{"url":"http://public2.vulnerablecode.io/api/packages/563339?format=json","purl":"pkg:apk/alpine/openjdk17@17.0.10_p7-r0?arch=s390x&distroversion=v3.23&reponame=community","type":"apk","namespace":"alpine","name":"openjdk17","version":"17.0.10_p7-r0","qualifiers":{"arch":"s390x","distroversion":"v3.23","reponame":"community"},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":"17.0.11_p9-r0","latest_non_vulnerable_version":"17.0.18_p8-r0","affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/31977?format=json","vulnerability_id":"VCID-8cup-qnc8-wudx","summary":"Multiple vulnerabilities have been discovered in OpenJDK, the worst of which could lead to remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-20952.json","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-20952.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-20952","reference_id":"","reference_type":"","scores":[{"value":"0.00324","scoring_system":"epss","scoring_elements":"0.55352","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00324","scoring_system":"epss","scoring_elements":"0.55466","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00324","scoring_system":"epss","scoring_elements":"0.55503","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00324","scoring_system":"epss","scoring_elements":"0.55506","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00324","scoring_system":"epss","scoring_elements":"0.55485","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00324","scoring_system":"epss","scoring_elements":"0.55409","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00324","scoring_system":"epss","scoring_elements":"0.55429","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00324","scoring_system":"epss","scoring_elements":"0.55402","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00324","scoring_system":"epss","scoring_elements":"0.55441","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00324","scoring_system":"epss","scoring_elements":"0.55465","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00324","scoring_system":"epss","scoring_elements":"0.55444","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00324","scoring_system":"epss","scoring_elements":"0.55495","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00324","scoring_system":"epss","scoring_elements":"0.55505","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00324","scoring_system":"epss","scoring_elements":"0.55483","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-20952"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20918","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20918"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20919","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20919"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20921","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20921"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20926","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20926"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20932","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20932"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20945","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20945"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20952","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20952"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2257837","reference_id":"2257837","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2257837"},{"reference_url":"https://security.gentoo.org/glsa/202412-07","reference_id":"GLSA-202412-07","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-07"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2024/01/msg00023.html","reference_id":"msg00023.html","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-01-25T05:01:04Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2024/01/msg00023.html"},{"reference_url":"https://security.netapp.com/advisory/ntap-20240201-0002/","reference_id":"ntap-20240201-0002","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-01-25T05:01:04Z/"}],"url":"https://security.netapp.com/advisory/ntap-20240201-0002/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0222","reference_id":"RHSA-2024:0222","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0222"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0223","reference_id":"RHSA-2024:0223","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0223"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0224","reference_id":"RHSA-2024:0224","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0224"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0225","reference_id":"RHSA-2024:0225","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0225"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0226","reference_id":"RHSA-2024:0226","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0226"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0228","reference_id":"RHSA-2024:0228","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0228"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0230","reference_id":"RHSA-2024:0230","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0230"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0231","reference_id":"RHSA-2024:0231","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0231"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0232","reference_id":"RHSA-2024:0232","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0232"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0233","reference_id":"RHSA-2024:0233","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0233"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0234","reference_id":"RHSA-2024:0234","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0234"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0235","reference_id":"RHSA-2024:0235","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0235"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0237","reference_id":"RHSA-2024:0237","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0237"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0239","reference_id":"RHSA-2024:0239","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0239"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0240","reference_id":"RHSA-2024:0240","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0240"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0241","reference_id":"RHSA-2024:0241","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0241"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0242","reference_id":"RHSA-2024:0242","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0242"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0244","reference_id":"RHSA-2024:0244","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0244"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0246","reference_id":"RHSA-2024:0246","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0246"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0247","reference_id":"RHSA-2024:0247","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0247"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0248","reference_id":"RHSA-2024:0248","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0248"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0249","reference_id":"RHSA-2024:0249","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0249"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0250","reference_id":"RHSA-2024:0250","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0250"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0265","reference_id":"RHSA-2024:0265","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0265"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0266","reference_id":"RHSA-2024:0266","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0266"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0267","reference_id":"RHSA-2024:0267","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0267"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1481","reference_id":"RHSA-2024:1481","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1481"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1482","reference_id":"RHSA-2024:1482","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1482"},{"reference_url":"https://usn.ubuntu.com/6660-1/","reference_id":"USN-6660-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6660-1/"},{"reference_url":"https://usn.ubuntu.com/6661-1/","reference_id":"USN-6661-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6661-1/"},{"reference_url":"https://usn.ubuntu.com/6662-1/","reference_id":"USN-6662-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6662-1/"},{"reference_url":"https://usn.ubuntu.com/6696-1/","reference_id":"USN-6696-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6696-1/"},{"reference_url":"https://usn.ubuntu.com/7096-1/","reference_id":"USN-7096-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7096-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/563339?format=json","purl":"pkg:apk/alpine/openjdk17@17.0.10_p7-r0?arch=s390x&distroversion=v3.23&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openjdk17@17.0.10_p7-r0%3Farch=s390x&distroversion=v3.23&reponame=community"}],"aliases":["CVE-2024-20952"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8cup-qnc8-wudx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/31975?format=json","vulnerability_id":"VCID-d6gm-thtx-bqb7","summary":"Multiple vulnerabilities have been discovered in OpenJDK, the worst of which could lead to remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-20932.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-20932.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-20932","reference_id":"","reference_type":"","scores":[{"value":"0.00131","scoring_system":"epss","scoring_elements":"0.32153","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00131","scoring_system":"epss","scoring_elements":"0.32291","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00172","scoring_system":"epss","scoring_elements":"0.3842","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00172","scoring_system":"epss","scoring_elements":"0.38237","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00172","scoring_system":"epss","scoring_elements":"0.38262","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00172","scoring_system":"epss","scoring_elements":"0.3856","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00172","scoring_system":"epss","scoring_elements":"0.38584","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00172","scoring_system":"epss","scoring_elements":"0.38447","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00172","scoring_system":"epss","scoring_elements":"0.38498","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00172","scoring_system":"epss","scoring_elements":"0.38507","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00172","scoring_system":"epss","scoring_elements":"0.38522","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00172","scoring_system":"epss","scoring_elements":"0.38484","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00172","scoring_system":"epss","scoring_elements":"0.38459","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00172","scoring_system":"epss","scoring_elements":"0.38506","published_at":"2026-04-16T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-20932"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20918","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20918"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20919","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20919"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20921","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20921"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20926","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20926"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20932","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20932"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20945","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20945"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20952","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20952"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2257720","reference_id":"2257720","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2257720"},{"reference_url":"https://security.gentoo.org/glsa/202412-07","reference_id":"GLSA-202412-07","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-07"},{"reference_url":"https://security.netapp.com/advisory/ntap-20240201-0002/","reference_id":"ntap-20240201-0002","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-30T15:51:25Z/"}],"url":"https://security.netapp.com/advisory/ntap-20240201-0002/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0240","reference_id":"RHSA-2024:0240","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0240"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0241","reference_id":"RHSA-2024:0241","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0241"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0242","reference_id":"RHSA-2024:0242","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0242"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0244","reference_id":"RHSA-2024:0244","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0244"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0246","reference_id":"RHSA-2024:0246","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0246"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0267","reference_id":"RHSA-2024:0267","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0267"},{"reference_url":"https://usn.ubuntu.com/6661-1/","reference_id":"USN-6661-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6661-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/563339?format=json","purl":"pkg:apk/alpine/openjdk17@17.0.10_p7-r0?arch=s390x&distroversion=v3.23&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openjdk17@17.0.10_p7-r0%3Farch=s390x&distroversion=v3.23&reponame=community"}],"aliases":["CVE-2024-20932"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-d6gm-thtx-bqb7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/31971?format=json","vulnerability_id":"VCID-fau4-ajny-nfbd","summary":"Multiple vulnerabilities have been discovered in OpenJDK, the worst of which could lead to remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-20921.json","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-20921.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-20921","reference_id":"","reference_type":"","scores":[{"value":"0.00172","scoring_system":"epss","scoring_elements":"0.38159","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00172","scoring_system":"epss","scoring_elements":"0.3855","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00172","scoring_system":"epss","scoring_elements":"0.38391","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00172","scoring_system":"epss","scoring_elements":"0.38366","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00172","scoring_system":"epss","scoring_elements":"0.38275","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00187","scoring_system":"epss","scoring_elements":"0.40592","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00187","scoring_system":"epss","scoring_elements":"0.40563","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00187","scoring_system":"epss","scoring_elements":"0.40574","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00187","scoring_system":"epss","scoring_elements":"0.40556","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00187","scoring_system":"epss","scoring_elements":"0.40536","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00187","scoring_system":"epss","scoring_elements":"0.40584","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00187","scoring_system":"epss","scoring_elements":"0.40554","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00187","scoring_system":"epss","scoring_elements":"0.40564","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00187","scoring_system":"epss","scoring_elements":"0.40513","published_at":"2026-04-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-20921"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20918","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20918"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20919","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20919"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20921","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20921"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20926","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20926"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20932","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20932"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20945","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20945"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20952","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20952"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2257859","reference_id":"2257859","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2257859"},{"reference_url":"https://security.gentoo.org/glsa/202412-07","reference_id":"GLSA-202412-07","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-07"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0222","reference_id":"RHSA-2024:0222","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0222"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0223","reference_id":"RHSA-2024:0223","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0223"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0224","reference_id":"RHSA-2024:0224","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0224"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0225","reference_id":"RHSA-2024:0225","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0225"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0226","reference_id":"RHSA-2024:0226","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0226"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0228","reference_id":"RHSA-2024:0228","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0228"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0230","reference_id":"RHSA-2024:0230","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0230"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0231","reference_id":"RHSA-2024:0231","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0231"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0232","reference_id":"RHSA-2024:0232","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0232"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0233","reference_id":"RHSA-2024:0233","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0233"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0234","reference_id":"RHSA-2024:0234","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0234"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0235","reference_id":"RHSA-2024:0235","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0235"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0237","reference_id":"RHSA-2024:0237","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0237"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0239","reference_id":"RHSA-2024:0239","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0239"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0240","reference_id":"RHSA-2024:0240","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0240"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0241","reference_id":"RHSA-2024:0241","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0241"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0242","reference_id":"RHSA-2024:0242","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0242"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0244","reference_id":"RHSA-2024:0244","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0244"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0246","reference_id":"RHSA-2024:0246","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0246"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0247","reference_id":"RHSA-2024:0247","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0247"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0248","reference_id":"RHSA-2024:0248","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0248"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0249","reference_id":"RHSA-2024:0249","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0249"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0250","reference_id":"RHSA-2024:0250","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0250"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0265","reference_id":"RHSA-2024:0265","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0265"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0266","reference_id":"RHSA-2024:0266","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0266"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0267","reference_id":"RHSA-2024:0267","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0267"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1481","reference_id":"RHSA-2024:1481","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1481"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1482","reference_id":"RHSA-2024:1482","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1482"},{"reference_url":"https://usn.ubuntu.com/6660-1/","reference_id":"USN-6660-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6660-1/"},{"reference_url":"https://usn.ubuntu.com/6661-1/","reference_id":"USN-6661-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6661-1/"},{"reference_url":"https://usn.ubuntu.com/6662-1/","reference_id":"USN-6662-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6662-1/"},{"reference_url":"https://usn.ubuntu.com/6696-1/","reference_id":"USN-6696-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6696-1/"},{"reference_url":"https://usn.ubuntu.com/7096-1/","reference_id":"USN-7096-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7096-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/563339?format=json","purl":"pkg:apk/alpine/openjdk17@17.0.10_p7-r0?arch=s390x&distroversion=v3.23&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openjdk17@17.0.10_p7-r0%3Farch=s390x&distroversion=v3.23&reponame=community"}],"aliases":["CVE-2024-20921"],"risk_score":2.6,"exploitability":"0.5","weighted_severity":"5.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fau4-ajny-nfbd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/31974?format=json","vulnerability_id":"VCID-fwk5-wqvn-4qaz","summary":"Multiple vulnerabilities have been discovered in OpenJDK, the worst of which could lead to remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-20926.json","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-20926.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-20926","reference_id":"","reference_type":"","scores":[{"value":"0.00195","scoring_system":"epss","scoring_elements":"0.41007","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00195","scoring_system":"epss","scoring_elements":"0.41339","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00195","scoring_system":"epss","scoring_elements":"0.4123","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00195","scoring_system":"epss","scoring_elements":"0.41224","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00195","scoring_system":"epss","scoring_elements":"0.41144","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00211","scoring_system":"epss","scoring_elements":"0.43714","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00211","scoring_system":"epss","scoring_elements":"0.43703","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00211","scoring_system":"epss","scoring_elements":"0.43665","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00211","scoring_system":"epss","scoring_elements":"0.4369","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00211","scoring_system":"epss","scoring_elements":"0.43625","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00211","scoring_system":"epss","scoring_elements":"0.43676","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00211","scoring_system":"epss","scoring_elements":"0.4368","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00211","scoring_system":"epss","scoring_elements":"0.437","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00211","scoring_system":"epss","scoring_elements":"0.43668","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00211","scoring_system":"epss","scoring_elements":"0.43651","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-20926"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20918","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20918"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20919","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20919"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20921","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20921"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20926","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20926"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20932","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20932"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20945","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20945"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20952","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20952"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2257850","reference_id":"2257850","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2257850"},{"reference_url":"https://security.gentoo.org/glsa/202412-07","reference_id":"GLSA-202412-07","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-07"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2024/01/msg00023.html","reference_id":"msg00023.html","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-15T16:03:46Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2024/01/msg00023.html"},{"reference_url":"https://security.netapp.com/advisory/ntap-20240201-0002/","reference_id":"ntap-20240201-0002","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-15T16:03:46Z/"}],"url":"https://security.netapp.com/advisory/ntap-20240201-0002/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0222","reference_id":"RHSA-2024:0222","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0222"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0223","reference_id":"RHSA-2024:0223","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0223"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0224","reference_id":"RHSA-2024:0224","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0224"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0225","reference_id":"RHSA-2024:0225","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0225"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0226","reference_id":"RHSA-2024:0226","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0226"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0228","reference_id":"RHSA-2024:0228","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0228"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0230","reference_id":"RHSA-2024:0230","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0230"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0231","reference_id":"RHSA-2024:0231","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0231"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0232","reference_id":"RHSA-2024:0232","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0232"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0233","reference_id":"RHSA-2024:0233","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0233"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0234","reference_id":"RHSA-2024:0234","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0234"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0235","reference_id":"RHSA-2024:0235","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0235"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0237","reference_id":"RHSA-2024:0237","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0237"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0239","reference_id":"RHSA-2024:0239","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0239"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0265","reference_id":"RHSA-2024:0265","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0265"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0266","reference_id":"RHSA-2024:0266","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0266"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1481","reference_id":"RHSA-2024:1481","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1481"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1482","reference_id":"RHSA-2024:1482","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1482"},{"reference_url":"https://usn.ubuntu.com/6660-1/","reference_id":"USN-6660-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6660-1/"},{"reference_url":"https://usn.ubuntu.com/6696-1/","reference_id":"USN-6696-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6696-1/"},{"reference_url":"https://usn.ubuntu.com/7096-1/","reference_id":"USN-7096-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7096-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/563339?format=json","purl":"pkg:apk/alpine/openjdk17@17.0.10_p7-r0?arch=s390x&distroversion=v3.23&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openjdk17@17.0.10_p7-r0%3Farch=s390x&distroversion=v3.23&reponame=community"}],"aliases":["CVE-2024-20926"],"risk_score":2.6,"exploitability":"0.5","weighted_severity":"5.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fwk5-wqvn-4qaz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/241791?format=json","vulnerability_id":"VCID-gfzy-mhnp-dqdg","summary":"Vulnerability in the Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Compiler).  Supported versions that are affected are Oracle GraalVM for JDK: 17.0.9, 21.0.1; Oracle GraalVM Enterprise Edition: 20.3.12, 21.3.8 and  22.3.4. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition.  Successful attacks of this vulnerability can result in  unauthorized read access to a subset of Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data. CVSS 3.1 Base Score 3.7 (Confidentiality impacts).  CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N).","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-20955","reference_id":"","reference_type":"","scores":[{"value":"0.00508","scoring_system":"epss","scoring_elements":"0.66333","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00508","scoring_system":"epss","scoring_elements":"0.66318","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00508","scoring_system":"epss","scoring_elements":"0.66342","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00508","scoring_system":"epss","scoring_elements":"0.66356","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00508","scoring_system":"epss","scoring_elements":"0.66248","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00508","scoring_system":"epss","scoring_elements":"0.66275","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00508","scoring_system":"epss","scoring_elements":"0.66245","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00508","scoring_system":"epss","scoring_elements":"0.66292","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00508","scoring_system":"epss","scoring_elements":"0.66306","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00508","scoring_system":"epss","scoring_elements":"0.66326","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00508","scoring_system":"epss","scoring_elements":"0.66313","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00508","scoring_system":"epss","scoring_elements":"0.66281","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00508","scoring_system":"epss","scoring_elements":"0.66316","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00508","scoring_system":"epss","scoring_elements":"0.66332","published_at":"2026-04-18T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-20955"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/563339?format=json","purl":"pkg:apk/alpine/openjdk17@17.0.10_p7-r0?arch=s390x&distroversion=v3.23&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openjdk17@17.0.10_p7-r0%3Farch=s390x&distroversion=v3.23&reponame=community"}],"aliases":["CVE-2024-20955"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-gfzy-mhnp-dqdg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/31976?format=json","vulnerability_id":"VCID-jztz-7cuw-t7ep","summary":"Multiple vulnerabilities have been discovered in OpenJDK, the worst of which could lead to remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-20945.json","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-20945.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-20945","reference_id":"","reference_type":"","scores":[{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.10809","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.11022","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.1098","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.10934","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.10867","published_at":"2026-04-29T12:55:00Z"},{"value":"0.0004","scoring_system":"epss","scoring_elements":"0.12331","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0004","scoring_system":"epss","scoring_elements":"0.12211","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0004","scoring_system":"epss","scoring_elements":"0.1226","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0004","scoring_system":"epss","scoring_elements":"0.12267","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0004","scoring_system":"epss","scoring_elements":"0.12229","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0004","scoring_system":"epss","scoring_elements":"0.12193","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0004","scoring_system":"epss","scoring_elements":"0.1208","published_at":"2026-04-16T12:55:00Z"},{"value":"0.0004","scoring_system":"epss","scoring_elements":"0.12082","published_at":"2026-04-18T12:55:00Z"},{"value":"0.0004","scoring_system":"epss","scoring_elements":"0.12285","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0004","scoring_system":"epss","scoring_elements":"0.1213","published_at":"2026-04-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-20945"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20918","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20918"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20919","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20919"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20921","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20921"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20926","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20926"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20932","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20932"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20945","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20945"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20952","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20952"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2257874","reference_id":"2257874","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2257874"},{"reference_url":"https://security.gentoo.org/glsa/202412-07","reference_id":"GLSA-202412-07","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-07"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0222","reference_id":"RHSA-2024:0222","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0222"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0223","reference_id":"RHSA-2024:0223","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0223"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0224","reference_id":"RHSA-2024:0224","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0224"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0225","reference_id":"RHSA-2024:0225","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0225"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0226","reference_id":"RHSA-2024:0226","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0226"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0228","reference_id":"RHSA-2024:0228","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0228"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0230","reference_id":"RHSA-2024:0230","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0230"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0231","reference_id":"RHSA-2024:0231","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0231"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0232","reference_id":"RHSA-2024:0232","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0232"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0233","reference_id":"RHSA-2024:0233","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0233"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0234","reference_id":"RHSA-2024:0234","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0234"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0235","reference_id":"RHSA-2024:0235","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0235"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0237","reference_id":"RHSA-2024:0237","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0237"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0239","reference_id":"RHSA-2024:0239","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0239"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0240","reference_id":"RHSA-2024:0240","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0240"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0241","reference_id":"RHSA-2024:0241","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0241"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0242","reference_id":"RHSA-2024:0242","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0242"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0244","reference_id":"RHSA-2024:0244","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0244"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0246","reference_id":"RHSA-2024:0246","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0246"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0247","reference_id":"RHSA-2024:0247","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0247"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0248","reference_id":"RHSA-2024:0248","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0248"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0249","reference_id":"RHSA-2024:0249","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0249"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0250","reference_id":"RHSA-2024:0250","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0250"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0265","reference_id":"RHSA-2024:0265","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0265"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0266","reference_id":"RHSA-2024:0266","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0266"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0267","reference_id":"RHSA-2024:0267","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0267"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1481","reference_id":"RHSA-2024:1481","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1481"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1482","reference_id":"RHSA-2024:1482","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1482"},{"reference_url":"https://usn.ubuntu.com/6660-1/","reference_id":"USN-6660-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6660-1/"},{"reference_url":"https://usn.ubuntu.com/6661-1/","reference_id":"USN-6661-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6661-1/"},{"reference_url":"https://usn.ubuntu.com/6662-1/","reference_id":"USN-6662-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6662-1/"},{"reference_url":"https://usn.ubuntu.com/6696-1/","reference_id":"USN-6696-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6696-1/"},{"reference_url":"https://usn.ubuntu.com/7096-1/","reference_id":"USN-7096-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7096-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/563339?format=json","purl":"pkg:apk/alpine/openjdk17@17.0.10_p7-r0?arch=s390x&distroversion=v3.23&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openjdk17@17.0.10_p7-r0%3Farch=s390x&distroversion=v3.23&reponame=community"}],"aliases":["CVE-2024-20945"],"risk_score":2.1,"exploitability":"0.5","weighted_severity":"4.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-jztz-7cuw-t7ep"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/31970?format=json","vulnerability_id":"VCID-nr6u-aysf-7kgk","summary":"Multiple vulnerabilities have been discovered in OpenJDK, the worst of which could lead to remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-20919.json","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-20919.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-20919","reference_id":"","reference_type":"","scores":[{"value":"0.00156","scoring_system":"epss","scoring_elements":"0.35905","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00156","scoring_system":"epss","scoring_elements":"0.36365","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00156","scoring_system":"epss","scoring_elements":"0.36141","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00156","scoring_system":"epss","scoring_elements":"0.36112","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00156","scoring_system":"epss","scoring_elements":"0.36025","published_at":"2026-04-29T12:55:00Z"},{"value":"0.0017","scoring_system":"epss","scoring_elements":"0.38309","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0017","scoring_system":"epss","scoring_elements":"0.38228","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0017","scoring_system":"epss","scoring_elements":"0.38237","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0017","scoring_system":"epss","scoring_elements":"0.38255","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0017","scoring_system":"epss","scoring_elements":"0.3822","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0017","scoring_system":"epss","scoring_elements":"0.38196","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0017","scoring_system":"epss","scoring_elements":"0.38242","published_at":"2026-04-16T12:55:00Z"},{"value":"0.0017","scoring_system":"epss","scoring_elements":"0.38222","published_at":"2026-04-18T12:55:00Z"},{"value":"0.0017","scoring_system":"epss","scoring_elements":"0.38286","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0017","scoring_system":"epss","scoring_elements":"0.38178","published_at":"2026-04-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-20919"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20918","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20918"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20919","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20919"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20921","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20921"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20926","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20926"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20932","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20932"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20945","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20945"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20952","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20952"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2257853","reference_id":"2257853","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2257853"},{"reference_url":"https://security.gentoo.org/glsa/202412-07","reference_id":"GLSA-202412-07","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-07"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0222","reference_id":"RHSA-2024:0222","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0222"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0223","reference_id":"RHSA-2024:0223","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0223"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0224","reference_id":"RHSA-2024:0224","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0224"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0225","reference_id":"RHSA-2024:0225","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0225"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0226","reference_id":"RHSA-2024:0226","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0226"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0228","reference_id":"RHSA-2024:0228","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0228"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0230","reference_id":"RHSA-2024:0230","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0230"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0231","reference_id":"RHSA-2024:0231","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0231"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0232","reference_id":"RHSA-2024:0232","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0232"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0233","reference_id":"RHSA-2024:0233","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0233"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0234","reference_id":"RHSA-2024:0234","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0234"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0235","reference_id":"RHSA-2024:0235","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0235"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0237","reference_id":"RHSA-2024:0237","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0237"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0239","reference_id":"RHSA-2024:0239","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0239"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0240","reference_id":"RHSA-2024:0240","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0240"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0241","reference_id":"RHSA-2024:0241","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0241"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0242","reference_id":"RHSA-2024:0242","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0242"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0244","reference_id":"RHSA-2024:0244","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0244"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0246","reference_id":"RHSA-2024:0246","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0246"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0247","reference_id":"RHSA-2024:0247","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0247"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0248","reference_id":"RHSA-2024:0248","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0248"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0249","reference_id":"RHSA-2024:0249","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0249"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0250","reference_id":"RHSA-2024:0250","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0250"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0265","reference_id":"RHSA-2024:0265","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0265"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0266","reference_id":"RHSA-2024:0266","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0266"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0267","reference_id":"RHSA-2024:0267","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0267"},{"reference_url":"https://usn.ubuntu.com/6660-1/","reference_id":"USN-6660-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6660-1/"},{"reference_url":"https://usn.ubuntu.com/6661-1/","reference_id":"USN-6661-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6661-1/"},{"reference_url":"https://usn.ubuntu.com/6662-1/","reference_id":"USN-6662-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6662-1/"},{"reference_url":"https://usn.ubuntu.com/6696-1/","reference_id":"USN-6696-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6696-1/"},{"reference_url":"https://usn.ubuntu.com/7096-1/","reference_id":"USN-7096-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7096-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/563339?format=json","purl":"pkg:apk/alpine/openjdk17@17.0.10_p7-r0?arch=s390x&distroversion=v3.23&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openjdk17@17.0.10_p7-r0%3Farch=s390x&distroversion=v3.23&reponame=community"}],"aliases":["CVE-2024-20919"],"risk_score":2.6,"exploitability":"0.5","weighted_severity":"5.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-nr6u-aysf-7kgk"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/19800?format=json","vulnerability_id":"VCID-tp9p-km7u-wbd5","summary":"Java: DoS Vulnerability in JSON-JAVA\nA denial of service vulnerability in JSON-Java was discovered by [ClusterFuzz](https://google.github.io/clusterfuzz/).  A bug in the parser means that an input string of modest size can lead to indefinite amounts of memory being used. There are two issues: (1) the parser bug can be used to circumvent a check that is supposed to prevent the key in a JSON object from itself being another JSON object; (2) if a key does end up being a JSON object then it gets converted into a string, using `\\` to escape special characters, including `\\` itself. So by nesting JSON objects, with a key that is a JSON object that has a key that is a JSON object, and so on, we can get an exponential number of `\\` characters in the escaped string.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-5072.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-5072.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-5072","reference_id":"","reference_type":"","scores":[{"value":"0.00741","scoring_system":"epss","scoring_elements":"0.73031","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00741","scoring_system":"epss","scoring_elements":"0.73034","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00741","scoring_system":"epss","scoring_elements":"0.73024","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00741","scoring_system":"epss","scoring_elements":"0.72983","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00741","scoring_system":"epss","scoring_elements":"0.7299","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00741","scoring_system":"epss","scoring_elements":"0.7298","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00741","scoring_system":"epss","scoring_elements":"0.7294","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00741","scoring_system":"epss","scoring_elements":"0.72946","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00741","scoring_system":"epss","scoring_elements":"0.72963","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00741","scoring_system":"epss","scoring_elements":"0.72939","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00741","scoring_system":"epss","scoring_elements":"0.72925","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00741","scoring_system":"epss","scoring_elements":"0.72887","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00741","scoring_system":"epss","scoring_elements":"0.72912","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00741","scoring_system":"epss","scoring_elements":"0.72892","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00823","scoring_system":"epss","scoring_elements":"0.74507","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-5072"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5072","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5072"},{"reference_url":"https://github.com/stleary/JSON-java","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/stleary/JSON-java"},{"reference_url":"https://github.com/stleary/JSON-java/commit/60662e2f8384d3449822a3a1179bfe8de67b55bb","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/stleary/JSON-java/commit/60662e2f8384d3449822a3a1179bfe8de67b55bb"},{"reference_url":"https://github.com/stleary/JSON-java/issues/758","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-21T16:23:55Z/"}],"url":"https://github.com/stleary/JSON-java/issues/758"},{"reference_url":"https://github.com/stleary/JSON-java/issues/771","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-21T16:23:55Z/"}],"url":"https://github.com/stleary/JSON-java/issues/771"},{"reference_url":"https://github.com/stleary/JSON-java/pull/759","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/stleary/JSON-java/pull/759"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1053882","reference_id":"1053882","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1053882"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1053883","reference_id":"1053883","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1053883"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1053884","reference_id":"1053884","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1053884"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2246417","reference_id":"2246417","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2246417"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-5072","reference_id":"CVE-2023-5072","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-5072"},{"reference_url":"https://github.com/advisories/GHSA-4jq9-2xhw-jpx7","reference_id":"GHSA-4jq9-2xhw-jpx7","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-4jq9-2xhw-jpx7"},{"reference_url":"https://github.com/google/security-research/security/advisories/GHSA-4jq9-2xhw-jpx7","reference_id":"GHSA-4jq9-2xhw-jpx7","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/google/security-research/security/advisories/GHSA-4jq9-2xhw-jpx7"},{"reference_url":"https://security.netapp.com/advisory/ntap-20240621-0007/","reference_id":"ntap-20240621-0007","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-21T16:23:55Z/"}],"url":"https://security.netapp.com/advisory/ntap-20240621-0007/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7617","reference_id":"RHSA-2023:7617","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:7617"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7678","reference_id":"RHSA-2023:7678","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:7678"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7842","reference_id":"RHSA-2023:7842","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:7842"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7845","reference_id":"RHSA-2023:7845","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:7845"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0148","reference_id":"RHSA-2024:0148","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0148"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4271","reference_id":"RHSA-2024:4271","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4271"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/563339?format=json","purl":"pkg:apk/alpine/openjdk17@17.0.10_p7-r0?arch=s390x&distroversion=v3.23&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openjdk17@17.0.10_p7-r0%3Farch=s390x&distroversion=v3.23&reponame=community"}],"aliases":["CVE-2023-5072","GHSA-4jq9-2xhw-jpx7"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-tp9p-km7u-wbd5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/31969?format=json","vulnerability_id":"VCID-wn4r-ugaa-5ydb","summary":"Multiple vulnerabilities have been discovered in OpenJDK, the worst of which could lead to remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-20918.json","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-20918.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-20918","reference_id":"","reference_type":"","scores":[{"value":"0.0022","scoring_system":"epss","scoring_elements":"0.44288","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00238","scoring_system":"epss","scoring_elements":"0.46929","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00238","scoring_system":"epss","scoring_elements":"0.46936","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00238","scoring_system":"epss","scoring_elements":"0.46944","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00238","scoring_system":"epss","scoring_elements":"0.46999","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00238","scoring_system":"epss","scoring_elements":"0.46995","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00238","scoring_system":"epss","scoring_elements":"0.4689","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00238","scoring_system":"epss","scoring_elements":"0.46923","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00238","scoring_system":"epss","scoring_elements":"0.4694","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00238","scoring_system":"epss","scoring_elements":"0.46888","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00238","scoring_system":"epss","scoring_elements":"0.46942","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00238","scoring_system":"epss","scoring_elements":"0.46939","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00238","scoring_system":"epss","scoring_elements":"0.46963","published_at":"2026-04-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-20918"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20918","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20918"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20919","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20919"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20921","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20921"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20926","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20926"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20932","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20932"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20945","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20945"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20952","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20952"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2257728","reference_id":"2257728","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2257728"},{"reference_url":"https://security.gentoo.org/glsa/202412-07","reference_id":"GLSA-202412-07","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-07"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2024/01/msg00023.html","reference_id":"msg00023.html","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-01-25T05:01:02Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2024/01/msg00023.html"},{"reference_url":"https://security.netapp.com/advisory/ntap-20240201-0002/","reference_id":"ntap-20240201-0002","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-01-25T05:01:02Z/"}],"url":"https://security.netapp.com/advisory/ntap-20240201-0002/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0222","reference_id":"RHSA-2024:0222","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0222"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0223","reference_id":"RHSA-2024:0223","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0223"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0224","reference_id":"RHSA-2024:0224","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0224"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0225","reference_id":"RHSA-2024:0225","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0225"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0226","reference_id":"RHSA-2024:0226","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0226"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0228","reference_id":"RHSA-2024:0228","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0228"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0230","reference_id":"RHSA-2024:0230","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0230"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0231","reference_id":"RHSA-2024:0231","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0231"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0232","reference_id":"RHSA-2024:0232","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0232"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0233","reference_id":"RHSA-2024:0233","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0233"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0234","reference_id":"RHSA-2024:0234","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0234"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0235","reference_id":"RHSA-2024:0235","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0235"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0237","reference_id":"RHSA-2024:0237","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0237"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0239","reference_id":"RHSA-2024:0239","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0239"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0240","reference_id":"RHSA-2024:0240","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0240"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0241","reference_id":"RHSA-2024:0241","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0241"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0242","reference_id":"RHSA-2024:0242","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0242"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0244","reference_id":"RHSA-2024:0244","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0244"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0246","reference_id":"RHSA-2024:0246","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0246"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0247","reference_id":"RHSA-2024:0247","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0247"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0248","reference_id":"RHSA-2024:0248","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0248"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0249","reference_id":"RHSA-2024:0249","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0249"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0250","reference_id":"RHSA-2024:0250","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0250"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0265","reference_id":"RHSA-2024:0265","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0265"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0266","reference_id":"RHSA-2024:0266","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0266"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0267","reference_id":"RHSA-2024:0267","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0267"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1481","reference_id":"RHSA-2024:1481","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1481"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1482","reference_id":"RHSA-2024:1482","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1482"},{"reference_url":"https://usn.ubuntu.com/6660-1/","reference_id":"USN-6660-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6660-1/"},{"reference_url":"https://usn.ubuntu.com/6661-1/","reference_id":"USN-6661-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6661-1/"},{"reference_url":"https://usn.ubuntu.com/6662-1/","reference_id":"USN-6662-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6662-1/"},{"reference_url":"https://usn.ubuntu.com/6696-1/","reference_id":"USN-6696-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6696-1/"},{"reference_url":"https://usn.ubuntu.com/7096-1/","reference_id":"USN-7096-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7096-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/563339?format=json","purl":"pkg:apk/alpine/openjdk17@17.0.10_p7-r0?arch=s390x&distroversion=v3.23&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openjdk17@17.0.10_p7-r0%3Farch=s390x&distroversion=v3.23&reponame=community"}],"aliases":["CVE-2024-20918"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wn4r-ugaa-5ydb"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openjdk17@17.0.10_p7-r0%3Farch=s390x&distroversion=v3.23&reponame=community"}