Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:ebuild/dev-java/openjdk@8.372_p07

Type ebuild

Namespace dev-java

Name openjdk

Version 8.372_p07

Qualifiers

Subpath

Is_vulnerable false

Next_non_vulnerable_version 8.422_p05

Latest_non_vulnerable_version 17.0.12_p7

Affected_by_vulnerabilities

Fixing_vulnerabilities

url VCID-1ua9-ggzh-63a3

vulnerability_id VCID-1ua9-ggzh-63a3

summary Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 7u343, 8u333, 11.0.15.1, 17.0.3.1, 18.0.1.1; Oracle GraalVM Enterprise Edition: 20.3.6, 21.3.2 and 22.1.0. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.9 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N).

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21541.json

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21541.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-21541

reference_id

reference_type

scores

value	0.00329
scoring_system	epss
scoring_elements	0.56099
published_at	2026-06-04T12:55:00Z

value	0.00329
scoring_system	epss
scoring_elements	0.5615
published_at	2026-06-09T12:55:00Z

value	0.00329
scoring_system	epss
scoring_elements	0.56154
published_at	2026-06-05T12:55:00Z

value	0.00329
scoring_system	epss
scoring_elements	0.5616
published_at	2026-06-06T12:55:00Z

value	0.00329
scoring_system	epss
scoring_elements	0.56147
published_at	2026-06-07T12:55:00Z

value	0.00329
scoring_system	epss
scoring_elements	0.56131
published_at	2026-06-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-21541

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21540
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21540

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21541
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21541

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21549
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21549

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34169
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34169

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2108543
reference_id	2108543
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2108543

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/H4YNJSJ64NPCNKFPNBYITNZU5H3L4D6L/

reference_id

H4YNJSJ64NPCNKFPNBYITNZU5H3L4D6L

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-11T20:42:01Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/H4YNJSJ64NPCNKFPNBYITNZU5H3L4D6L/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I5OZNAZJ4YHLOKRRRZSWRT5OJ25E4XLM/

reference_id

I5OZNAZJ4YHLOKRRRZSWRT5OJ25E4XLM

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-11T20:42:01Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I5OZNAZJ4YHLOKRRRZSWRT5OJ25E4XLM/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JN3EVGR7FD3ZLV5SBTJXUIDCMSK4QUE2/

reference_id

JN3EVGR7FD3ZLV5SBTJXUIDCMSK4QUE2

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-11T20:42:01Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JN3EVGR7FD3ZLV5SBTJXUIDCMSK4QUE2/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KO3DXNKZ4EU3UZBT6AAR4XRKCD73KLMO/

reference_id

KO3DXNKZ4EU3UZBT6AAR4XRKCD73KLMO

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-11T20:42:01Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KO3DXNKZ4EU3UZBT6AAR4XRKCD73KLMO/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L3XPOTPPBZIPFBZHQE5E7OW6PDACUMCJ/

reference_id

L3XPOTPPBZIPFBZHQE5E7OW6PDACUMCJ

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-11T20:42:01Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L3XPOTPPBZIPFBZHQE5E7OW6PDACUMCJ/

reference_url

https://security.netapp.com/advisory/ntap-20220729-0009/

reference_id

ntap-20220729-0009

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-11T20:42:01Z/

url

https://security.netapp.com/advisory/ntap-20220729-0009/

reference_url	https://access.redhat.com/errata/RHSA-2022:5681
reference_id	RHSA-2022:5681
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5681

reference_url	https://access.redhat.com/errata/RHSA-2022:5683
reference_id	RHSA-2022:5683
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5683

reference_url	https://access.redhat.com/errata/RHSA-2022:5684
reference_id	RHSA-2022:5684
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5684

reference_url	https://access.redhat.com/errata/RHSA-2022:5685
reference_id	RHSA-2022:5685
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5685

reference_url	https://access.redhat.com/errata/RHSA-2022:5687
reference_id	RHSA-2022:5687
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5687

reference_url	https://access.redhat.com/errata/RHSA-2022:5695
reference_id	RHSA-2022:5695
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5695

reference_url	https://access.redhat.com/errata/RHSA-2022:5696
reference_id	RHSA-2022:5696
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5696

reference_url	https://access.redhat.com/errata/RHSA-2022:5697
reference_id	RHSA-2022:5697
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5697

reference_url	https://access.redhat.com/errata/RHSA-2022:5698
reference_id	RHSA-2022:5698
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5698

reference_url	https://access.redhat.com/errata/RHSA-2022:5700
reference_id	RHSA-2022:5700
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5700

reference_url	https://access.redhat.com/errata/RHSA-2022:5701
reference_id	RHSA-2022:5701
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5701

reference_url	https://access.redhat.com/errata/RHSA-2022:5709
reference_id	RHSA-2022:5709
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5709

reference_url	https://access.redhat.com/errata/RHSA-2022:5726
reference_id	RHSA-2022:5726
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5726

reference_url	https://access.redhat.com/errata/RHSA-2022:5736
reference_id	RHSA-2022:5736
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5736

reference_url	https://access.redhat.com/errata/RHSA-2022:5753
reference_id	RHSA-2022:5753
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5753

reference_url	https://access.redhat.com/errata/RHSA-2022:5754
reference_id	RHSA-2022:5754
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5754

reference_url	https://access.redhat.com/errata/RHSA-2022:5755
reference_id	RHSA-2022:5755
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5755

reference_url	https://access.redhat.com/errata/RHSA-2022:5756
reference_id	RHSA-2022:5756
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5756

reference_url	https://access.redhat.com/errata/RHSA-2022:5757
reference_id	RHSA-2022:5757
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5757

reference_url	https://access.redhat.com/errata/RHSA-2022:5758
reference_id	RHSA-2022:5758
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5758

reference_url	https://usn.ubuntu.com/5546-1/
reference_id	USN-5546-1
reference_type
scores
url	https://usn.ubuntu.com/5546-1/

reference_url	https://usn.ubuntu.com/5546-2/
reference_id	USN-5546-2
reference_type
scores
url	https://usn.ubuntu.com/5546-2/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YULPNO3PAWMEQQZV2C54I3H3ZOXFZUTB/

reference_id

YULPNO3PAWMEQQZV2C54I3H3ZOXFZUTB

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-11T20:42:01Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YULPNO3PAWMEQQZV2C54I3H3ZOXFZUTB/

fixed_packages

url	pkg:ebuild/dev-java/openjdk@8.372_p07
purl	pkg:ebuild/dev-java/openjdk@8.372_p07
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk@8.372_p07

url	pkg:ebuild/dev-java/openjdk@11.0.19_p7
purl	pkg:ebuild/dev-java/openjdk@11.0.19_p7
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk@11.0.19_p7

url	pkg:ebuild/dev-java/openjdk@17.0.7_p7
purl	pkg:ebuild/dev-java/openjdk@17.0.7_p7
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk@17.0.7_p7

aliases CVE-2022-21541

risk_score 2.6

exploitability 0.5

weighted_severity 5.3

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1ua9-ggzh-63a3

url VCID-4c3j-7pf2-fkbc

vulnerability_id VCID-4c3j-7pf2-fkbc

summary Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JGSS). Supported versions that are affected are Oracle Java SE: 17.0.4.1, 19; Oracle GraalVM Enterprise Edition: 21.3.3 and 22.2.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via Kerberos to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N).

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21618.json

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21618.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-21618

reference_id

reference_type

scores

value	0.0018
scoring_system	epss
scoring_elements	0.39307
published_at	2026-06-04T12:55:00Z

value	0.0018
scoring_system	epss
scoring_elements	0.39355
published_at	2026-06-09T12:55:00Z

value	0.0018
scoring_system	epss
scoring_elements	0.39395
published_at	2026-06-05T12:55:00Z

value	0.0018
scoring_system	epss
scoring_elements	0.394
published_at	2026-06-06T12:55:00Z

value	0.0018
scoring_system	epss
scoring_elements	0.39371
published_at	2026-06-07T12:55:00Z

value	0.0018
scoring_system	epss
scoring_elements	0.39342
published_at	2026-06-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-21618

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21618
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21618

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21619
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21619

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21624
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21624

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21628
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21628

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39399
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39399

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21835
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21835

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21843
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21843

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2133817
reference_id	2133817
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2133817

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/37QDWJBGEPP65X43NXQTXQ7KASLUHON6/

reference_id

37QDWJBGEPP65X43NXQTXQ7KASLUHON6

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-27T15:10:27Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/37QDWJBGEPP65X43NXQTXQ7KASLUHON6/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3ARF4QF4N3X5GSFHXUBWARGLISGKJ33R/

reference_id

3ARF4QF4N3X5GSFHXUBWARGLISGKJ33R

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-27T15:10:27Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3ARF4QF4N3X5GSFHXUBWARGLISGKJ33R/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3QLQ7OD33W6LT3HWI7VYDFFJLV75Y73K/

reference_id

3QLQ7OD33W6LT3HWI7VYDFFJLV75Y73K

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-27T15:10:27Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3QLQ7OD33W6LT3HWI7VYDFFJLV75Y73K/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EXSBV3W6EP6B7XJ63Z2FPVBH6HAPGJ5T/

reference_id

EXSBV3W6EP6B7XJ63Z2FPVBH6HAPGJ5T

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-27T15:10:27Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EXSBV3W6EP6B7XJ63Z2FPVBH6HAPGJ5T/

reference_url	https://security.gentoo.org/glsa/202409-26
reference_id	GLSA-202409-26
reference_type
scores
url	https://security.gentoo.org/glsa/202409-26

reference_url

https://security.netapp.com/advisory/ntap-20221028-0012/

reference_id

ntap-20221028-0012

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-27T15:10:27Z/

url

https://security.netapp.com/advisory/ntap-20221028-0012/

reference_url	https://access.redhat.com/errata/RHSA-2022:6999
reference_id	RHSA-2022:6999
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:6999

reference_url	https://access.redhat.com/errata/RHSA-2022:7000
reference_id	RHSA-2022:7000
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:7000

reference_url	https://access.redhat.com/errata/RHSA-2022:7001
reference_id	RHSA-2022:7001
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:7001

reference_url	https://access.redhat.com/errata/RHSA-2022:7008
reference_id	RHSA-2022:7008
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:7008

reference_url	https://access.redhat.com/errata/RHSA-2022:7009
reference_id	RHSA-2022:7009
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:7009

reference_url	https://access.redhat.com/errata/RHSA-2022:7010
reference_id	RHSA-2022:7010
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:7010

reference_url	https://access.redhat.com/errata/RHSA-2022:7011
reference_id	RHSA-2022:7011
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:7011

reference_url	https://access.redhat.com/errata/RHSA-2022:7012
reference_id	RHSA-2022:7012
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:7012

reference_url	https://access.redhat.com/errata/RHSA-2022:7013
reference_id	RHSA-2022:7013
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:7013

reference_url	https://access.redhat.com/errata/RHSA-2022:7051
reference_id	RHSA-2022:7051
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:7051

reference_url	https://access.redhat.com/errata/RHSA-2022:7052
reference_id	RHSA-2022:7052
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:7052

reference_url	https://access.redhat.com/errata/RHSA-2022:7053
reference_id	RHSA-2022:7053
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:7053

reference_url	https://access.redhat.com/errata/RHSA-2022:7054
reference_id	RHSA-2022:7054
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:7054

reference_url	https://usn.ubuntu.com/5719-1/
reference_id	USN-5719-1
reference_type
scores
url	https://usn.ubuntu.com/5719-1/

fixed_packages

url	pkg:ebuild/dev-java/openjdk@8.372_p07
purl	pkg:ebuild/dev-java/openjdk@8.372_p07
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk@8.372_p07

url	pkg:ebuild/dev-java/openjdk@11.0.19_p7
purl	pkg:ebuild/dev-java/openjdk@11.0.19_p7
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk@11.0.19_p7

url	pkg:ebuild/dev-java/openjdk@17.0.7_p7
purl	pkg:ebuild/dev-java/openjdk@17.0.7_p7
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk@17.0.7_p7

aliases CVE-2022-21618

risk_score 2.4

exploitability 0.5

weighted_severity 4.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4c3j-7pf2-fkbc

url VCID-4sr3-ebqa-xug8

vulnerability_id VCID-4sr3-ebqa-xug8

summary Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JNDI). Supported versions that are affected are Oracle Java SE: 8u341, 8u345-perf, 11.0.16.1, 17.0.4.1, 19; Oracle GraalVM Enterprise Edition: 20.3.7, 21.3.3 and 22.2.0. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 3.7 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N).

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21624.json

reference_id

reference_type

scores

value	3.7
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21624.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-21624

reference_id

reference_type

scores

value	0.00264
scoring_system	epss
scoring_elements	0.5011
published_at	2026-06-04T12:55:00Z

value	0.00264
scoring_system	epss
scoring_elements	0.50154
published_at	2026-06-09T12:55:00Z

value	0.00264
scoring_system	epss
scoring_elements	0.50172
published_at	2026-06-05T12:55:00Z

value	0.00264
scoring_system	epss
scoring_elements	0.5018
published_at	2026-06-06T12:55:00Z

value	0.00264
scoring_system	epss
scoring_elements	0.50165
published_at	2026-06-07T12:55:00Z

value	0.00264
scoring_system	epss
scoring_elements	0.50136
published_at	2026-06-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-21624

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21618
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21618

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21619
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21619

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21624
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21624

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21626
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21626

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21628
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21628

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39399
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39399

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21835
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21835

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21843
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21843

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	3.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2133765
reference_id	2133765
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2133765

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/37QDWJBGEPP65X43NXQTXQ7KASLUHON6/

reference_id

37QDWJBGEPP65X43NXQTXQ7KASLUHON6

reference_type

scores

value	3.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T15:11:29Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/37QDWJBGEPP65X43NXQTXQ7KASLUHON6/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3ARF4QF4N3X5GSFHXUBWARGLISGKJ33R/

reference_id

3ARF4QF4N3X5GSFHXUBWARGLISGKJ33R

reference_type

scores

value	3.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T15:11:29Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3ARF4QF4N3X5GSFHXUBWARGLISGKJ33R/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3QLQ7OD33W6LT3HWI7VYDFFJLV75Y73K/

reference_id

3QLQ7OD33W6LT3HWI7VYDFFJLV75Y73K

reference_type

scores

value	3.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T15:11:29Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3QLQ7OD33W6LT3HWI7VYDFFJLV75Y73K/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EXSBV3W6EP6B7XJ63Z2FPVBH6HAPGJ5T/

reference_id

EXSBV3W6EP6B7XJ63Z2FPVBH6HAPGJ5T

reference_type

scores

value	3.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T15:11:29Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EXSBV3W6EP6B7XJ63Z2FPVBH6HAPGJ5T/

reference_url	https://security.gentoo.org/glsa/202409-26
reference_id	GLSA-202409-26
reference_type
scores
url	https://security.gentoo.org/glsa/202409-26

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HNGMDNIHAA73BEX6XPA2IMXJSGOKKYE6/

reference_id

HNGMDNIHAA73BEX6XPA2IMXJSGOKKYE6

reference_type

scores

value	3.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T15:11:29Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HNGMDNIHAA73BEX6XPA2IMXJSGOKKYE6/

reference_url

https://security.netapp.com/advisory/ntap-20221028-0012/

reference_id

ntap-20221028-0012

reference_type

scores

value	3.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T15:11:29Z/

url

https://security.netapp.com/advisory/ntap-20221028-0012/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PB3CIGOFG7CENUVVE4FFZT2HI5FO77XU/

reference_id

PB3CIGOFG7CENUVVE4FFZT2HI5FO77XU

reference_type

scores

value	3.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-27T15:11:29Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PB3CIGOFG7CENUVVE4FFZT2HI5FO77XU/

reference_url	https://access.redhat.com/errata/RHSA-2022:6999
reference_id	RHSA-2022:6999
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:6999

reference_url	https://access.redhat.com/errata/RHSA-2022:7000
reference_id	RHSA-2022:7000
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:7000

reference_url	https://access.redhat.com/errata/RHSA-2022:7001
reference_id	RHSA-2022:7001
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:7001

reference_url	https://access.redhat.com/errata/RHSA-2022:7002
reference_id	RHSA-2022:7002
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:7002

reference_url	https://access.redhat.com/errata/RHSA-2022:7003
reference_id	RHSA-2022:7003
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:7003

reference_url	https://access.redhat.com/errata/RHSA-2022:7004
reference_id	RHSA-2022:7004
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:7004

reference_url	https://access.redhat.com/errata/RHSA-2022:7005
reference_id	RHSA-2022:7005
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:7005

reference_url	https://access.redhat.com/errata/RHSA-2022:7006
reference_id	RHSA-2022:7006
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:7006

reference_url	https://access.redhat.com/errata/RHSA-2022:7007
reference_id	RHSA-2022:7007
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:7007

reference_url	https://access.redhat.com/errata/RHSA-2022:7008
reference_id	RHSA-2022:7008
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:7008

reference_url	https://access.redhat.com/errata/RHSA-2022:7009
reference_id	RHSA-2022:7009
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:7009

reference_url	https://access.redhat.com/errata/RHSA-2022:7010
reference_id	RHSA-2022:7010
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:7010

reference_url	https://access.redhat.com/errata/RHSA-2022:7011
reference_id	RHSA-2022:7011
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:7011

reference_url	https://access.redhat.com/errata/RHSA-2022:7012
reference_id	RHSA-2022:7012
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:7012

reference_url	https://access.redhat.com/errata/RHSA-2022:7013
reference_id	RHSA-2022:7013
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:7013

reference_url	https://access.redhat.com/errata/RHSA-2022:7049
reference_id	RHSA-2022:7049
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:7049

reference_url	https://access.redhat.com/errata/RHSA-2022:7050
reference_id	RHSA-2022:7050
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:7050

reference_url	https://access.redhat.com/errata/RHSA-2022:7051
reference_id	RHSA-2022:7051
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:7051

reference_url	https://access.redhat.com/errata/RHSA-2022:7052
reference_id	RHSA-2022:7052
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:7052

reference_url	https://access.redhat.com/errata/RHSA-2022:7053
reference_id	RHSA-2022:7053
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:7053

reference_url	https://access.redhat.com/errata/RHSA-2022:7054
reference_id	RHSA-2022:7054
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:7054

reference_url	https://access.redhat.com/errata/RHSA-2022:8880
reference_id	RHSA-2022:8880
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:8880

reference_url	https://access.redhat.com/errata/RHSA-2023:0128
reference_id	RHSA-2023:0128
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0128

reference_url	https://usn.ubuntu.com/5719-1/
reference_id	USN-5719-1
reference_type
scores
url	https://usn.ubuntu.com/5719-1/

fixed_packages

url	pkg:ebuild/dev-java/openjdk@8.372_p07
purl	pkg:ebuild/dev-java/openjdk@8.372_p07
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk@8.372_p07

url	pkg:ebuild/dev-java/openjdk@11.0.19_p7
purl	pkg:ebuild/dev-java/openjdk@11.0.19_p7
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk@11.0.19_p7

url	pkg:ebuild/dev-java/openjdk@17.0.7_p7
purl	pkg:ebuild/dev-java/openjdk@17.0.7_p7
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk@17.0.7_p7

aliases CVE-2022-21624

risk_score 1.6

exploitability 0.5

weighted_severity 3.3

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4sr3-ebqa-xug8

url VCID-dpq1-6qrj-1ydk

vulnerability_id VCID-dpq1-6qrj-1ydk

summary Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE). Supported versions that are affected are Oracle Java SE: 11.0.17, 17.0.5, 19.0.1; Oracle GraalVM Enterprise Edition: 20.3.8, 21.3.4 and 22.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via DTLS to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.1 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-21835.json

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-21835.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-21835

reference_id

reference_type

scores

value	0.0005
scoring_system	epss
scoring_elements	0.15795
published_at	2026-06-09T12:55:00Z

value	0.0005
scoring_system	epss
scoring_elements	0.15857
published_at	2026-06-07T12:55:00Z

value	0.0005
scoring_system	epss
scoring_elements	0.15772
published_at	2026-06-08T12:55:00Z

value	0.00053
scoring_system	epss
scoring_elements	0.1692
published_at	2026-06-05T12:55:00Z

value	0.00053
scoring_system	epss
scoring_elements	0.16914
published_at	2026-06-06T12:55:00Z

value	0.00053
scoring_system	epss
scoring_elements	0.16839
published_at	2026-06-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-21835

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21618
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21618

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21619
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21619

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21624
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21624

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21626
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21626

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21628
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21628

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39399
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39399

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21835
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21835

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21843
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21843

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2160421
reference_id	2160421
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2160421

reference_url	https://security.gentoo.org/glsa/202409-26
reference_id	GLSA-202409-26
reference_type
scores
url	https://security.gentoo.org/glsa/202409-26

reference_url	https://access.redhat.com/errata/RHSA-2023:0190
reference_id	RHSA-2023:0190
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0190

reference_url	https://access.redhat.com/errata/RHSA-2023:0191
reference_id	RHSA-2023:0191
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0191

reference_url	https://access.redhat.com/errata/RHSA-2023:0192
reference_id	RHSA-2023:0192
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0192

reference_url	https://access.redhat.com/errata/RHSA-2023:0193
reference_id	RHSA-2023:0193
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0193

reference_url	https://access.redhat.com/errata/RHSA-2023:0194
reference_id	RHSA-2023:0194
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0194

reference_url	https://access.redhat.com/errata/RHSA-2023:0195
reference_id	RHSA-2023:0195
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0195

reference_url	https://access.redhat.com/errata/RHSA-2023:0196
reference_id	RHSA-2023:0196
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0196

reference_url	https://access.redhat.com/errata/RHSA-2023:0197
reference_id	RHSA-2023:0197
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0197

reference_url	https://access.redhat.com/errata/RHSA-2023:0198
reference_id	RHSA-2023:0198
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0198

reference_url	https://access.redhat.com/errata/RHSA-2023:0199
reference_id	RHSA-2023:0199
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0199

reference_url	https://access.redhat.com/errata/RHSA-2023:0200
reference_id	RHSA-2023:0200
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0200

reference_url	https://access.redhat.com/errata/RHSA-2023:0201
reference_id	RHSA-2023:0201
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0201

reference_url	https://access.redhat.com/errata/RHSA-2023:0202
reference_id	RHSA-2023:0202
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0202

reference_url	https://access.redhat.com/errata/RHSA-2023:0352
reference_id	RHSA-2023:0352
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0352

reference_url	https://access.redhat.com/errata/RHSA-2023:0353
reference_id	RHSA-2023:0353
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0353

reference_url	https://access.redhat.com/errata/RHSA-2023:0388
reference_id	RHSA-2023:0388
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0388

reference_url	https://access.redhat.com/errata/RHSA-2023:0389
reference_id	RHSA-2023:0389
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0389

reference_url	https://usn.ubuntu.com/5897-1/
reference_id	USN-5897-1
reference_type
scores
url	https://usn.ubuntu.com/5897-1/

fixed_packages

url	pkg:ebuild/dev-java/openjdk@8.372_p07
purl	pkg:ebuild/dev-java/openjdk@8.372_p07
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk@8.372_p07

url	pkg:ebuild/dev-java/openjdk@11.0.19_p7
purl	pkg:ebuild/dev-java/openjdk@11.0.19_p7
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk@11.0.19_p7

url	pkg:ebuild/dev-java/openjdk@17.0.7_p7
purl	pkg:ebuild/dev-java/openjdk@17.0.7_p7
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk@17.0.7_p7

aliases CVE-2023-21835

risk_score 2.4

exploitability 0.5

weighted_severity 4.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-dpq1-6qrj-1ydk

url VCID-dtbp-teb1-83cn

vulnerability_id VCID-dtbp-teb1-83cn

summary The Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets. This can be used to corrupt Java class files generated by the internal XSLTC compiler and execute arbitrary Java bytecode. Users are recommended to update to version 2.7.3 or later. Note: Java runtimes (such as OpenJDK) include repackaged copies of Xalan.

references

reference_url

http://packetstormsecurity.com/files/168186/Xalan-J-XSLTC-Integer-Truncation.html

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-20T16:24:49Z/

url

http://packetstormsecurity.com/files/168186/Xalan-J-XSLTC-Integer-Truncation.html

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-34169.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-34169.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-34169

reference_id

reference_type

scores

value	0.10953
scoring_system	epss
scoring_elements	0.93558
published_at	2026-06-06T12:55:00Z

value	0.10953
scoring_system	epss
scoring_elements	0.93547
published_at	2026-06-04T12:55:00Z

value	0.10953
scoring_system	epss
scoring_elements	0.93556
published_at	2026-06-07T12:55:00Z

value	0.10953
scoring_system	epss
scoring_elements	0.93555
published_at	2026-06-08T12:55:00Z

value	0.10953
scoring_system	epss
scoring_elements	0.93563
published_at	2026-06-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-34169

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21540
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21540

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21541
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21541

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21549
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21549

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34169
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34169

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://gitbox.apache.org/repos/asf?p=xalan-java.git

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://gitbox.apache.org/repos/asf?p=xalan-java.git

reference_url

https://gitbox.apache.org/repos/asf?p=xalan-java.git;a=commit;h=2e60d0a9a5b822c4abf9051857973b1c6babfe81

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://gitbox.apache.org/repos/asf?p=xalan-java.git;a=commit;h=2e60d0a9a5b822c4abf9051857973b1c6babfe81

reference_url

https://gitbox.apache.org/repos/asf?p=xalan-java.git;a=commit;h=ab57211e5d2e97cbed06786f919fa9b749c83573

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://gitbox.apache.org/repos/asf?p=xalan-java.git;a=commit;h=ab57211e5d2e97cbed06786f919fa9b749c83573

reference_url

https://gitbox.apache.org/repos/asf?p=xalan-java.git;a=commit;h=da3e0d06b467247643ce04e88d3346739d119f21

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://gitbox.apache.org/repos/asf?p=xalan-java.git;a=commit;h=da3e0d06b467247643ce04e88d3346739d119f21

reference_url

https://lists.apache.org/thread/12pxy4phsry6c34x2ol4fft6xlho4kyw

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-20T16:24:49Z/

url

https://lists.apache.org/thread/12pxy4phsry6c34x2ol4fft6xlho4kyw

reference_url

https://lists.apache.org/thread/2qvl7r43wb4t8p9dd9om1bnkssk07sn8

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-20T16:24:49Z/

url

https://lists.apache.org/thread/2qvl7r43wb4t8p9dd9om1bnkssk07sn8

reference_url

https://lists.apache.org/thread/x3f7xv3p1g32qj2hlg8wd57pwcpld471

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread/x3f7xv3p1g32qj2hlg8wd57pwcpld471

reference_url

https://lists.debian.org/debian-lts-announce/2022/10/msg00024.html

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-20T16:24:49Z/

url

https://lists.debian.org/debian-lts-announce/2022/10/msg00024.html

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/H4YNJSJ64NPCNKFPNBYITNZU5H3L4D6L

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/H4YNJSJ64NPCNKFPNBYITNZU5H3L4D6L

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I5OZNAZJ4YHLOKRRRZSWRT5OJ25E4XLM

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I5OZNAZJ4YHLOKRRRZSWRT5OJ25E4XLM

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JN3EVGR7FD3ZLV5SBTJXUIDCMSK4QUE2

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JN3EVGR7FD3ZLV5SBTJXUIDCMSK4QUE2

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KO3DXNKZ4EU3UZBT6AAR4XRKCD73KLMO

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KO3DXNKZ4EU3UZBT6AAR4XRKCD73KLMO

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L3XPOTPPBZIPFBZHQE5E7OW6PDACUMCJ

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L3XPOTPPBZIPFBZHQE5E7OW6PDACUMCJ

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YULPNO3PAWMEQQZV2C54I3H3ZOXFZUTB

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YULPNO3PAWMEQQZV2C54I3H3ZOXFZUTB

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/H4YNJSJ64NPCNKFPNBYITNZU5H3L4D6L

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/H4YNJSJ64NPCNKFPNBYITNZU5H3L4D6L

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I5OZNAZJ4YHLOKRRRZSWRT5OJ25E4XLM

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I5OZNAZJ4YHLOKRRRZSWRT5OJ25E4XLM

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JN3EVGR7FD3ZLV5SBTJXUIDCMSK4QUE2

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JN3EVGR7FD3ZLV5SBTJXUIDCMSK4QUE2

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KO3DXNKZ4EU3UZBT6AAR4XRKCD73KLMO

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KO3DXNKZ4EU3UZBT6AAR4XRKCD73KLMO

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L3XPOTPPBZIPFBZHQE5E7OW6PDACUMCJ

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L3XPOTPPBZIPFBZHQE5E7OW6PDACUMCJ

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YULPNO3PAWMEQQZV2C54I3H3ZOXFZUTB

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YULPNO3PAWMEQQZV2C54I3H3ZOXFZUTB

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2022-34169

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2022-34169

reference_url

https://security.gentoo.org/glsa/202401-25

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-20T16:24:49Z/

url

https://security.gentoo.org/glsa/202401-25

reference_url

https://security.netapp.com/advisory/ntap-20220729-0009

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://security.netapp.com/advisory/ntap-20220729-0009

reference_url

https://security.netapp.com/advisory/ntap-20240621-0006

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://security.netapp.com/advisory/ntap-20240621-0006

reference_url

https://www.debian.org/security/2022/dsa-5188

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-20T16:24:49Z/

url

https://www.debian.org/security/2022/dsa-5188

reference_url

https://www.debian.org/security/2022/dsa-5192

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-20T16:24:49Z/

url

https://www.debian.org/security/2022/dsa-5192

reference_url

https://www.debian.org/security/2022/dsa-5256

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-20T16:24:49Z/

url

https://www.debian.org/security/2022/dsa-5256

reference_url

https://www.oracle.com/security-alerts/cpujul2022.html

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-20T16:24:49Z/

url

https://www.oracle.com/security-alerts/cpujul2022.html

reference_url

https://xalan.apache.org

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://xalan.apache.org

reference_url

http://www.openwall.com/lists/oss-security/2022/07/19/5

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-20T16:24:49Z/

url

http://www.openwall.com/lists/oss-security/2022/07/19/5

reference_url

http://www.openwall.com/lists/oss-security/2022/07/19/6

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-20T16:24:49Z/

url

http://www.openwall.com/lists/oss-security/2022/07/19/6

reference_url

http://www.openwall.com/lists/oss-security/2022/07/20/2

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-20T16:24:49Z/

url

http://www.openwall.com/lists/oss-security/2022/07/20/2

reference_url

http://www.openwall.com/lists/oss-security/2022/07/20/3

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-20T16:24:49Z/

url

http://www.openwall.com/lists/oss-security/2022/07/20/3

reference_url

http://www.openwall.com/lists/oss-security/2022/10/18/2

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-20T16:24:49Z/

url

http://www.openwall.com/lists/oss-security/2022/10/18/2

reference_url

http://www.openwall.com/lists/oss-security/2022/11/04/8

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-20T16:24:49Z/

url

http://www.openwall.com/lists/oss-security/2022/11/04/8

reference_url

http://www.openwall.com/lists/oss-security/2022/11/07/2

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-20T16:24:49Z/

url

http://www.openwall.com/lists/oss-security/2022/11/07/2

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1015860
reference_id	1015860
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1015860

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2108554
reference_id	2108554
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2108554

reference_url

https://github.com/advisories/GHSA-9339-86wc-4qgf

reference_id

GHSA-9339-86wc-4qgf

reference_type

scores

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-9339-86wc-4qgf

reference_url	https://security.gentoo.org/glsa/202405-16
reference_id	GLSA-202405-16
reference_type
scores
url	https://security.gentoo.org/glsa/202405-16

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/H4YNJSJ64NPCNKFPNBYITNZU5H3L4D6L/

reference_id

H4YNJSJ64NPCNKFPNBYITNZU5H3L4D6L

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-20T16:24:49Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/H4YNJSJ64NPCNKFPNBYITNZU5H3L4D6L/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I5OZNAZJ4YHLOKRRRZSWRT5OJ25E4XLM/

reference_id

I5OZNAZJ4YHLOKRRRZSWRT5OJ25E4XLM

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-20T16:24:49Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I5OZNAZJ4YHLOKRRRZSWRT5OJ25E4XLM/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JN3EVGR7FD3ZLV5SBTJXUIDCMSK4QUE2/

reference_id

JN3EVGR7FD3ZLV5SBTJXUIDCMSK4QUE2

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-20T16:24:49Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JN3EVGR7FD3ZLV5SBTJXUIDCMSK4QUE2/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KO3DXNKZ4EU3UZBT6AAR4XRKCD73KLMO/

reference_id

KO3DXNKZ4EU3UZBT6AAR4XRKCD73KLMO

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-20T16:24:49Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KO3DXNKZ4EU3UZBT6AAR4XRKCD73KLMO/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L3XPOTPPBZIPFBZHQE5E7OW6PDACUMCJ/

reference_id

L3XPOTPPBZIPFBZHQE5E7OW6PDACUMCJ

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-20T16:24:49Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L3XPOTPPBZIPFBZHQE5E7OW6PDACUMCJ/

reference_url

https://security.netapp.com/advisory/ntap-20220729-0009/

reference_id

ntap-20220729-0009

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-20T16:24:49Z/

url

https://security.netapp.com/advisory/ntap-20220729-0009/

reference_url

https://security.netapp.com/advisory/ntap-20240621-0006/

reference_id

ntap-20240621-0006

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-20T16:24:49Z/

url

https://security.netapp.com/advisory/ntap-20240621-0006/

reference_url	https://access.redhat.com/errata/RHSA-2022:5681
reference_id	RHSA-2022:5681
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5681

reference_url	https://access.redhat.com/errata/RHSA-2022:5683
reference_id	RHSA-2022:5683
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5683

reference_url	https://access.redhat.com/errata/RHSA-2022:5684
reference_id	RHSA-2022:5684
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5684

reference_url	https://access.redhat.com/errata/RHSA-2022:5685
reference_id	RHSA-2022:5685
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5685

reference_url	https://access.redhat.com/errata/RHSA-2022:5687
reference_id	RHSA-2022:5687
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5687

reference_url	https://access.redhat.com/errata/RHSA-2022:5695
reference_id	RHSA-2022:5695
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5695

reference_url	https://access.redhat.com/errata/RHSA-2022:5696
reference_id	RHSA-2022:5696
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5696

reference_url	https://access.redhat.com/errata/RHSA-2022:5697
reference_id	RHSA-2022:5697
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5697

reference_url	https://access.redhat.com/errata/RHSA-2022:5698
reference_id	RHSA-2022:5698
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5698

reference_url	https://access.redhat.com/errata/RHSA-2022:5700
reference_id	RHSA-2022:5700
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5700

reference_url	https://access.redhat.com/errata/RHSA-2022:5701
reference_id	RHSA-2022:5701
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5701

reference_url	https://access.redhat.com/errata/RHSA-2022:5709
reference_id	RHSA-2022:5709
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5709

reference_url	https://access.redhat.com/errata/RHSA-2022:5726
reference_id	RHSA-2022:5726
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5726

reference_url	https://access.redhat.com/errata/RHSA-2022:5736
reference_id	RHSA-2022:5736
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5736

reference_url	https://access.redhat.com/errata/RHSA-2022:5753
reference_id	RHSA-2022:5753
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5753

reference_url	https://access.redhat.com/errata/RHSA-2022:5754
reference_id	RHSA-2022:5754
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5754

reference_url	https://access.redhat.com/errata/RHSA-2022:5755
reference_id	RHSA-2022:5755
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5755

reference_url	https://access.redhat.com/errata/RHSA-2022:5756
reference_id	RHSA-2022:5756
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5756

reference_url	https://access.redhat.com/errata/RHSA-2022:5757
reference_id	RHSA-2022:5757
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5757

reference_url	https://access.redhat.com/errata/RHSA-2022:5758
reference_id	RHSA-2022:5758
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5758

reference_url	https://access.redhat.com/errata/RHSA-2024:3708
reference_id	RHSA-2024:3708
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:3708

reference_url	https://usn.ubuntu.com/5546-1/
reference_id	USN-5546-1
reference_type
scores
url	https://usn.ubuntu.com/5546-1/

reference_url	https://usn.ubuntu.com/5546-2/
reference_id	USN-5546-2
reference_type
scores
url	https://usn.ubuntu.com/5546-2/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YULPNO3PAWMEQQZV2C54I3H3ZOXFZUTB/

reference_id

YULPNO3PAWMEQQZV2C54I3H3ZOXFZUTB

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-20T16:24:49Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YULPNO3PAWMEQQZV2C54I3H3ZOXFZUTB/

fixed_packages

url	pkg:ebuild/dev-java/openjdk@8.372_p07
purl	pkg:ebuild/dev-java/openjdk@8.372_p07
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk@8.372_p07

url	pkg:ebuild/dev-java/openjdk@11.0.19_p7
purl	pkg:ebuild/dev-java/openjdk@11.0.19_p7
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk@11.0.19_p7

url	pkg:ebuild/dev-java/openjdk@17.0.7_p7
purl	pkg:ebuild/dev-java/openjdk@17.0.7_p7
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk@17.0.7_p7

aliases CVE-2022-34169, GHSA-9339-86wc-4qgf

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-dtbp-teb1-83cn

url VCID-f2f4-z1sv-fqcn

vulnerability_id VCID-f2f4-z1sv-fqcn

summary Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Lightweight HTTP Server). Supported versions that are affected are Oracle Java SE: 8u341, 8u345-perf, 11.0.16.1, 17.0.4.1, 19; Oracle GraalVM Enterprise Edition: 20.3.7, 21.3.3 and 22.2.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.1 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21628.json

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21628.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-21628

reference_id

reference_type

scores

value	0.00203
scoring_system	epss
scoring_elements	0.42293
published_at	2026-06-04T12:55:00Z

value	0.00203
scoring_system	epss
scoring_elements	0.42329
published_at	2026-06-09T12:55:00Z

value	0.00203
scoring_system	epss
scoring_elements	0.42369
published_at	2026-06-05T12:55:00Z

value	0.00203
scoring_system	epss
scoring_elements	0.4238
published_at	2026-06-06T12:55:00Z

value	0.00203
scoring_system	epss
scoring_elements	0.42354
published_at	2026-06-07T12:55:00Z

value	0.00203
scoring_system	epss
scoring_elements	0.42319
published_at	2026-06-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-21628

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21618
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21618

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21619
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21619

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21624
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21624

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21626
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21626

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21628
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21628

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39399
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39399

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21835
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21835

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21843
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21843

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2133769
reference_id	2133769
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2133769

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/37QDWJBGEPP65X43NXQTXQ7KASLUHON6/

reference_id

37QDWJBGEPP65X43NXQTXQ7KASLUHON6

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-23T16:44:33Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/37QDWJBGEPP65X43NXQTXQ7KASLUHON6/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3ARF4QF4N3X5GSFHXUBWARGLISGKJ33R/

reference_id

3ARF4QF4N3X5GSFHXUBWARGLISGKJ33R

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-23T16:44:33Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3ARF4QF4N3X5GSFHXUBWARGLISGKJ33R/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3QLQ7OD33W6LT3HWI7VYDFFJLV75Y73K/

reference_id

3QLQ7OD33W6LT3HWI7VYDFFJLV75Y73K

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-23T16:44:33Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3QLQ7OD33W6LT3HWI7VYDFFJLV75Y73K/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EXSBV3W6EP6B7XJ63Z2FPVBH6HAPGJ5T/

reference_id

EXSBV3W6EP6B7XJ63Z2FPVBH6HAPGJ5T

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-23T16:44:33Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EXSBV3W6EP6B7XJ63Z2FPVBH6HAPGJ5T/

reference_url	https://security.gentoo.org/glsa/202409-26
reference_id	GLSA-202409-26
reference_type
scores
url	https://security.gentoo.org/glsa/202409-26

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HNGMDNIHAA73BEX6XPA2IMXJSGOKKYE6/

reference_id

HNGMDNIHAA73BEX6XPA2IMXJSGOKKYE6

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-23T16:44:33Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HNGMDNIHAA73BEX6XPA2IMXJSGOKKYE6/

reference_url

https://security.netapp.com/advisory/ntap-20221028-0012/

reference_id

ntap-20221028-0012

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-23T16:44:33Z/

url

https://security.netapp.com/advisory/ntap-20221028-0012/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PB3CIGOFG7CENUVVE4FFZT2HI5FO77XU/

reference_id

PB3CIGOFG7CENUVVE4FFZT2HI5FO77XU

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-23T16:44:33Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PB3CIGOFG7CENUVVE4FFZT2HI5FO77XU/

reference_url	https://access.redhat.com/errata/RHSA-2022:6999
reference_id	RHSA-2022:6999
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:6999

reference_url	https://access.redhat.com/errata/RHSA-2022:7000
reference_id	RHSA-2022:7000
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:7000

reference_url	https://access.redhat.com/errata/RHSA-2022:7001
reference_id	RHSA-2022:7001
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:7001

reference_url	https://access.redhat.com/errata/RHSA-2022:7002
reference_id	RHSA-2022:7002
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:7002

reference_url	https://access.redhat.com/errata/RHSA-2022:7003
reference_id	RHSA-2022:7003
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:7003

reference_url	https://access.redhat.com/errata/RHSA-2022:7004
reference_id	RHSA-2022:7004
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:7004

reference_url	https://access.redhat.com/errata/RHSA-2022:7005
reference_id	RHSA-2022:7005
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:7005

reference_url	https://access.redhat.com/errata/RHSA-2022:7006
reference_id	RHSA-2022:7006
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:7006

reference_url	https://access.redhat.com/errata/RHSA-2022:7007
reference_id	RHSA-2022:7007
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:7007

reference_url	https://access.redhat.com/errata/RHSA-2022:7008
reference_id	RHSA-2022:7008
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:7008

reference_url	https://access.redhat.com/errata/RHSA-2022:7009
reference_id	RHSA-2022:7009
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:7009

reference_url	https://access.redhat.com/errata/RHSA-2022:7010
reference_id	RHSA-2022:7010
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:7010

reference_url	https://access.redhat.com/errata/RHSA-2022:7011
reference_id	RHSA-2022:7011
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:7011

reference_url	https://access.redhat.com/errata/RHSA-2022:7012
reference_id	RHSA-2022:7012
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:7012

reference_url	https://access.redhat.com/errata/RHSA-2022:7013
reference_id	RHSA-2022:7013
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:7013

reference_url	https://access.redhat.com/errata/RHSA-2022:7049
reference_id	RHSA-2022:7049
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:7049

reference_url	https://access.redhat.com/errata/RHSA-2022:7050
reference_id	RHSA-2022:7050
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:7050

reference_url	https://access.redhat.com/errata/RHSA-2022:7051
reference_id	RHSA-2022:7051
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:7051

reference_url	https://access.redhat.com/errata/RHSA-2022:7052
reference_id	RHSA-2022:7052
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:7052

reference_url	https://access.redhat.com/errata/RHSA-2022:7053
reference_id	RHSA-2022:7053
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:7053

reference_url	https://access.redhat.com/errata/RHSA-2022:7054
reference_id	RHSA-2022:7054
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:7054

reference_url	https://access.redhat.com/errata/RHSA-2022:8880
reference_id	RHSA-2022:8880
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:8880

reference_url	https://access.redhat.com/errata/RHSA-2023:0128
reference_id	RHSA-2023:0128
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0128

reference_url	https://usn.ubuntu.com/5719-1/
reference_id	USN-5719-1
reference_type
scores
url	https://usn.ubuntu.com/5719-1/

fixed_packages

url	pkg:ebuild/dev-java/openjdk@8.372_p07
purl	pkg:ebuild/dev-java/openjdk@8.372_p07
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk@8.372_p07

url	pkg:ebuild/dev-java/openjdk@11.0.19_p7
purl	pkg:ebuild/dev-java/openjdk@11.0.19_p7
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk@11.0.19_p7

url	pkg:ebuild/dev-java/openjdk@17.0.7_p7
purl	pkg:ebuild/dev-java/openjdk@17.0.7_p7
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk@17.0.7_p7

aliases CVE-2022-21628

risk_score 2.4

exploitability 0.5

weighted_severity 4.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-f2f4-z1sv-fqcn

url VCID-gn2w-qhhs-gfea

vulnerability_id VCID-gn2w-qhhs-gfea

summary Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Security). Supported versions that are affected are Oracle Java SE: 8u341, 8u345-perf, 11.0.16.1, 17.0.4.1, 19; Oracle GraalVM Enterprise Edition: 20.3.7, 21.3.3 and 22.2.0. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 3.7 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N).

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21619.json

reference_id

reference_type

scores

value	3.7
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21619.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-21619

reference_id

reference_type

scores

value	0.00199
scoring_system	epss
scoring_elements	0.41906
published_at	2026-06-04T12:55:00Z

value	0.00199
scoring_system	epss
scoring_elements	0.41936
published_at	2026-06-09T12:55:00Z

value	0.00199
scoring_system	epss
scoring_elements	0.41981
published_at	2026-06-05T12:55:00Z

value	0.00199
scoring_system	epss
scoring_elements	0.41992
published_at	2026-06-06T12:55:00Z

value	0.00199
scoring_system	epss
scoring_elements	0.41963
published_at	2026-06-07T12:55:00Z

value	0.00199
scoring_system	epss
scoring_elements	0.41927
published_at	2026-06-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-21619

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21618
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21618

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21619
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21619

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21624
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21624

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21626
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21626

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21628
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21628

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39399
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39399

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21835
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21835

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21843
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21843

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	3.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2133745
reference_id	2133745
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2133745

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/37QDWJBGEPP65X43NXQTXQ7KASLUHON6/

reference_id

37QDWJBGEPP65X43NXQTXQ7KASLUHON6

reference_type

scores

value	3.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-20T16:08:54Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/37QDWJBGEPP65X43NXQTXQ7KASLUHON6/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3ARF4QF4N3X5GSFHXUBWARGLISGKJ33R/

reference_id

3ARF4QF4N3X5GSFHXUBWARGLISGKJ33R

reference_type

scores

value	3.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-20T16:08:54Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3ARF4QF4N3X5GSFHXUBWARGLISGKJ33R/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3QLQ7OD33W6LT3HWI7VYDFFJLV75Y73K/

reference_id

3QLQ7OD33W6LT3HWI7VYDFFJLV75Y73K

reference_type

scores

value	3.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-20T16:08:54Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3QLQ7OD33W6LT3HWI7VYDFFJLV75Y73K/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EXSBV3W6EP6B7XJ63Z2FPVBH6HAPGJ5T/

reference_id

EXSBV3W6EP6B7XJ63Z2FPVBH6HAPGJ5T

reference_type

scores

value	3.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-20T16:08:54Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EXSBV3W6EP6B7XJ63Z2FPVBH6HAPGJ5T/

reference_url	https://security.gentoo.org/glsa/202409-26
reference_id	GLSA-202409-26
reference_type
scores
url	https://security.gentoo.org/glsa/202409-26

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HNGMDNIHAA73BEX6XPA2IMXJSGOKKYE6/

reference_id

HNGMDNIHAA73BEX6XPA2IMXJSGOKKYE6

reference_type

scores

value	3.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-20T16:08:54Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HNGMDNIHAA73BEX6XPA2IMXJSGOKKYE6/

reference_url

https://security.netapp.com/advisory/ntap-20221028-0012/

reference_id

ntap-20221028-0012

reference_type

scores

value	3.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-20T16:08:54Z/

url

https://security.netapp.com/advisory/ntap-20221028-0012/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PB3CIGOFG7CENUVVE4FFZT2HI5FO77XU/

reference_id

PB3CIGOFG7CENUVVE4FFZT2HI5FO77XU

reference_type

scores

value	3.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-20T16:08:54Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PB3CIGOFG7CENUVVE4FFZT2HI5FO77XU/

reference_url	https://access.redhat.com/errata/RHSA-2022:6999
reference_id	RHSA-2022:6999
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:6999

reference_url	https://access.redhat.com/errata/RHSA-2022:7000
reference_id	RHSA-2022:7000
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:7000

reference_url	https://access.redhat.com/errata/RHSA-2022:7001
reference_id	RHSA-2022:7001
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:7001

reference_url	https://access.redhat.com/errata/RHSA-2022:7002
reference_id	RHSA-2022:7002
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:7002

reference_url	https://access.redhat.com/errata/RHSA-2022:7003
reference_id	RHSA-2022:7003
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:7003

reference_url	https://access.redhat.com/errata/RHSA-2022:7004
reference_id	RHSA-2022:7004
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:7004

reference_url	https://access.redhat.com/errata/RHSA-2022:7005
reference_id	RHSA-2022:7005
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:7005

reference_url	https://access.redhat.com/errata/RHSA-2022:7006
reference_id	RHSA-2022:7006
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:7006

reference_url	https://access.redhat.com/errata/RHSA-2022:7007
reference_id	RHSA-2022:7007
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:7007

reference_url	https://access.redhat.com/errata/RHSA-2022:7008
reference_id	RHSA-2022:7008
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:7008

reference_url	https://access.redhat.com/errata/RHSA-2022:7009
reference_id	RHSA-2022:7009
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:7009

reference_url	https://access.redhat.com/errata/RHSA-2022:7010
reference_id	RHSA-2022:7010
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:7010

reference_url	https://access.redhat.com/errata/RHSA-2022:7011
reference_id	RHSA-2022:7011
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:7011

reference_url	https://access.redhat.com/errata/RHSA-2022:7012
reference_id	RHSA-2022:7012
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:7012

reference_url	https://access.redhat.com/errata/RHSA-2022:7013
reference_id	RHSA-2022:7013
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:7013

reference_url	https://access.redhat.com/errata/RHSA-2022:7049
reference_id	RHSA-2022:7049
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:7049

reference_url	https://access.redhat.com/errata/RHSA-2022:7050
reference_id	RHSA-2022:7050
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:7050

reference_url	https://access.redhat.com/errata/RHSA-2022:7051
reference_id	RHSA-2022:7051
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:7051

reference_url	https://access.redhat.com/errata/RHSA-2022:7052
reference_id	RHSA-2022:7052
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:7052

reference_url	https://access.redhat.com/errata/RHSA-2022:7053
reference_id	RHSA-2022:7053
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:7053

reference_url	https://access.redhat.com/errata/RHSA-2022:7054
reference_id	RHSA-2022:7054
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:7054

reference_url	https://access.redhat.com/errata/RHSA-2022:8880
reference_id	RHSA-2022:8880
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:8880

reference_url	https://access.redhat.com/errata/RHSA-2023:0128
reference_id	RHSA-2023:0128
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0128

reference_url	https://usn.ubuntu.com/5719-1/
reference_id	USN-5719-1
reference_type
scores
url	https://usn.ubuntu.com/5719-1/

fixed_packages

url	pkg:ebuild/dev-java/openjdk@8.372_p07
purl	pkg:ebuild/dev-java/openjdk@8.372_p07
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk@8.372_p07

url	pkg:ebuild/dev-java/openjdk@11.0.19_p7
purl	pkg:ebuild/dev-java/openjdk@11.0.19_p7
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk@11.0.19_p7

url	pkg:ebuild/dev-java/openjdk@17.0.7_p7
purl	pkg:ebuild/dev-java/openjdk@17.0.7_p7
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk@17.0.7_p7

aliases CVE-2022-21619

risk_score 1.6

exploitability 0.5

weighted_severity 3.3

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-gn2w-qhhs-gfea

url VCID-qnxp-j5um-xkac

vulnerability_id VCID-qnxp-j5um-xkac

summary Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 7u343, 8u333, 11.0.15.1, 17.0.3.1, 18.0.1.1; Oracle GraalVM Enterprise Edition: 20.3.6, 21.3.2 and 22.1.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N).

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21540.json

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21540.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-21540

reference_id

reference_type

scores

value	0.00438
scoring_system	epss
scoring_elements	0.63432
published_at	2026-06-04T12:55:00Z

value	0.00438
scoring_system	epss
scoring_elements	0.6348
published_at	2026-06-09T12:55:00Z

value	0.00438
scoring_system	epss
scoring_elements	0.63474
published_at	2026-06-05T12:55:00Z

value	0.00438
scoring_system	epss
scoring_elements	0.63482
published_at	2026-06-06T12:55:00Z

value	0.00438
scoring_system	epss
scoring_elements	0.63473
published_at	2026-06-07T12:55:00Z

value	0.00438
scoring_system	epss
scoring_elements	0.63461
published_at	2026-06-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-21540

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21540
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21540

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21541
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21541

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21549
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21549

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34169
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34169

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2108540
reference_id	2108540
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2108540

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/H4YNJSJ64NPCNKFPNBYITNZU5H3L4D6L/

reference_id

H4YNJSJ64NPCNKFPNBYITNZU5H3L4D6L

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-08-15T15:22:44Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/H4YNJSJ64NPCNKFPNBYITNZU5H3L4D6L/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I5OZNAZJ4YHLOKRRRZSWRT5OJ25E4XLM/

reference_id

I5OZNAZJ4YHLOKRRRZSWRT5OJ25E4XLM

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-08-15T15:22:44Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I5OZNAZJ4YHLOKRRRZSWRT5OJ25E4XLM/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JN3EVGR7FD3ZLV5SBTJXUIDCMSK4QUE2/

reference_id

JN3EVGR7FD3ZLV5SBTJXUIDCMSK4QUE2

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-08-15T15:22:44Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JN3EVGR7FD3ZLV5SBTJXUIDCMSK4QUE2/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KO3DXNKZ4EU3UZBT6AAR4XRKCD73KLMO/

reference_id

KO3DXNKZ4EU3UZBT6AAR4XRKCD73KLMO

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-08-15T15:22:44Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KO3DXNKZ4EU3UZBT6AAR4XRKCD73KLMO/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L3XPOTPPBZIPFBZHQE5E7OW6PDACUMCJ/

reference_id

L3XPOTPPBZIPFBZHQE5E7OW6PDACUMCJ

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-08-15T15:22:44Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L3XPOTPPBZIPFBZHQE5E7OW6PDACUMCJ/

reference_url

https://security.netapp.com/advisory/ntap-20220729-0009/

reference_id

ntap-20220729-0009

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-08-15T15:22:44Z/

url

https://security.netapp.com/advisory/ntap-20220729-0009/

reference_url	https://access.redhat.com/errata/RHSA-2022:5681
reference_id	RHSA-2022:5681
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5681

reference_url	https://access.redhat.com/errata/RHSA-2022:5683
reference_id	RHSA-2022:5683
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5683

reference_url	https://access.redhat.com/errata/RHSA-2022:5684
reference_id	RHSA-2022:5684
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5684

reference_url	https://access.redhat.com/errata/RHSA-2022:5685
reference_id	RHSA-2022:5685
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5685

reference_url	https://access.redhat.com/errata/RHSA-2022:5687
reference_id	RHSA-2022:5687
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5687

reference_url	https://access.redhat.com/errata/RHSA-2022:5695
reference_id	RHSA-2022:5695
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5695

reference_url	https://access.redhat.com/errata/RHSA-2022:5696
reference_id	RHSA-2022:5696
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5696

reference_url	https://access.redhat.com/errata/RHSA-2022:5697
reference_id	RHSA-2022:5697
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5697

reference_url	https://access.redhat.com/errata/RHSA-2022:5698
reference_id	RHSA-2022:5698
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5698

reference_url	https://access.redhat.com/errata/RHSA-2022:5700
reference_id	RHSA-2022:5700
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5700

reference_url	https://access.redhat.com/errata/RHSA-2022:5701
reference_id	RHSA-2022:5701
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5701

reference_url	https://access.redhat.com/errata/RHSA-2022:5709
reference_id	RHSA-2022:5709
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5709

reference_url	https://access.redhat.com/errata/RHSA-2022:5726
reference_id	RHSA-2022:5726
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5726

reference_url	https://access.redhat.com/errata/RHSA-2022:5736
reference_id	RHSA-2022:5736
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5736

reference_url	https://access.redhat.com/errata/RHSA-2022:5753
reference_id	RHSA-2022:5753
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5753

reference_url	https://access.redhat.com/errata/RHSA-2022:5754
reference_id	RHSA-2022:5754
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5754

reference_url	https://access.redhat.com/errata/RHSA-2022:5755
reference_id	RHSA-2022:5755
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5755

reference_url	https://access.redhat.com/errata/RHSA-2022:5756
reference_id	RHSA-2022:5756
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5756

reference_url	https://access.redhat.com/errata/RHSA-2022:5757
reference_id	RHSA-2022:5757
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5757

reference_url	https://access.redhat.com/errata/RHSA-2022:5758
reference_id	RHSA-2022:5758
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5758

reference_url	https://usn.ubuntu.com/5546-1/
reference_id	USN-5546-1
reference_type
scores
url	https://usn.ubuntu.com/5546-1/

reference_url	https://usn.ubuntu.com/5546-2/
reference_id	USN-5546-2
reference_type
scores
url	https://usn.ubuntu.com/5546-2/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YULPNO3PAWMEQQZV2C54I3H3ZOXFZUTB/

reference_id

YULPNO3PAWMEQQZV2C54I3H3ZOXFZUTB

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-08-15T15:22:44Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YULPNO3PAWMEQQZV2C54I3H3ZOXFZUTB/

fixed_packages

url	pkg:ebuild/dev-java/openjdk@8.372_p07
purl	pkg:ebuild/dev-java/openjdk@8.372_p07
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk@8.372_p07

url	pkg:ebuild/dev-java/openjdk@11.0.19_p7
purl	pkg:ebuild/dev-java/openjdk@11.0.19_p7
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk@11.0.19_p7

url	pkg:ebuild/dev-java/openjdk@17.0.7_p7
purl	pkg:ebuild/dev-java/openjdk@17.0.7_p7
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk@17.0.7_p7

aliases CVE-2022-21540

risk_score 2.4

exploitability 0.5

weighted_severity 4.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qnxp-j5um-xkac

url VCID-rxw3-h85j-37aw

vulnerability_id VCID-rxw3-h85j-37aw

summary Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Security). Supported versions that are affected are Oracle Java SE: 8u341, 8u345-perf, 11.0.16.1; Oracle GraalVM Enterprise Edition: 20.3.7, 21.3.3 and 22.2.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21626.json

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21626.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-21626

reference_id

reference_type

scores

value	0.00146
scoring_system	epss
scoring_elements	0.34665
published_at	2026-06-04T12:55:00Z

value	0.00146
scoring_system	epss
scoring_elements	0.34731
published_at	2026-06-09T12:55:00Z

value	0.00146
scoring_system	epss
scoring_elements	0.34762
published_at	2026-06-05T12:55:00Z

value	0.00146
scoring_system	epss
scoring_elements	0.34778
published_at	2026-06-06T12:55:00Z

value	0.00146
scoring_system	epss
scoring_elements	0.34743
published_at	2026-06-07T12:55:00Z

value	0.00146
scoring_system	epss
scoring_elements	0.34708
published_at	2026-06-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-21626

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21619
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21619

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21624
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21624

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21626
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21626

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21628
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21628

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39399
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39399

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21835
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21835

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21843
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21843

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2133753
reference_id	2133753
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2133753

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3ARF4QF4N3X5GSFHXUBWARGLISGKJ33R/

reference_id

3ARF4QF4N3X5GSFHXUBWARGLISGKJ33R

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-20T16:08:47Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3ARF4QF4N3X5GSFHXUBWARGLISGKJ33R/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3QLQ7OD33W6LT3HWI7VYDFFJLV75Y73K/

reference_id

3QLQ7OD33W6LT3HWI7VYDFFJLV75Y73K

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-20T16:08:47Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3QLQ7OD33W6LT3HWI7VYDFFJLV75Y73K/

reference_url	https://security.gentoo.org/glsa/202409-26
reference_id	GLSA-202409-26
reference_type
scores
url	https://security.gentoo.org/glsa/202409-26

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HNGMDNIHAA73BEX6XPA2IMXJSGOKKYE6/

reference_id

HNGMDNIHAA73BEX6XPA2IMXJSGOKKYE6

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-20T16:08:47Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HNGMDNIHAA73BEX6XPA2IMXJSGOKKYE6/

reference_url

https://security.netapp.com/advisory/ntap-20221028-0012/

reference_id

ntap-20221028-0012

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-20T16:08:47Z/

url

https://security.netapp.com/advisory/ntap-20221028-0012/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PB3CIGOFG7CENUVVE4FFZT2HI5FO77XU/

reference_id

PB3CIGOFG7CENUVVE4FFZT2HI5FO77XU

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-20T16:08:47Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PB3CIGOFG7CENUVVE4FFZT2HI5FO77XU/

reference_url	https://access.redhat.com/errata/RHSA-2022:6999
reference_id	RHSA-2022:6999
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:6999

reference_url	https://access.redhat.com/errata/RHSA-2022:7000
reference_id	RHSA-2022:7000
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:7000

reference_url	https://access.redhat.com/errata/RHSA-2022:7001
reference_id	RHSA-2022:7001
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:7001

reference_url	https://access.redhat.com/errata/RHSA-2022:7002
reference_id	RHSA-2022:7002
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:7002

reference_url	https://access.redhat.com/errata/RHSA-2022:7003
reference_id	RHSA-2022:7003
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:7003

reference_url	https://access.redhat.com/errata/RHSA-2022:7004
reference_id	RHSA-2022:7004
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:7004

reference_url	https://access.redhat.com/errata/RHSA-2022:7005
reference_id	RHSA-2022:7005
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:7005

reference_url	https://access.redhat.com/errata/RHSA-2022:7006
reference_id	RHSA-2022:7006
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:7006

reference_url	https://access.redhat.com/errata/RHSA-2022:7007
reference_id	RHSA-2022:7007
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:7007

reference_url	https://access.redhat.com/errata/RHSA-2022:7008
reference_id	RHSA-2022:7008
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:7008

reference_url	https://access.redhat.com/errata/RHSA-2022:7009
reference_id	RHSA-2022:7009
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:7009

reference_url	https://access.redhat.com/errata/RHSA-2022:7010
reference_id	RHSA-2022:7010
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:7010

reference_url	https://access.redhat.com/errata/RHSA-2022:7011
reference_id	RHSA-2022:7011
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:7011

reference_url	https://access.redhat.com/errata/RHSA-2022:7012
reference_id	RHSA-2022:7012
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:7012

reference_url	https://access.redhat.com/errata/RHSA-2022:7013
reference_id	RHSA-2022:7013
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:7013

reference_url	https://access.redhat.com/errata/RHSA-2022:7049
reference_id	RHSA-2022:7049
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:7049

reference_url	https://access.redhat.com/errata/RHSA-2022:7050
reference_id	RHSA-2022:7050
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:7050

reference_url	https://access.redhat.com/errata/RHSA-2022:7051
reference_id	RHSA-2022:7051
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:7051

reference_url	https://access.redhat.com/errata/RHSA-2022:7052
reference_id	RHSA-2022:7052
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:7052

reference_url	https://access.redhat.com/errata/RHSA-2022:7053
reference_id	RHSA-2022:7053
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:7053

reference_url	https://access.redhat.com/errata/RHSA-2022:7054
reference_id	RHSA-2022:7054
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:7054

reference_url	https://access.redhat.com/errata/RHSA-2022:8880
reference_id	RHSA-2022:8880
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:8880

reference_url	https://access.redhat.com/errata/RHSA-2023:0128
reference_id	RHSA-2023:0128
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0128

reference_url	https://usn.ubuntu.com/5719-1/
reference_id	USN-5719-1
reference_type
scores
url	https://usn.ubuntu.com/5719-1/

fixed_packages

url	pkg:ebuild/dev-java/openjdk@8.372_p07
purl	pkg:ebuild/dev-java/openjdk@8.372_p07
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk@8.372_p07

url	pkg:ebuild/dev-java/openjdk@11.0.19_p7
purl	pkg:ebuild/dev-java/openjdk@11.0.19_p7
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk@11.0.19_p7

url	pkg:ebuild/dev-java/openjdk@17.0.7_p7
purl	pkg:ebuild/dev-java/openjdk@17.0.7_p7
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk@17.0.7_p7

aliases CVE-2022-21626

risk_score 2.4

exploitability 0.5

weighted_severity 4.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rxw3-h85j-37aw

url VCID-s8j6-csxj-qbbm

vulnerability_id VCID-s8j6-csxj-qbbm

summary Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Oracle Java SE: 17.0.3.1; Oracle GraalVM Enterprise Edition: 21.3.2 and 22.1.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N).

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21549.json

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21549.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-21549

reference_id

reference_type

scores

value	0.00248
scoring_system	epss
scoring_elements	0.48267
published_at	2026-06-04T12:55:00Z

value	0.00248
scoring_system	epss
scoring_elements	0.48299
published_at	2026-06-09T12:55:00Z

value	0.00248
scoring_system	epss
scoring_elements	0.4833
published_at	2026-06-05T12:55:00Z

value	0.00248
scoring_system	epss
scoring_elements	0.48333
published_at	2026-06-06T12:55:00Z

value	0.00248
scoring_system	epss
scoring_elements	0.48315
published_at	2026-06-07T12:55:00Z

value	0.00248
scoring_system	epss
scoring_elements	0.48287
published_at	2026-06-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-21549

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21540
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21540

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21541
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21541

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21549
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21549

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34169
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34169

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2108547
reference_id	2108547
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2108547

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NQICCJXXAYMCCXOO24R4W7Q3RSKCYDMX/

reference_id

NQICCJXXAYMCCXOO24R4W7Q3RSKCYDMX

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-27T15:03:17Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NQICCJXXAYMCCXOO24R4W7Q3RSKCYDMX/

reference_url

https://security.netapp.com/advisory/ntap-20220729-0009/

reference_id

ntap-20220729-0009

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-27T15:03:17Z/

url

https://security.netapp.com/advisory/ntap-20220729-0009/

reference_url	https://access.redhat.com/errata/RHSA-2022:5726
reference_id	RHSA-2022:5726
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5726

reference_url	https://access.redhat.com/errata/RHSA-2022:5736
reference_id	RHSA-2022:5736
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5736

reference_url	https://access.redhat.com/errata/RHSA-2022:5757
reference_id	RHSA-2022:5757
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5757

reference_url	https://access.redhat.com/errata/RHSA-2022:5758
reference_id	RHSA-2022:5758
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5758

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UKJCLA2GDNF4B7ZRKORQ2TIR56AHJ4VC/

reference_id

UKJCLA2GDNF4B7ZRKORQ2TIR56AHJ4VC

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-27T15:03:17Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UKJCLA2GDNF4B7ZRKORQ2TIR56AHJ4VC/

reference_url	https://usn.ubuntu.com/5546-1/
reference_id	USN-5546-1
reference_type
scores
url	https://usn.ubuntu.com/5546-1/

fixed_packages

url	pkg:ebuild/dev-java/openjdk@8.372_p07
purl	pkg:ebuild/dev-java/openjdk@8.372_p07
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk@8.372_p07

url	pkg:ebuild/dev-java/openjdk@11.0.19_p7
purl	pkg:ebuild/dev-java/openjdk@11.0.19_p7
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk@11.0.19_p7

url	pkg:ebuild/dev-java/openjdk@17.0.7_p7
purl	pkg:ebuild/dev-java/openjdk@17.0.7_p7
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk@17.0.7_p7

aliases CVE-2022-21549

risk_score 2.4

exploitability 0.5

weighted_severity 4.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-s8j6-csxj-qbbm

url VCID-sk37-j8k1-yyh3

vulnerability_id VCID-sk37-j8k1-yyh3

summary Apache Commons BCEL has a number of APIs that would normally only allow changing specific class characteristics. However, due to an out-of-bounds writing issue, these APIs can be used to produce arbitrary bytecode. This could be abused in applications that pass attacker-controllable data to those APIs, giving the attacker more control over the resulting bytecode than otherwise expected. Update to Apache Commons BCEL 6.6.0.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-42920.json

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-42920.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-42920

reference_id

reference_type

scores

value	0.03797
scoring_system	epss
scoring_elements	0.88326
published_at	2026-06-09T12:55:00Z

value	0.03797
scoring_system	epss
scoring_elements	0.88289
published_at	2026-06-04T12:55:00Z

value	0.03797
scoring_system	epss
scoring_elements	0.88308
published_at	2026-06-05T12:55:00Z

value	0.03797
scoring_system	epss
scoring_elements	0.8831
published_at	2026-06-07T12:55:00Z

value	0.03797
scoring_system	epss
scoring_elements	0.88311
published_at	2026-06-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-42920

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42920
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42920

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://github.com/apache/commons-bcel

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/commons-bcel

reference_url

https://github.com/apache/commons-bcel/pull/147

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/commons-bcel/pull/147

reference_url

https://issues.apache.org/jira/browse/BCEL-363

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://issues.apache.org/jira/browse/BCEL-363

reference_url

https://lists.apache.org/thread/lfxk7q8qmnh5bt9jm6nmjlv5hsxjhrz4

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread/lfxk7q8qmnh5bt9jm6nmjlv5hsxjhrz4

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LX3HEB4TV2BVCGDTK5BCLSYOZNQTOBN4

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LX3HEB4TV2BVCGDTK5BCLSYOZNQTOBN4

reference_url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LX3HEB4TV2BVCGDTK5BCLSYOZNQTOBN4/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LX3HEB4TV2BVCGDTK5BCLSYOZNQTOBN4/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QAMRHAKGIKZNHRBB4VLYTOIOIMMXCUCD

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QAMRHAKGIKZNHRBB4VLYTOIOIMMXCUCD

reference_url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QAMRHAKGIKZNHRBB4VLYTOIOIMMXCUCD/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QAMRHAKGIKZNHRBB4VLYTOIOIMMXCUCD/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QMVX6COVXZVS5GPWDODIRW6Z2GE7RPAQ

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QMVX6COVXZVS5GPWDODIRW6Z2GE7RPAQ

reference_url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QMVX6COVXZVS5GPWDODIRW6Z2GE7RPAQ/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QMVX6COVXZVS5GPWDODIRW6Z2GE7RPAQ/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LX3HEB4TV2BVCGDTK5BCLSYOZNQTOBN4

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LX3HEB4TV2BVCGDTK5BCLSYOZNQTOBN4

reference_url	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LX3HEB4TV2BVCGDTK5BCLSYOZNQTOBN4/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LX3HEB4TV2BVCGDTK5BCLSYOZNQTOBN4/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QAMRHAKGIKZNHRBB4VLYTOIOIMMXCUCD

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QAMRHAKGIKZNHRBB4VLYTOIOIMMXCUCD

reference_url	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QAMRHAKGIKZNHRBB4VLYTOIOIMMXCUCD/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QAMRHAKGIKZNHRBB4VLYTOIOIMMXCUCD/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QMVX6COVXZVS5GPWDODIRW6Z2GE7RPAQ

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QMVX6COVXZVS5GPWDODIRW6Z2GE7RPAQ

reference_url	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QMVX6COVXZVS5GPWDODIRW6Z2GE7RPAQ/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QMVX6COVXZVS5GPWDODIRW6Z2GE7RPAQ/

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2022-42920

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2022-42920

reference_url

https://security.gentoo.org/glsa/202401-25

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://security.gentoo.org/glsa/202401-25

reference_url

http://www.openwall.com/lists/oss-security/2022/11/07/2

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

http://www.openwall.com/lists/oss-security/2022/11/07/2

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2142707
reference_id	2142707
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2142707

reference_url

https://github.com/advisories/GHSA-97xg-phpr-rg8q

reference_id

GHSA-97xg-phpr-rg8q

reference_type

scores

value	CRITICAL
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-97xg-phpr-rg8q

reference_url	https://security.gentoo.org/glsa/202405-16
reference_id	GLSA-202405-16
reference_type
scores
url	https://security.gentoo.org/glsa/202405-16

reference_url	https://access.redhat.com/errata/RHSA-2022:8958
reference_id	RHSA-2022:8958
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:8958

reference_url	https://access.redhat.com/errata/RHSA-2022:8959
reference_id	RHSA-2022:8959
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:8959

reference_url	https://access.redhat.com/errata/RHSA-2023:0004
reference_id	RHSA-2023:0004
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0004

reference_url	https://access.redhat.com/errata/RHSA-2023:0005
reference_id	RHSA-2023:0005
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0005

reference_url	https://access.redhat.com/errata/RHSA-2023:0470
reference_id	RHSA-2023:0470
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0470

reference_url	https://access.redhat.com/errata/RHSA-2023:0471
reference_id	RHSA-2023:0471
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0471

reference_url	https://access.redhat.com/errata/RHSA-2023:0934
reference_id	RHSA-2023:0934
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0934

reference_url	https://access.redhat.com/errata/RHSA-2023:4983
reference_id	RHSA-2023:4983
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4983

reference_url	https://usn.ubuntu.com/7208-1/
reference_id	USN-7208-1
reference_type
scores
url	https://usn.ubuntu.com/7208-1/

fixed_packages

url	pkg:ebuild/dev-java/openjdk@8.372_p07
purl	pkg:ebuild/dev-java/openjdk@8.372_p07
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk@8.372_p07

url	pkg:ebuild/dev-java/openjdk@11.0.19_p7
purl	pkg:ebuild/dev-java/openjdk@11.0.19_p7
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk@11.0.19_p7

url	pkg:ebuild/dev-java/openjdk@17.0.7_p7
purl	pkg:ebuild/dev-java/openjdk@17.0.7_p7
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk@17.0.7_p7

aliases CVE-2022-42920, GHSA-97xg-phpr-rg8q

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-sk37-j8k1-yyh3

url VCID-x1kg-b1un-xkfm

vulnerability_id VCID-x1kg-b1un-xkfm

summary Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Sound). Supported versions that are affected are Oracle Java SE: 8u351, 8u351-perf, 11.0.17, 17.0.5, 19.0.1; Oracle GraalVM Enterprise Edition: 20.3.8, 21.3.4 and 22.3.0. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.1 Base Score 3.7 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N).

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-21843.json

reference_id

reference_type

scores

value	3.7
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-21843.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-21843

reference_id

reference_type

scores

value	0.00104
scoring_system	epss
scoring_elements	0.27812
published_at	2026-06-09T12:55:00Z

value	0.00104
scoring_system	epss
scoring_elements	0.27854
published_at	2026-06-07T12:55:00Z

value	0.00104
scoring_system	epss
scoring_elements	0.27805
published_at	2026-06-08T12:55:00Z

value	0.0011
scoring_system	epss
scoring_elements	0.29052
published_at	2026-06-05T12:55:00Z

value	0.0011
scoring_system	epss
scoring_elements	0.29018
published_at	2026-06-06T12:55:00Z

value	0.0011
scoring_system	epss
scoring_elements	0.28983
published_at	2026-06-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-21843

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21618
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21618

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21619
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21619

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21624
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21624

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21626
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21626

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21628
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21628

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39399
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39399

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21835
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21835

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21843
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21843

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	3.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2160475
reference_id	2160475
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2160475

reference_url	https://security.gentoo.org/glsa/202409-26
reference_id	GLSA-202409-26
reference_type
scores
url	https://security.gentoo.org/glsa/202409-26

reference_url	https://access.redhat.com/errata/RHSA-2023:0190
reference_id	RHSA-2023:0190
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0190

reference_url	https://access.redhat.com/errata/RHSA-2023:0191
reference_id	RHSA-2023:0191
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0191

reference_url	https://access.redhat.com/errata/RHSA-2023:0192
reference_id	RHSA-2023:0192
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0192

reference_url	https://access.redhat.com/errata/RHSA-2023:0193
reference_id	RHSA-2023:0193
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0193

reference_url	https://access.redhat.com/errata/RHSA-2023:0194
reference_id	RHSA-2023:0194
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0194

reference_url	https://access.redhat.com/errata/RHSA-2023:0195
reference_id	RHSA-2023:0195
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0195

reference_url	https://access.redhat.com/errata/RHSA-2023:0196
reference_id	RHSA-2023:0196
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0196

reference_url	https://access.redhat.com/errata/RHSA-2023:0197
reference_id	RHSA-2023:0197
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0197

reference_url	https://access.redhat.com/errata/RHSA-2023:0198
reference_id	RHSA-2023:0198
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0198

reference_url	https://access.redhat.com/errata/RHSA-2023:0199
reference_id	RHSA-2023:0199
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0199

reference_url	https://access.redhat.com/errata/RHSA-2023:0200
reference_id	RHSA-2023:0200
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0200

reference_url	https://access.redhat.com/errata/RHSA-2023:0201
reference_id	RHSA-2023:0201
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0201

reference_url	https://access.redhat.com/errata/RHSA-2023:0202
reference_id	RHSA-2023:0202
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0202

reference_url	https://access.redhat.com/errata/RHSA-2023:0203
reference_id	RHSA-2023:0203
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0203

reference_url	https://access.redhat.com/errata/RHSA-2023:0204
reference_id	RHSA-2023:0204
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0204

reference_url	https://access.redhat.com/errata/RHSA-2023:0205
reference_id	RHSA-2023:0205
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0205

reference_url	https://access.redhat.com/errata/RHSA-2023:0206
reference_id	RHSA-2023:0206
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0206

reference_url	https://access.redhat.com/errata/RHSA-2023:0207
reference_id	RHSA-2023:0207
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0207

reference_url	https://access.redhat.com/errata/RHSA-2023:0208
reference_id	RHSA-2023:0208
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0208

reference_url	https://access.redhat.com/errata/RHSA-2023:0209
reference_id	RHSA-2023:0209
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0209

reference_url	https://access.redhat.com/errata/RHSA-2023:0210
reference_id	RHSA-2023:0210
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0210

reference_url	https://access.redhat.com/errata/RHSA-2023:0352
reference_id	RHSA-2023:0352
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0352

reference_url	https://access.redhat.com/errata/RHSA-2023:0353
reference_id	RHSA-2023:0353
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0353

reference_url	https://access.redhat.com/errata/RHSA-2023:0354
reference_id	RHSA-2023:0354
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0354

reference_url	https://access.redhat.com/errata/RHSA-2023:0387
reference_id	RHSA-2023:0387
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0387

reference_url	https://access.redhat.com/errata/RHSA-2023:0388
reference_id	RHSA-2023:0388
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0388

reference_url	https://access.redhat.com/errata/RHSA-2023:0389
reference_id	RHSA-2023:0389
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0389

reference_url	https://access.redhat.com/errata/RHSA-2023:3136
reference_id	RHSA-2023:3136
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:3136

reference_url	https://usn.ubuntu.com/5897-1/
reference_id	USN-5897-1
reference_type
scores
url	https://usn.ubuntu.com/5897-1/

reference_url	https://usn.ubuntu.com/5898-1/
reference_id	USN-5898-1
reference_type
scores
url	https://usn.ubuntu.com/5898-1/

fixed_packages

url	pkg:ebuild/dev-java/openjdk@8.372_p07
purl	pkg:ebuild/dev-java/openjdk@8.372_p07
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk@8.372_p07

url	pkg:ebuild/dev-java/openjdk@11.0.19_p7
purl	pkg:ebuild/dev-java/openjdk@11.0.19_p7
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk@11.0.19_p7

url	pkg:ebuild/dev-java/openjdk@17.0.7_p7
purl	pkg:ebuild/dev-java/openjdk@17.0.7_p7
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk@17.0.7_p7

aliases CVE-2023-21843

risk_score 1.6

exploitability 0.5

weighted_severity 3.3

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-x1kg-b1un-xkfm

url VCID-xzgt-fz3r-tufu

vulnerability_id VCID-xzgt-fz3r-tufu

summary Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Serialization). Supported versions that are affected are Oracle Java SE: 8u351, 8u351-perf; Oracle GraalVM Enterprise Edition: 20.3.8 and 21.3.4. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.1 Base Score 5.3 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N).

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-21830.json

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-21830.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-21830

reference_id

reference_type

scores

value	0.00127
scoring_system	epss
scoring_elements	0.31502
published_at	2026-06-09T12:55:00Z

value	0.00127
scoring_system	epss
scoring_elements	0.31509
published_at	2026-06-07T12:55:00Z

value	0.00127
scoring_system	epss
scoring_elements	0.31477
published_at	2026-06-08T12:55:00Z

value	0.00135
scoring_system	epss
scoring_elements	0.33105
published_at	2026-06-06T12:55:00Z

value	0.00135
scoring_system	epss
scoring_elements	0.32988
published_at	2026-06-04T12:55:00Z

value	0.00135
scoring_system	epss
scoring_elements	0.33092
published_at	2026-06-05T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-21830

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2160490
reference_id	2160490
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2160490

reference_url

https://www.oracle.com/security-alerts/cpujul2023.html

reference_id

cpujul2023.html

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-24T22:10:55Z/

url

https://www.oracle.com/security-alerts/cpujul2023.html

reference_url	https://security.gentoo.org/glsa/202409-26
reference_id	GLSA-202409-26
reference_type
scores
url	https://security.gentoo.org/glsa/202409-26

reference_url	https://access.redhat.com/errata/RHSA-2023:0203
reference_id	RHSA-2023:0203
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0203

reference_url	https://access.redhat.com/errata/RHSA-2023:0204
reference_id	RHSA-2023:0204
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0204

reference_url	https://access.redhat.com/errata/RHSA-2023:0205
reference_id	RHSA-2023:0205
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0205

reference_url	https://access.redhat.com/errata/RHSA-2023:0206
reference_id	RHSA-2023:0206
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0206

reference_url	https://access.redhat.com/errata/RHSA-2023:0207
reference_id	RHSA-2023:0207
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0207

reference_url	https://access.redhat.com/errata/RHSA-2023:0208
reference_id	RHSA-2023:0208
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0208

reference_url	https://access.redhat.com/errata/RHSA-2023:0209
reference_id	RHSA-2023:0209
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0209

reference_url	https://access.redhat.com/errata/RHSA-2023:0210
reference_id	RHSA-2023:0210
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0210

reference_url	https://access.redhat.com/errata/RHSA-2023:0354
reference_id	RHSA-2023:0354
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0354

reference_url	https://access.redhat.com/errata/RHSA-2023:0387
reference_id	RHSA-2023:0387
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:0387

reference_url	https://access.redhat.com/errata/RHSA-2023:3136
reference_id	RHSA-2023:3136
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:3136

reference_url	https://usn.ubuntu.com/5898-1/
reference_id	USN-5898-1
reference_type
scores
url	https://usn.ubuntu.com/5898-1/

fixed_packages

url	pkg:ebuild/dev-java/openjdk@8.372_p07
purl	pkg:ebuild/dev-java/openjdk@8.372_p07
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk@8.372_p07

url	pkg:ebuild/dev-java/openjdk@11.0.19_p7
purl	pkg:ebuild/dev-java/openjdk@11.0.19_p7
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk@11.0.19_p7

url	pkg:ebuild/dev-java/openjdk@17.0.7_p7
purl	pkg:ebuild/dev-java/openjdk@17.0.7_p7
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk@17.0.7_p7

aliases CVE-2023-21830

risk_score 2.4

exploitability 0.5

weighted_severity 4.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-xzgt-fz3r-tufu

url VCID-ytpy-r3q9-qbc9

vulnerability_id VCID-ytpy-r3q9-qbc9

summary Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Networking). Supported versions that are affected are Oracle Java SE: 11.0.16.1, 17.0.4.1, 19; Oracle GraalVM Enterprise Edition: 20.3.7, 21.3.3 and 22.2.0. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.1 Base Score 3.7 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N).

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-39399.json

reference_id

reference_type

scores

value	3.7
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-39399.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-39399

reference_id

reference_type

scores

value	0.00215
scoring_system	epss
scoring_elements	0.44059
published_at	2026-06-04T12:55:00Z

value	0.00215
scoring_system	epss
scoring_elements	0.44087
published_at	2026-06-09T12:55:00Z

value	0.00215
scoring_system	epss
scoring_elements	0.44128
published_at	2026-06-05T12:55:00Z

value	0.00215
scoring_system	epss
scoring_elements	0.44136
published_at	2026-06-06T12:55:00Z

value	0.00215
scoring_system	epss
scoring_elements	0.44112
published_at	2026-06-07T12:55:00Z

value	0.00215
scoring_system	epss
scoring_elements	0.44076
published_at	2026-06-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-39399

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21618
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21618

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21619
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21619

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21624
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21624

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21626
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21626

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21628
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21628

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39399
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39399

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21835
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21835

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21843
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21843

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	3.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2133776
reference_id	2133776
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2133776

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/37QDWJBGEPP65X43NXQTXQ7KASLUHON6/

reference_id

37QDWJBGEPP65X43NXQTXQ7KASLUHON6

reference_type

scores

value	3.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-17T17:04:36Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/37QDWJBGEPP65X43NXQTXQ7KASLUHON6/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EXSBV3W6EP6B7XJ63Z2FPVBH6HAPGJ5T/

reference_id

EXSBV3W6EP6B7XJ63Z2FPVBH6HAPGJ5T

reference_type

scores

value	3.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-17T17:04:36Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EXSBV3W6EP6B7XJ63Z2FPVBH6HAPGJ5T/

reference_url	https://security.gentoo.org/glsa/202409-26
reference_id	GLSA-202409-26
reference_type
scores
url	https://security.gentoo.org/glsa/202409-26

reference_url

https://security.netapp.com/advisory/ntap-20221028-0012/

reference_id

ntap-20221028-0012

reference_type

scores

value	3.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-17T17:04:36Z/

url

https://security.netapp.com/advisory/ntap-20221028-0012/

reference_url	https://access.redhat.com/errata/RHSA-2022:6999
reference_id	RHSA-2022:6999
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:6999

reference_url	https://access.redhat.com/errata/RHSA-2022:7000
reference_id	RHSA-2022:7000
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:7000

reference_url	https://access.redhat.com/errata/RHSA-2022:7001
reference_id	RHSA-2022:7001
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:7001

reference_url	https://access.redhat.com/errata/RHSA-2022:7008
reference_id	RHSA-2022:7008
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:7008

reference_url	https://access.redhat.com/errata/RHSA-2022:7009
reference_id	RHSA-2022:7009
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:7009

reference_url	https://access.redhat.com/errata/RHSA-2022:7010
reference_id	RHSA-2022:7010
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:7010

reference_url	https://access.redhat.com/errata/RHSA-2022:7011
reference_id	RHSA-2022:7011
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:7011

reference_url	https://access.redhat.com/errata/RHSA-2022:7012
reference_id	RHSA-2022:7012
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:7012

reference_url	https://access.redhat.com/errata/RHSA-2022:7013
reference_id	RHSA-2022:7013
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:7013

reference_url	https://access.redhat.com/errata/RHSA-2022:7051
reference_id	RHSA-2022:7051
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:7051

reference_url	https://access.redhat.com/errata/RHSA-2022:7052
reference_id	RHSA-2022:7052
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:7052

reference_url	https://access.redhat.com/errata/RHSA-2022:7053
reference_id	RHSA-2022:7053
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:7053

reference_url	https://access.redhat.com/errata/RHSA-2022:7054
reference_id	RHSA-2022:7054
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:7054

reference_url	https://usn.ubuntu.com/5719-1/
reference_id	USN-5719-1
reference_type
scores
url	https://usn.ubuntu.com/5719-1/

fixed_packages

url	pkg:ebuild/dev-java/openjdk@8.372_p07
purl	pkg:ebuild/dev-java/openjdk@8.372_p07
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk@8.372_p07

url	pkg:ebuild/dev-java/openjdk@11.0.19_p7
purl	pkg:ebuild/dev-java/openjdk@11.0.19_p7
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk@11.0.19_p7

url	pkg:ebuild/dev-java/openjdk@17.0.7_p7
purl	pkg:ebuild/dev-java/openjdk@17.0.7_p7
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk@17.0.7_p7

aliases CVE-2022-39399

risk_score 1.6

exploitability 0.5

weighted_severity 3.3

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ytpy-r3q9-qbc9

Risk_score null

Resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/openjdk@8.372_p07

Package Instance