","reference_id":"3875-1","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-02T14:03:02Z/"}],"url":"https://usn.ubuntu.com/3875-1/"},{"reference_url":"https://usn.ubuntu.com/3942-1/","reference_id":"3942-1","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-02T14:03:02Z/"}],"url":"https://usn.ubuntu.com/3942-1/"},{"reference_url":"https://usn.ubuntu.com/3949-1/","reference_id":"3949-1","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-02T14:03:02Z/"}],"url":"https://usn.ubuntu.com/3949-1/"},{"reference_url":"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03958en_us","reference_id":"display?docLocale=en_US&docId=emr_na-hpesbst03958en_us","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-02T14:03:02Z/"}],"url":"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03958en_us"},{"reference_url":"https://www.debian.org/security/2019/dsa-4410","reference_id":"dsa-4410","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-02T14:03:02Z/"}],"url":"https://www.debian.org/security/2019/dsa-4410"},{"reference_url":"https://security.gentoo.org/glsa/201903-14","reference_id":"GLSA-201903-14","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-02T14:03:02Z/"}],"url":"https://security.gentoo.org/glsa/201903-14"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00013.html","reference_id":"msg00013.html","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-02T14:03:02Z/"}],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00013.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00028.html","reference_id":"msg00028.html","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-02T14:03:02Z/"}],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00028.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2019/03/msg00033.html","reference_id":"msg00033.html","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-02T14:03:02Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2019/03/msg00033.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00059.html","reference_id":"msg00059.html","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-02T14:03:02Z/"}],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00059.html"},{"reference_url":"https://security.netapp.com/advisory/ntap-20190118-0001/","reference_id":"ntap-20190118-0001","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-02T14:03:02Z/"}],"url":"https://security.netapp.com/advisory/ntap-20190118-0001/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:0416","reference_id":"RHSA-2019:0416","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-02T14:03:02Z/"}],"url":"https://access.redhat.com/errata/RHSA-2019:0416"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:0435","reference_id":"RHSA-2019:0435","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-02T14:03:02Z/"}],"url":"https://access.redhat.com/errata/RHSA-2019:0435"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:0436","reference_id":"RHSA-2019:0436","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-02T14:03:02Z/"}],"url":"https://access.redhat.com/errata/RHSA-2019:0436"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:0462","reference_id":"RHSA-2019:0462","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-02T14:03:02Z/"}],"url":"https://access.redhat.com/errata/RHSA-2019:0462"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:0464","reference_id":"RHSA-2019:0464","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-02T14:03:02Z/"}],"url":"https://access.redhat.com/errata/RHSA-2019:0464"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:0469","reference_id":"RHSA-2019:0469","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-02T14:03:02Z/"}],"url":"https://access.redhat.com/errata/RHSA-2019:0469"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:0472","reference_id":"RHSA-2019:0472","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-02T14:03:02Z/"}],"url":"https://access.redhat.com/errata/RHSA-2019:0472"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:0473","reference_id":"RHSA-2019:0473","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-02T14:03:02Z/"}],"url":"https://access.redhat.com/errata/RHSA-2019:0473"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:0474","reference_id":"RHSA-2019:0474","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-02T14:03:02Z/"}],"url":"https://access.redhat.com/errata/RHSA-2019:0474"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:0640","reference_id":"RHSA-2019:0640","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-02T14:03:02Z/"}],"url":"https://access.redhat.com/errata/RHSA-2019:0640"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:1238","reference_id":"RHSA-2019:1238","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-02T14:03:02Z/"}],"url":"https://access.redhat.com/errata/RHSA-2019:1238"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/472148?format=json","purl":"pkg:apk/alpine/openjdk7@7.211.2.6.17-r0?arch=x86_64&distroversion=v3.9&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openjdk7@7.211.2.6.17-r0%3Farch=x86_64&distroversion=v3.9&reponame=community"}],"aliases":["CVE-2019-2422"],"risk_score":1.4,"exploitability":"0.5","weighted_severity":"2.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qjfm-ydh8-dygd"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openjdk7@7.211.2.6.17-r0%3Farch=x86_64&distroversion=v3.9&reponame=community"}