{"url":"http://public2.vulnerablecode.io/api/packages/705163?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.12%2B7-2~deb11u1","type":"deb","namespace":"debian","name":"openjdk-17","version":"17.0.12+7-2~deb11u1","qualifiers":{},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":"17.0.19+10-1~deb12u2","latest_non_vulnerable_version":"17.0.19+10-1~deb12u2","affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/73416?format=json","vulnerability_id":"VCID-1f13-vuzu-1qfa","summary":"openjdk: Enhance Path Factories (Oracle CPU 2025-10)","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-53066.json","reference_id":"","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-53066.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-53066","reference_id":"","reference_type":"","scores":[{"value":"0.00049","scoring_system":"epss","scoring_elements":"0.1577","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00049","scoring_system":"epss","scoring_elements":"0.1576","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00063","scoring_system":"epss","scoring_elements":"0.19705","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00063","scoring_system":"epss","scoring_elements":"0.19774","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-53066"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-53066","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-53066"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1118944","reference_id":"1118944","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1118944"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2403063","reference_id":"2403063","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2403063"},{"reference_url":"https://www.oracle.com/security-alerts/cpuoct2025.html","reference_id":"cpuoct2025.html","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-22T19:44:34Z/"}],"url":"https://www.oracle.com/security-alerts/cpuoct2025.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:18814","reference_id":"RHSA-2025:18814","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:18814"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:18815","reference_id":"RHSA-2025:18815","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:18815"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:18816","reference_id":"RHSA-2025:18816","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:18816"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:18817","reference_id":"RHSA-2025:18817","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:18817"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:18818","reference_id":"RHSA-2025:18818","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:18818"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:18819","reference_id":"RHSA-2025:18819","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:18819"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:18820","reference_id":"RHSA-2025:18820","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:18820"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:18821","reference_id":"RHSA-2025:18821","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:18821"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:18822","reference_id":"RHSA-2025:18822","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:18822"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:18823","reference_id":"RHSA-2025:18823","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:18823"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:18824","reference_id":"RHSA-2025:18824","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:18824"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:18825","reference_id":"RHSA-2025:18825","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:18825"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:18826","reference_id":"RHSA-2025:18826","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:18826"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21485","reference_id":"RHSA-2025:21485","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21485"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22370","reference_id":"RHSA-2025:22370","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:22370"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22672","reference_id":"RHSA-2025:22672","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:22672"},{"reference_url":"https://usn.ubuntu.com/7881-1/","reference_id":"USN-7881-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7881-1/"},{"reference_url":"https://usn.ubuntu.com/7882-1/","reference_id":"USN-7882-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7882-1/"},{"reference_url":"https://usn.ubuntu.com/7883-1/","reference_id":"USN-7883-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7883-1/"},{"reference_url":"https://usn.ubuntu.com/7884-1/","reference_id":"USN-7884-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7884-1/"},{"reference_url":"https://usn.ubuntu.com/7885-1/","reference_id":"USN-7885-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7885-1/"},{"reference_url":"https://usn.ubuntu.com/7900-1/","reference_id":"USN-7900-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7900-1/"},{"reference_url":"https://usn.ubuntu.com/7901-1/","reference_id":"USN-7901-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7901-1/"},{"reference_url":"https://usn.ubuntu.com/7902-1/","reference_id":"USN-7902-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7902-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/705164?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19%2B10-1~deb12u2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19%252B10-1~deb12u2"}],"aliases":["CVE-2025-53066"],"risk_score":2.6,"exploitability":"0.5","weighted_severity":"5.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1f13-vuzu-1qfa"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/88336?format=json","vulnerability_id":"VCID-1zrm-rmy9-3bcs","summary":"JDK: Array indexing integer overflow (8328544)","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21210.json","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21210.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-21210","reference_id":"","reference_type":"","scores":[{"value":"0.00144","scoring_system":"epss","scoring_elements":"0.34373","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00144","scoring_system":"epss","scoring_elements":"0.34437","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00144","scoring_system":"epss","scoring_elements":"0.34453","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00144","scoring_system":"epss","scoring_elements":"0.34417","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-21210"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21210","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21210"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1085696","reference_id":"1085696","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1085696"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2318524","reference_id":"2318524","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2318524"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:11.0.24:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:java_se:11.0.24:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:11.0.24:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:17.0.12:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:java_se:17.0.12:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:17.0.12:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:21.0.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:java_se:21.0.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:21.0.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:23:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:java_se:23:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:23:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:8u421:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:java_se:8u421:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:8u421:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:8u421:*:*:*:enterprise_performance:*:*:*","reference_id":"cpe:2.3:a:oracle:java_se:8u421:*:*:*:enterprise_performance:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:8u421:*:*:*:enterprise_performance:*:*:*"},{"reference_url":"https://security.gentoo.org/glsa/202412-07","reference_id":"GLSA-202412-07","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-07"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10926","reference_id":"RHSA-2024:10926","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10926"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8116","reference_id":"RHSA-2024:8116","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8116"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8117","reference_id":"RHSA-2024:8117","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8117"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8118","reference_id":"RHSA-2024:8118","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8118"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8119","reference_id":"RHSA-2024:8119","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8119"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8120","reference_id":"RHSA-2024:8120","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8120"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8121","reference_id":"RHSA-2024:8121","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8121"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8122","reference_id":"RHSA-2024:8122","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8122"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8123","reference_id":"RHSA-2024:8123","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8123"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8124","reference_id":"RHSA-2024:8124","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8124"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8125","reference_id":"RHSA-2024:8125","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8125"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8126","reference_id":"RHSA-2024:8126","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8126"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8127","reference_id":"RHSA-2024:8127","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8127"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8128","reference_id":"RHSA-2024:8128","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8128"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8129","reference_id":"RHSA-2024:8129","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8129"},{"reference_url":"https://usn.ubuntu.com/7096-1/","reference_id":"USN-7096-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7096-1/"},{"reference_url":"https://usn.ubuntu.com/7097-1/","reference_id":"USN-7097-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7097-1/"},{"reference_url":"https://usn.ubuntu.com/7098-1/","reference_id":"USN-7098-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7098-1/"},{"reference_url":"https://usn.ubuntu.com/7099-1/","reference_id":"USN-7099-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7099-1/"},{"reference_url":"https://usn.ubuntu.com/7124-1/","reference_id":"USN-7124-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7124-1/"},{"reference_url":"https://usn.ubuntu.com/7338-1/","reference_id":"USN-7338-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7338-1/"},{"reference_url":"https://usn.ubuntu.com/7339-1/","reference_id":"USN-7339-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7339-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/705164?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19%2B10-1~deb12u2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19%252B10-1~deb12u2"}],"aliases":["CVE-2024-21210"],"risk_score":1.6,"exploitability":"0.5","weighted_severity":"3.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1zrm-rmy9-3bcs"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/62459?format=json","vulnerability_id":"VCID-247q-sfdz-kqf4","summary":"openjdk: Improve Kerberos credentialing (Oracle CPU 2026-04)","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-22013.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-22013.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-22013","reference_id":"","reference_type":"","scores":[{"value":"0.00067","scoring_system":"epss","scoring_elements":"0.20744","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00067","scoring_system":"epss","scoring_elements":"0.20865","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00067","scoring_system":"epss","scoring_elements":"0.20851","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00067","scoring_system":"epss","scoring_elements":"0.20807","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-22013"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-22013","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-22013"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1134894","reference_id":"1134894","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1134894"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2460040","reference_id":"2460040","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2460040"},{"reference_url":"https://www.oracle.com/security-alerts/cpuapr2026.html","reference_id":"cpuapr2026.html","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-22T14:09:34Z/"}],"url":"https://www.oracle.com/security-alerts/cpuapr2026.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11403","reference_id":"RHSA-2026:11403","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:11403"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11655","reference_id":"RHSA-2026:11655","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:11655"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11822","reference_id":"RHSA-2026:11822","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:11822"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11829","reference_id":"RHSA-2026:11829","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:11829"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11902","reference_id":"RHSA-2026:11902","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:11902"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:22139","reference_id":"RHSA-2026:22139","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:22139"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:22328","reference_id":"RHSA-2026:22328","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:22328"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9254","reference_id":"RHSA-2026:9254","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9254"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9255","reference_id":"RHSA-2026:9255","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9255"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9256","reference_id":"RHSA-2026:9256","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9256"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9682","reference_id":"RHSA-2026:9682","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9682"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9683","reference_id":"RHSA-2026:9683","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9683"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9684","reference_id":"RHSA-2026:9684","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9684"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9685","reference_id":"RHSA-2026:9685","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9685"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9686","reference_id":"RHSA-2026:9686","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9686"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9687","reference_id":"RHSA-2026:9687","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9687"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9688","reference_id":"RHSA-2026:9688","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9688"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9689","reference_id":"RHSA-2026:9689","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9689"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9690","reference_id":"RHSA-2026:9690","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9690"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9691","reference_id":"RHSA-2026:9691","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9691"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9693","reference_id":"RHSA-2026:9693","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9693"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9694","reference_id":"RHSA-2026:9694","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9694"},{"reference_url":"https://usn.ubuntu.com/8327-1/","reference_id":"USN-8327-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8327-1/"},{"reference_url":"https://usn.ubuntu.com/8328-1/","reference_id":"USN-8328-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8328-1/"},{"reference_url":"https://usn.ubuntu.com/8330-1/","reference_id":"USN-8330-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8330-1/"},{"reference_url":"https://usn.ubuntu.com/8331-1/","reference_id":"USN-8331-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8331-1/"},{"reference_url":"https://usn.ubuntu.com/8332-1/","reference_id":"USN-8332-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8332-1/"},{"reference_url":"https://usn.ubuntu.com/8333-1/","reference_id":"USN-8333-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8333-1/"},{"reference_url":"https://usn.ubuntu.com/8334-1/","reference_id":"USN-8334-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8334-1/"},{"reference_url":"https://usn.ubuntu.com/8339-1/","reference_id":"USN-8339-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8339-1/"},{"reference_url":"https://usn.ubuntu.com/8341-1/","reference_id":"USN-8341-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8341-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/705164?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19%2B10-1~deb12u2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19%252B10-1~deb12u2"}],"aliases":["CVE-2026-22013"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-247q-sfdz-kqf4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/62488?format=json","vulnerability_id":"VCID-2whp-5xup-gkd4","summary":"openjdk: Enhance certificate chain validation (Oracle CPU 2026-04)","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-22021.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-22021.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-22021","reference_id":"","reference_type":"","scores":[{"value":"0.00066","scoring_system":"epss","scoring_elements":"0.20549","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00066","scoring_system":"epss","scoring_elements":"0.20675","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00066","scoring_system":"epss","scoring_elements":"0.2066","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00066","scoring_system":"epss","scoring_elements":"0.20618","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-22021"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-22021","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-22021"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1134894","reference_id":"1134894","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1134894"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2460042","reference_id":"2460042","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2460042"},{"reference_url":"https://www.oracle.com/security-alerts/cpuapr2026.html","reference_id":"cpuapr2026.html","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-22T13:58:16Z/"}],"url":"https://www.oracle.com/security-alerts/cpuapr2026.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11403","reference_id":"RHSA-2026:11403","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:11403"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11655","reference_id":"RHSA-2026:11655","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:11655"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11822","reference_id":"RHSA-2026:11822","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:11822"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11829","reference_id":"RHSA-2026:11829","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:11829"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11902","reference_id":"RHSA-2026:11902","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:11902"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:22139","reference_id":"RHSA-2026:22139","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:22139"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:22328","reference_id":"RHSA-2026:22328","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:22328"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9254","reference_id":"RHSA-2026:9254","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9254"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9255","reference_id":"RHSA-2026:9255","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9255"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9256","reference_id":"RHSA-2026:9256","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9256"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9682","reference_id":"RHSA-2026:9682","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9682"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9683","reference_id":"RHSA-2026:9683","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9683"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9684","reference_id":"RHSA-2026:9684","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9684"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9685","reference_id":"RHSA-2026:9685","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9685"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9686","reference_id":"RHSA-2026:9686","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9686"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9687","reference_id":"RHSA-2026:9687","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9687"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9688","reference_id":"RHSA-2026:9688","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9688"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9689","reference_id":"RHSA-2026:9689","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9689"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9690","reference_id":"RHSA-2026:9690","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9690"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9691","reference_id":"RHSA-2026:9691","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9691"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9693","reference_id":"RHSA-2026:9693","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9693"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9694","reference_id":"RHSA-2026:9694","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9694"},{"reference_url":"https://usn.ubuntu.com/8327-1/","reference_id":"USN-8327-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8327-1/"},{"reference_url":"https://usn.ubuntu.com/8328-1/","reference_id":"USN-8328-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8328-1/"},{"reference_url":"https://usn.ubuntu.com/8330-1/","reference_id":"USN-8330-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8330-1/"},{"reference_url":"https://usn.ubuntu.com/8331-1/","reference_id":"USN-8331-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8331-1/"},{"reference_url":"https://usn.ubuntu.com/8332-1/","reference_id":"USN-8332-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8332-1/"},{"reference_url":"https://usn.ubuntu.com/8333-1/","reference_id":"USN-8333-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8333-1/"},{"reference_url":"https://usn.ubuntu.com/8334-1/","reference_id":"USN-8334-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8334-1/"},{"reference_url":"https://usn.ubuntu.com/8339-1/","reference_id":"USN-8339-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8339-1/"},{"reference_url":"https://usn.ubuntu.com/8341-1/","reference_id":"USN-8341-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8341-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/705164?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19%2B10-1~deb12u2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19%252B10-1~deb12u2"}],"aliases":["CVE-2026-22021"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2whp-5xup-gkd4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/88377?format=json","vulnerability_id":"VCID-36zv-cekd-tqeb","summary":"JDK: Integer conversion error leads to incorrect range check (8332644)","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21235.json","reference_id":"","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21235.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-21235","reference_id":"","reference_type":"","scores":[{"value":"0.00171","scoring_system":"epss","scoring_elements":"0.38068","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00171","scoring_system":"epss","scoring_elements":"0.38127","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00171","scoring_system":"epss","scoring_elements":"0.3813","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00171","scoring_system":"epss","scoring_elements":"0.38102","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-21235"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21235","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21235"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1085696","reference_id":"1085696","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1085696"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2318534","reference_id":"2318534","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2318534"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm:20.3.15:*:*:*:enterprise:*:*:*","reference_id":"cpe:2.3:a:oracle:graalvm:20.3.15:*:*:*:enterprise:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm:20.3.15:*:*:*:enterprise:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm:21.3.11:*:*:*:enterprise:*:*:*","reference_id":"cpe:2.3:a:oracle:graalvm:21.3.11:*:*:*:enterprise:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm:21.3.11:*:*:*:enterprise:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:17.0.12:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:graalvm_for_jdk:17.0.12:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:17.0.12:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:21.0.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:graalvm_for_jdk:21.0.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:21.0.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:23:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:graalvm_for_jdk:23:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:23:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:11.0.24:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:java_se:11.0.24:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:11.0.24:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:17.0.12:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:java_se:17.0.12:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:17.0.12:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:21.0.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:java_se:21.0.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:21.0.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:23:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:java_se:23:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:23:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:8u421:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:java_se:8u421:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:8u421:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:8u421:*:*:*:enterprise_performance:*:*:*","reference_id":"cpe:2.3:a:oracle:java_se:8u421:*:*:*:enterprise_performance:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:8u421:*:*:*:enterprise_performance:*:*:*"},{"reference_url":"https://security.gentoo.org/glsa/202412-07","reference_id":"GLSA-202412-07","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-07"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10926","reference_id":"RHSA-2024:10926","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10926"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8116","reference_id":"RHSA-2024:8116","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8116"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8117","reference_id":"RHSA-2024:8117","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8117"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8118","reference_id":"RHSA-2024:8118","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8118"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8119","reference_id":"RHSA-2024:8119","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8119"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8120","reference_id":"RHSA-2024:8120","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8120"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8121","reference_id":"RHSA-2024:8121","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8121"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8122","reference_id":"RHSA-2024:8122","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8122"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8123","reference_id":"RHSA-2024:8123","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8123"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8124","reference_id":"RHSA-2024:8124","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8124"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8125","reference_id":"RHSA-2024:8125","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8125"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8126","reference_id":"RHSA-2024:8126","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8126"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8127","reference_id":"RHSA-2024:8127","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8127"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8128","reference_id":"RHSA-2024:8128","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8128"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8129","reference_id":"RHSA-2024:8129","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8129"},{"reference_url":"https://usn.ubuntu.com/7096-1/","reference_id":"USN-7096-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7096-1/"},{"reference_url":"https://usn.ubuntu.com/7097-1/","reference_id":"USN-7097-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7097-1/"},{"reference_url":"https://usn.ubuntu.com/7098-1/","reference_id":"USN-7098-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7098-1/"},{"reference_url":"https://usn.ubuntu.com/7099-1/","reference_id":"USN-7099-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7099-1/"},{"reference_url":"https://usn.ubuntu.com/7124-1/","reference_id":"USN-7124-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7124-1/"},{"reference_url":"https://usn.ubuntu.com/7338-1/","reference_id":"USN-7338-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7338-1/"},{"reference_url":"https://usn.ubuntu.com/7339-1/","reference_id":"USN-7339-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7339-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/705164?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19%2B10-1~deb12u2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19%252B10-1~deb12u2"}],"aliases":["CVE-2024-21235"],"risk_score":2.1,"exploitability":"0.5","weighted_severity":"4.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-36zv-cekd-tqeb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/68166?format=json","vulnerability_id":"VCID-4wmw-59fz-qbfh","summary":"openjdk: Improve HttpServer Request handling (Oracle CPU 2026-01)","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-21933.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-21933.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-21933","reference_id":"","reference_type":"","scores":[{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.03764","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.03794","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.03796","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.03785","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-21933"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-21933","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-21933"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1126119","reference_id":"1126119","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1126119"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2429926","reference_id":"2429926","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2429926"},{"reference_url":"https://www.oracle.com/security-alerts/cpujan2026.html","reference_id":"cpujan2026.html","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-21T20:56:13Z/"}],"url":"https://www.oracle.com/security-alerts/cpujan2026.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0847","reference_id":"RHSA-2026:0847","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0847"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0848","reference_id":"RHSA-2026:0848","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0848"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0849","reference_id":"RHSA-2026:0849","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0849"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0895","reference_id":"RHSA-2026:0895","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0895"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0896","reference_id":"RHSA-2026:0896","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0896"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0897","reference_id":"RHSA-2026:0897","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0897"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0898","reference_id":"RHSA-2026:0898","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0898"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0899","reference_id":"RHSA-2026:0899","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0899"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0900","reference_id":"RHSA-2026:0900","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0900"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0901","reference_id":"RHSA-2026:0901","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0901"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0927","reference_id":"RHSA-2026:0927","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0927"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0928","reference_id":"RHSA-2026:0928","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0928"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0931","reference_id":"RHSA-2026:0931","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0931"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0932","reference_id":"RHSA-2026:0932","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0932"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0933","reference_id":"RHSA-2026:0933","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0933"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1606","reference_id":"RHSA-2026:1606","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1606"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4832","reference_id":"RHSA-2026:4832","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4832"},{"reference_url":"https://usn.ubuntu.com/7995-1/","reference_id":"USN-7995-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7995-1/"},{"reference_url":"https://usn.ubuntu.com/7996-1/","reference_id":"USN-7996-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7996-1/"},{"reference_url":"https://usn.ubuntu.com/7997-1/","reference_id":"USN-7997-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7997-1/"},{"reference_url":"https://usn.ubuntu.com/7998-1/","reference_id":"USN-7998-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7998-1/"},{"reference_url":"https://usn.ubuntu.com/8000-1/","reference_id":"USN-8000-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8000-1/"},{"reference_url":"https://usn.ubuntu.com/8001-1/","reference_id":"USN-8001-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8001-1/"},{"reference_url":"https://usn.ubuntu.com/8002-1/","reference_id":"USN-8002-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8002-1/"},{"reference_url":"https://usn.ubuntu.com/8003-1/","reference_id":"USN-8003-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8003-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/705164?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19%2B10-1~deb12u2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19%252B10-1~deb12u2"}],"aliases":["CVE-2026-21933"],"risk_score":2.8,"exploitability":"0.5","weighted_severity":"5.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4wmw-59fz-qbfh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/62439?format=json","vulnerability_id":"VCID-54tg-29eb-bkds","summary":"openjdk: Enhance crypto algorithm support (Oracle CPU 2026-04)","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-22007.json","reference_id":"","reference_type":"","scores":[{"value":"2.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-22007.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-22007","reference_id":"","reference_type":"","scores":[{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.06323","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.06386","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.06377","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.06368","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-22007"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-22007","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-22007"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"2.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1134894","reference_id":"1134894","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1134894"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2460038","reference_id":"2460038","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2460038"},{"reference_url":"https://www.oracle.com/security-alerts/cpuapr2026.html","reference_id":"cpuapr2026.html","reference_type":"","scores":[{"value":"2.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-22T14:05:16Z/"}],"url":"https://www.oracle.com/security-alerts/cpuapr2026.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11403","reference_id":"RHSA-2026:11403","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:11403"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11655","reference_id":"RHSA-2026:11655","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:11655"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11822","reference_id":"RHSA-2026:11822","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:11822"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11829","reference_id":"RHSA-2026:11829","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:11829"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11902","reference_id":"RHSA-2026:11902","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:11902"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:22139","reference_id":"RHSA-2026:22139","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:22139"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:22328","reference_id":"RHSA-2026:22328","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:22328"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9254","reference_id":"RHSA-2026:9254","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9254"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9255","reference_id":"RHSA-2026:9255","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9255"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9256","reference_id":"RHSA-2026:9256","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9256"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9682","reference_id":"RHSA-2026:9682","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9682"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9683","reference_id":"RHSA-2026:9683","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9683"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9684","reference_id":"RHSA-2026:9684","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9684"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9685","reference_id":"RHSA-2026:9685","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9685"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9686","reference_id":"RHSA-2026:9686","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9686"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9687","reference_id":"RHSA-2026:9687","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9687"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9688","reference_id":"RHSA-2026:9688","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9688"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9689","reference_id":"RHSA-2026:9689","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9689"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9690","reference_id":"RHSA-2026:9690","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9690"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9691","reference_id":"RHSA-2026:9691","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9691"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9693","reference_id":"RHSA-2026:9693","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9693"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9694","reference_id":"RHSA-2026:9694","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9694"},{"reference_url":"https://usn.ubuntu.com/8327-1/","reference_id":"USN-8327-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8327-1/"},{"reference_url":"https://usn.ubuntu.com/8328-1/","reference_id":"USN-8328-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8328-1/"},{"reference_url":"https://usn.ubuntu.com/8330-1/","reference_id":"USN-8330-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8330-1/"},{"reference_url":"https://usn.ubuntu.com/8331-1/","reference_id":"USN-8331-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8331-1/"},{"reference_url":"https://usn.ubuntu.com/8332-1/","reference_id":"USN-8332-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8332-1/"},{"reference_url":"https://usn.ubuntu.com/8333-1/","reference_id":"USN-8333-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8333-1/"},{"reference_url":"https://usn.ubuntu.com/8334-1/","reference_id":"USN-8334-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8334-1/"},{"reference_url":"https://usn.ubuntu.com/8339-1/","reference_id":"USN-8339-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8339-1/"},{"reference_url":"https://usn.ubuntu.com/8341-1/","reference_id":"USN-8341-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8341-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/705164?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19%2B10-1~deb12u2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19%252B10-1~deb12u2"}],"aliases":["CVE-2026-22007"],"risk_score":1.3,"exploitability":"0.5","weighted_severity":"2.6","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-54tg-29eb-bkds"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/62470?format=json","vulnerability_id":"VCID-6w8a-h9b9-cbfe","summary":"openjdk: Enhance Zip file reading (Oracle CPU 2026-04)","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-22018.json","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-22018.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-22018","reference_id":"","reference_type":"","scores":[{"value":"0.00066","scoring_system":"epss","scoring_elements":"0.20549","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00066","scoring_system":"epss","scoring_elements":"0.20675","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00066","scoring_system":"epss","scoring_elements":"0.2066","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00066","scoring_system":"epss","scoring_elements":"0.20618","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-22018"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-22018","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-22018"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1134894","reference_id":"1134894","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1134894"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2460041","reference_id":"2460041","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2460041"},{"reference_url":"https://www.oracle.com/security-alerts/cpuapr2026.html","reference_id":"cpuapr2026.html","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-22T14:05:52Z/"}],"url":"https://www.oracle.com/security-alerts/cpuapr2026.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11403","reference_id":"RHSA-2026:11403","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:11403"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11655","reference_id":"RHSA-2026:11655","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:11655"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11822","reference_id":"RHSA-2026:11822","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:11822"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11829","reference_id":"RHSA-2026:11829","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:11829"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11902","reference_id":"RHSA-2026:11902","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:11902"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:22139","reference_id":"RHSA-2026:22139","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:22139"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9254","reference_id":"RHSA-2026:9254","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9254"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9255","reference_id":"RHSA-2026:9255","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9255"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9256","reference_id":"RHSA-2026:9256","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9256"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9682","reference_id":"RHSA-2026:9682","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9682"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9683","reference_id":"RHSA-2026:9683","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9683"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9684","reference_id":"RHSA-2026:9684","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9684"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9685","reference_id":"RHSA-2026:9685","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9685"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9686","reference_id":"RHSA-2026:9686","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9686"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9687","reference_id":"RHSA-2026:9687","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9687"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9688","reference_id":"RHSA-2026:9688","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9688"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9689","reference_id":"RHSA-2026:9689","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9689"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9690","reference_id":"RHSA-2026:9690","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9690"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9691","reference_id":"RHSA-2026:9691","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9691"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9693","reference_id":"RHSA-2026:9693","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9693"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9694","reference_id":"RHSA-2026:9694","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9694"},{"reference_url":"https://usn.ubuntu.com/8327-1/","reference_id":"USN-8327-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8327-1/"},{"reference_url":"https://usn.ubuntu.com/8328-1/","reference_id":"USN-8328-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8328-1/"},{"reference_url":"https://usn.ubuntu.com/8330-1/","reference_id":"USN-8330-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8330-1/"},{"reference_url":"https://usn.ubuntu.com/8331-1/","reference_id":"USN-8331-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8331-1/"},{"reference_url":"https://usn.ubuntu.com/8332-1/","reference_id":"USN-8332-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8332-1/"},{"reference_url":"https://usn.ubuntu.com/8333-1/","reference_id":"USN-8333-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8333-1/"},{"reference_url":"https://usn.ubuntu.com/8334-1/","reference_id":"USN-8334-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8334-1/"},{"reference_url":"https://usn.ubuntu.com/8339-1/","reference_id":"USN-8339-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8339-1/"},{"reference_url":"https://usn.ubuntu.com/8341-1/","reference_id":"USN-8341-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8341-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/705164?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19%2B10-1~deb12u2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19%252B10-1~deb12u2"}],"aliases":["CVE-2026-22018"],"risk_score":1.6,"exploitability":"0.5","weighted_severity":"3.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6w8a-h9b9-cbfe"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/88349?format=json","vulnerability_id":"VCID-7v19-naqh-fuf4","summary":"JDK: HTTP client improper handling of maxHeaderSize (8328286)","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21208.json","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21208.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-21208","reference_id":"","reference_type":"","scores":[{"value":"0.00054","scoring_system":"epss","scoring_elements":"0.17247","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00054","scoring_system":"epss","scoring_elements":"0.17368","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00054","scoring_system":"epss","scoring_elements":"0.17363","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00054","scoring_system":"epss","scoring_elements":"0.17326","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-21208"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21208","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21208"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1085696","reference_id":"1085696","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1085696"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2318526","reference_id":"2318526","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2318526"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm:20.3.15:*:*:*:enterprise:*:*:*","reference_id":"cpe:2.3:a:oracle:graalvm:20.3.15:*:*:*:enterprise:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm:20.3.15:*:*:*:enterprise:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm:21.3.11:*:*:*:enterprise:*:*:*","reference_id":"cpe:2.3:a:oracle:graalvm:21.3.11:*:*:*:enterprise:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm:21.3.11:*:*:*:enterprise:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:17.0.12:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:graalvm_for_jdk:17.0.12:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:17.0.12:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:21.0.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:graalvm_for_jdk:21.0.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:21.0.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:23:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:graalvm_for_jdk:23:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:23:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:11.0.24:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:java_se:11.0.24:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:11.0.24:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:17.0.12:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:java_se:17.0.12:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:17.0.12:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:21.0.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:java_se:21.0.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:21.0.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:23:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:java_se:23:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:23:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:8u421:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:java_se:8u421:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:8u421:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:8u421:*:*:*:enterprise_performance:*:*:*","reference_id":"cpe:2.3:a:oracle:java_se:8u421:*:*:*:enterprise_performance:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:8u421:*:*:*:enterprise_performance:*:*:*"},{"reference_url":"https://security.gentoo.org/glsa/202412-07","reference_id":"GLSA-202412-07","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-07"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10926","reference_id":"RHSA-2024:10926","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10926"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8116","reference_id":"RHSA-2024:8116","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8116"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8117","reference_id":"RHSA-2024:8117","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8117"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8118","reference_id":"RHSA-2024:8118","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8118"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8119","reference_id":"RHSA-2024:8119","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8119"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8120","reference_id":"RHSA-2024:8120","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8120"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8121","reference_id":"RHSA-2024:8121","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8121"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8122","reference_id":"RHSA-2024:8122","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8122"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8123","reference_id":"RHSA-2024:8123","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8123"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8124","reference_id":"RHSA-2024:8124","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8124"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8125","reference_id":"RHSA-2024:8125","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8125"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8126","reference_id":"RHSA-2024:8126","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8126"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8127","reference_id":"RHSA-2024:8127","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8127"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8128","reference_id":"RHSA-2024:8128","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8128"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8129","reference_id":"RHSA-2024:8129","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8129"},{"reference_url":"https://usn.ubuntu.com/7096-1/","reference_id":"USN-7096-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7096-1/"},{"reference_url":"https://usn.ubuntu.com/7097-1/","reference_id":"USN-7097-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7097-1/"},{"reference_url":"https://usn.ubuntu.com/7098-1/","reference_id":"USN-7098-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7098-1/"},{"reference_url":"https://usn.ubuntu.com/7099-1/","reference_id":"USN-7099-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7099-1/"},{"reference_url":"https://usn.ubuntu.com/7124-1/","reference_id":"USN-7124-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7124-1/"},{"reference_url":"https://usn.ubuntu.com/7338-1/","reference_id":"USN-7338-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7338-1/"},{"reference_url":"https://usn.ubuntu.com/7339-1/","reference_id":"USN-7339-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7339-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/705164?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19%2B10-1~deb12u2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19%252B10-1~deb12u2"}],"aliases":["CVE-2024-21208"],"risk_score":1.6,"exploitability":"0.5","weighted_severity":"3.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7v19-naqh-fuf4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/78321?format=json","vulnerability_id":"VCID-bc11-eev2-rkfn","summary":"openjdk: Improve HTTP client header handling (Oracle CPU 2025-07)","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-50059.json","reference_id":"","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-50059.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-50059","reference_id":"","reference_type":"","scores":[{"value":"0.00516","scoring_system":"epss","scoring_elements":"0.67058","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00516","scoring_system":"epss","scoring_elements":"0.67082","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00516","scoring_system":"epss","scoring_elements":"0.67091","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00516","scoring_system":"epss","scoring_elements":"0.67075","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-50059"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-50059","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-50059"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2376785","reference_id":"2376785","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2376785"},{"reference_url":"https://www.oracle.com/security-alerts/cpujul2025.html","reference_id":"cpujul2025.html","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-07-16T14:42:42Z/"}],"url":"https://www.oracle.com/security-alerts/cpujul2025.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10865","reference_id":"RHSA-2025:10865","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10865"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10866","reference_id":"RHSA-2025:10866","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10866"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10867","reference_id":"RHSA-2025:10867","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10867"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10868","reference_id":"RHSA-2025:10868","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10868"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10869","reference_id":"RHSA-2025:10869","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10869"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10870","reference_id":"RHSA-2025:10870","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10870"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10873","reference_id":"RHSA-2025:10873","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10873"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10874","reference_id":"RHSA-2025:10874","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10874"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10875","reference_id":"RHSA-2025:10875","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10875"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:13656","reference_id":"RHSA-2025:13656","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:13656"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0934","reference_id":"RHSA-2026:0934","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0934"},{"reference_url":"https://usn.ubuntu.com/7668-1/","reference_id":"USN-7668-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7668-1/"},{"reference_url":"https://usn.ubuntu.com/7669-1/","reference_id":"USN-7669-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7669-1/"},{"reference_url":"https://usn.ubuntu.com/7672-1/","reference_id":"USN-7672-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7672-1/"},{"reference_url":"https://usn.ubuntu.com/7673-1/","reference_id":"USN-7673-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7673-1/"},{"reference_url":"https://usn.ubuntu.com/7674-1/","reference_id":"USN-7674-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7674-1/"},{"reference_url":"https://usn.ubuntu.com/7690-1/","reference_id":"USN-7690-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7690-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/705164?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19%2B10-1~deb12u2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19%252B10-1~deb12u2"}],"aliases":["CVE-2025-50059"],"risk_score":3.9,"exploitability":"0.5","weighted_severity":"7.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-bc11-eev2-rkfn"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/62510?format=json","vulnerability_id":"VCID-bhx8-hjgu-tfef","summary":"openjdk: Enhance TLS connection handling (Oracle CPU 2026-04)","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-34282.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-34282.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-34282","reference_id":"","reference_type":"","scores":[{"value":"0.00066","scoring_system":"epss","scoring_elements":"0.20549","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00066","scoring_system":"epss","scoring_elements":"0.20675","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00066","scoring_system":"epss","scoring_elements":"0.2066","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00066","scoring_system":"epss","scoring_elements":"0.20618","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-34282"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-34282","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-34282"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2460044","reference_id":"2460044","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2460044"},{"reference_url":"https://www.oracle.com/security-alerts/cpuapr2026.html","reference_id":"cpuapr2026.html","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-22T15:33:23Z/"}],"url":"https://www.oracle.com/security-alerts/cpuapr2026.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11403","reference_id":"RHSA-2026:11403","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:11403"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11655","reference_id":"RHSA-2026:11655","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:11655"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11822","reference_id":"RHSA-2026:11822","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:11822"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11829","reference_id":"RHSA-2026:11829","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:11829"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11902","reference_id":"RHSA-2026:11902","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:11902"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:22328","reference_id":"RHSA-2026:22328","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:22328"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9254","reference_id":"RHSA-2026:9254","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9254"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9255","reference_id":"RHSA-2026:9255","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9255"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9256","reference_id":"RHSA-2026:9256","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9256"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9686","reference_id":"RHSA-2026:9686","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9686"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9687","reference_id":"RHSA-2026:9687","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9687"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9688","reference_id":"RHSA-2026:9688","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9688"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9689","reference_id":"RHSA-2026:9689","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9689"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9690","reference_id":"RHSA-2026:9690","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9690"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9691","reference_id":"RHSA-2026:9691","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9691"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9693","reference_id":"RHSA-2026:9693","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9693"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9694","reference_id":"RHSA-2026:9694","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9694"},{"reference_url":"https://usn.ubuntu.com/8327-1/","reference_id":"USN-8327-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8327-1/"},{"reference_url":"https://usn.ubuntu.com/8328-1/","reference_id":"USN-8328-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8328-1/"},{"reference_url":"https://usn.ubuntu.com/8331-1/","reference_id":"USN-8331-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8331-1/"},{"reference_url":"https://usn.ubuntu.com/8332-1/","reference_id":"USN-8332-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8332-1/"},{"reference_url":"https://usn.ubuntu.com/8333-1/","reference_id":"USN-8333-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8333-1/"},{"reference_url":"https://usn.ubuntu.com/8334-1/","reference_id":"USN-8334-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8334-1/"},{"reference_url":"https://usn.ubuntu.com/8339-1/","reference_id":"USN-8339-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8339-1/"},{"reference_url":"https://usn.ubuntu.com/8341-1/","reference_id":"USN-8341-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8341-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/705164?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19%2B10-1~deb12u2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19%252B10-1~deb12u2"}],"aliases":["CVE-2026-34282"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-bhx8-hjgu-tfef"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/78302?format=json","vulnerability_id":"VCID-bv9f-czjr-wybm","summary":"openjdk: Enhance TLS protocol support (Oracle CPU 2025-07)","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-30754.json","reference_id":"","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-30754.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-30754","reference_id":"","reference_type":"","scores":[{"value":"0.00459","scoring_system":"epss","scoring_elements":"0.64374","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00459","scoring_system":"epss","scoring_elements":"0.64386","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00459","scoring_system":"epss","scoring_elements":"0.64395","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00459","scoring_system":"epss","scoring_elements":"0.64384","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-30754"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-30754","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-30754"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2376784","reference_id":"2376784","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2376784"},{"reference_url":"https://www.oracle.com/security-alerts/cpujul2025.html","reference_id":"cpujul2025.html","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-16T15:31:20Z/"}],"url":"https://www.oracle.com/security-alerts/cpujul2025.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10861","reference_id":"RHSA-2025:10861","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10861"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10862","reference_id":"RHSA-2025:10862","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10862"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10863","reference_id":"RHSA-2025:10863","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10863"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10864","reference_id":"RHSA-2025:10864","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10864"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10865","reference_id":"RHSA-2025:10865","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10865"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10866","reference_id":"RHSA-2025:10866","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10866"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10867","reference_id":"RHSA-2025:10867","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10867"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10868","reference_id":"RHSA-2025:10868","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10868"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10869","reference_id":"RHSA-2025:10869","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10869"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10870","reference_id":"RHSA-2025:10870","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10870"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10873","reference_id":"RHSA-2025:10873","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10873"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10874","reference_id":"RHSA-2025:10874","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10874"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10875","reference_id":"RHSA-2025:10875","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10875"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:13656","reference_id":"RHSA-2025:13656","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:13656"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:13675","reference_id":"RHSA-2025:13675","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:13675"},{"reference_url":"https://usn.ubuntu.com/7667-1/","reference_id":"USN-7667-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7667-1/"},{"reference_url":"https://usn.ubuntu.com/7668-1/","reference_id":"USN-7668-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7668-1/"},{"reference_url":"https://usn.ubuntu.com/7669-1/","reference_id":"USN-7669-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7669-1/"},{"reference_url":"https://usn.ubuntu.com/7672-1/","reference_id":"USN-7672-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7672-1/"},{"reference_url":"https://usn.ubuntu.com/7673-1/","reference_id":"USN-7673-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7673-1/"},{"reference_url":"https://usn.ubuntu.com/7674-1/","reference_id":"USN-7674-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7674-1/"},{"reference_url":"https://usn.ubuntu.com/7690-1/","reference_id":"USN-7690-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7690-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/705164?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19%2B10-1~deb12u2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19%252B10-1~deb12u2"}],"aliases":["CVE-2025-30754"],"risk_score":2.1,"exploitability":"0.5","weighted_severity":"4.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-bv9f-czjr-wybm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/85467?format=json","vulnerability_id":"VCID-h6eh-1vs3-ayf8","summary":"openjdk: Enhance array handling (Oracle CPU 2025-01)","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-21502.json","reference_id":"","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-21502.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-21502","reference_id":"","reference_type":"","scores":[{"value":"0.002","scoring_system":"epss","scoring_elements":"0.41939","published_at":"2026-06-08T12:55:00Z"},{"value":"0.002","scoring_system":"epss","scoring_elements":"0.41992","published_at":"2026-06-05T12:55:00Z"},{"value":"0.002","scoring_system":"epss","scoring_elements":"0.42003","published_at":"2026-06-06T12:55:00Z"},{"value":"0.002","scoring_system":"epss","scoring_elements":"0.41974","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-21502"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21502","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21502"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2338992","reference_id":"2338992","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2338992"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm:20.3.16:*:*:*:enterprise:*:*:*","reference_id":"cpe:2.3:a:oracle:graalvm:20.3.16:*:*:*:enterprise:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm:20.3.16:*:*:*:enterprise:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm:21.3.12:*:*:*:enterprise:*:*:*","reference_id":"cpe:2.3:a:oracle:graalvm:21.3.12:*:*:*:enterprise:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm:21.3.12:*:*:*:enterprise:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:17.0.13:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:graalvm_for_jdk:17.0.13:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:17.0.13:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:21.0.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:graalvm_for_jdk:21.0.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:21.0.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:23.0.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:graalvm_for_jdk:23.0.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:23.0.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:11.0.25:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:java_se:11.0.25:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:11.0.25:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:17.0.13:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:java_se:17.0.13:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:17.0.13:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:21.0.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:java_se:21.0.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:21.0.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:23.0.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:java_se:23.0.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:23.0.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:8u431:*:*:*:enterprise_performance:*:*:*","reference_id":"cpe:2.3:a:oracle:java_se:8u431:*:*:*:enterprise_performance:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:8u431:*:*:*:enterprise_performance:*:*:*"},{"reference_url":"https://www.oracle.com/security-alerts/cpujan2025.html","reference_id":"cpujan2025.html","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T16:29:12Z/"}],"url":"https://www.oracle.com/security-alerts/cpujan2025.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0421","reference_id":"RHSA-2025:0421","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0421"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0422","reference_id":"RHSA-2025:0422","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0422"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0423","reference_id":"RHSA-2025:0423","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0423"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0424","reference_id":"RHSA-2025:0424","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0424"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0425","reference_id":"RHSA-2025:0425","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0425"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0426","reference_id":"RHSA-2025:0426","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0426"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0427","reference_id":"RHSA-2025:0427","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0427"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0428","reference_id":"RHSA-2025:0428","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0428"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0429","reference_id":"RHSA-2025:0429","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0429"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1154","reference_id":"RHSA-2025:1154","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1154"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2615","reference_id":"RHSA-2025:2615","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2615"},{"reference_url":"https://usn.ubuntu.com/7252-1/","reference_id":"USN-7252-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7252-1/"},{"reference_url":"https://usn.ubuntu.com/7253-1/","reference_id":"USN-7253-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7253-1/"},{"reference_url":"https://usn.ubuntu.com/7254-1/","reference_id":"USN-7254-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7254-1/"},{"reference_url":"https://usn.ubuntu.com/7255-1/","reference_id":"USN-7255-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7255-1/"},{"reference_url":"https://usn.ubuntu.com/7338-1/","reference_id":"USN-7338-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7338-1/"},{"reference_url":"https://usn.ubuntu.com/7339-1/","reference_id":"USN-7339-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7339-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/705164?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19%2B10-1~deb12u2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19%252B10-1~deb12u2"}],"aliases":["CVE-2025-21502"],"risk_score":2.1,"exploitability":"0.5","weighted_severity":"4.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-h6eh-1vs3-ayf8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/88362?format=json","vulnerability_id":"VCID-hsx4-may7-13e7","summary":"JDK: Unbounded allocation leads to out-of-memory error (8331446)","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21217.json","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21217.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-21217","reference_id":"","reference_type":"","scores":[{"value":"0.00096","scoring_system":"epss","scoring_elements":"0.26576","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00096","scoring_system":"epss","scoring_elements":"0.2668","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00096","scoring_system":"epss","scoring_elements":"0.2667","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00096","scoring_system":"epss","scoring_elements":"0.26631","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-21217"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21217","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21217"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1085696","reference_id":"1085696","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1085696"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2318530","reference_id":"2318530","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2318530"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm:20.3.15:*:*:*:enterprise:*:*:*","reference_id":"cpe:2.3:a:oracle:graalvm:20.3.15:*:*:*:enterprise:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm:20.3.15:*:*:*:enterprise:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm:21.3.11:*:*:*:enterprise:*:*:*","reference_id":"cpe:2.3:a:oracle:graalvm:21.3.11:*:*:*:enterprise:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm:21.3.11:*:*:*:enterprise:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:17.0.12:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:graalvm_for_jdk:17.0.12:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:17.0.12:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:21.0.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:graalvm_for_jdk:21.0.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:21.0.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:23:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:graalvm_for_jdk:23:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:23:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:11.0.24:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:java_se:11.0.24:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:11.0.24:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:17.0.12:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:java_se:17.0.12:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:17.0.12:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:21.0.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:java_se:21.0.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:21.0.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:23:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:java_se:23:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:23:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:8u421:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:java_se:8u421:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:8u421:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:8u421:*:*:*:enterprise_performance:*:*:*","reference_id":"cpe:2.3:a:oracle:java_se:8u421:*:*:*:enterprise_performance:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:8u421:*:*:*:enterprise_performance:*:*:*"},{"reference_url":"https://security.gentoo.org/glsa/202412-07","reference_id":"GLSA-202412-07","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-07"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10926","reference_id":"RHSA-2024:10926","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10926"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8116","reference_id":"RHSA-2024:8116","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8116"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8117","reference_id":"RHSA-2024:8117","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8117"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8118","reference_id":"RHSA-2024:8118","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8118"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8119","reference_id":"RHSA-2024:8119","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8119"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8120","reference_id":"RHSA-2024:8120","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8120"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8121","reference_id":"RHSA-2024:8121","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8121"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8122","reference_id":"RHSA-2024:8122","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8122"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8123","reference_id":"RHSA-2024:8123","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8123"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8124","reference_id":"RHSA-2024:8124","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8124"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8125","reference_id":"RHSA-2024:8125","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8125"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8126","reference_id":"RHSA-2024:8126","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8126"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8127","reference_id":"RHSA-2024:8127","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8127"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8128","reference_id":"RHSA-2024:8128","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8128"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8129","reference_id":"RHSA-2024:8129","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8129"},{"reference_url":"https://usn.ubuntu.com/7096-1/","reference_id":"USN-7096-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7096-1/"},{"reference_url":"https://usn.ubuntu.com/7097-1/","reference_id":"USN-7097-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7097-1/"},{"reference_url":"https://usn.ubuntu.com/7098-1/","reference_id":"USN-7098-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7098-1/"},{"reference_url":"https://usn.ubuntu.com/7099-1/","reference_id":"USN-7099-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7099-1/"},{"reference_url":"https://usn.ubuntu.com/7124-1/","reference_id":"USN-7124-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7124-1/"},{"reference_url":"https://usn.ubuntu.com/7338-1/","reference_id":"USN-7338-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7338-1/"},{"reference_url":"https://usn.ubuntu.com/7339-1/","reference_id":"USN-7339-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7339-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/705164?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19%2B10-1~deb12u2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19%252B10-1~deb12u2"}],"aliases":["CVE-2024-21217"],"risk_score":1.6,"exploitability":"0.5","weighted_severity":"3.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hsx4-may7-13e7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/62458?format=json","vulnerability_id":"VCID-hvtk-57pq-jqcw","summary":"openjdk: Enhance Path Factories Redux (Oracle CPU 2026-04)","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-22016.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-22016.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-22016","reference_id":"","reference_type":"","scores":[{"value":"0.00154","scoring_system":"epss","scoring_elements":"0.35801","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00154","scoring_system":"epss","scoring_elements":"0.35871","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00154","scoring_system":"epss","scoring_elements":"0.35881","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00154","scoring_system":"epss","scoring_elements":"0.35841","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-22016"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-22016","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-22016"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1134894","reference_id":"1134894","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1134894"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2460039","reference_id":"2460039","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2460039"},{"reference_url":"https://www.oracle.com/security-alerts/cpuapr2026.html","reference_id":"cpuapr2026.html","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-22T14:11:15Z/"}],"url":"https://www.oracle.com/security-alerts/cpuapr2026.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11403","reference_id":"RHSA-2026:11403","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:11403"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11655","reference_id":"RHSA-2026:11655","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:11655"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11822","reference_id":"RHSA-2026:11822","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:11822"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11829","reference_id":"RHSA-2026:11829","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:11829"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11902","reference_id":"RHSA-2026:11902","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:11902"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:22139","reference_id":"RHSA-2026:22139","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:22139"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:22328","reference_id":"RHSA-2026:22328","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:22328"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9254","reference_id":"RHSA-2026:9254","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9254"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9255","reference_id":"RHSA-2026:9255","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9255"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9256","reference_id":"RHSA-2026:9256","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9256"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9682","reference_id":"RHSA-2026:9682","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9682"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9683","reference_id":"RHSA-2026:9683","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9683"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9684","reference_id":"RHSA-2026:9684","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9684"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9685","reference_id":"RHSA-2026:9685","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9685"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9686","reference_id":"RHSA-2026:9686","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9686"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9687","reference_id":"RHSA-2026:9687","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9687"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9688","reference_id":"RHSA-2026:9688","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9688"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9689","reference_id":"RHSA-2026:9689","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9689"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9690","reference_id":"RHSA-2026:9690","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9690"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9691","reference_id":"RHSA-2026:9691","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9691"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9693","reference_id":"RHSA-2026:9693","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9693"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9694","reference_id":"RHSA-2026:9694","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9694"},{"reference_url":"https://usn.ubuntu.com/8327-1/","reference_id":"USN-8327-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8327-1/"},{"reference_url":"https://usn.ubuntu.com/8328-1/","reference_id":"USN-8328-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8328-1/"},{"reference_url":"https://usn.ubuntu.com/8330-1/","reference_id":"USN-8330-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8330-1/"},{"reference_url":"https://usn.ubuntu.com/8331-1/","reference_id":"USN-8331-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8331-1/"},{"reference_url":"https://usn.ubuntu.com/8332-1/","reference_id":"USN-8332-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8332-1/"},{"reference_url":"https://usn.ubuntu.com/8333-1/","reference_id":"USN-8333-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8333-1/"},{"reference_url":"https://usn.ubuntu.com/8334-1/","reference_id":"USN-8334-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8334-1/"},{"reference_url":"https://usn.ubuntu.com/8339-1/","reference_id":"USN-8339-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8339-1/"},{"reference_url":"https://usn.ubuntu.com/8341-1/","reference_id":"USN-8341-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8341-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/705164?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19%2B10-1~deb12u2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19%252B10-1~deb12u2"}],"aliases":["CVE-2026-22016"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hvtk-57pq-jqcw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/73428?format=json","vulnerability_id":"VCID-jqur-1ksx-1bdg","summary":"openjdk: Enhance certificate handling (Oracle CPU 2025-10)","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-53057.json","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-53057.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-53057","reference_id":"","reference_type":"","scores":[{"value":"0.00068","scoring_system":"epss","scoring_elements":"0.20999","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00068","scoring_system":"epss","scoring_elements":"0.21121","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00068","scoring_system":"epss","scoring_elements":"0.21108","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00068","scoring_system":"epss","scoring_elements":"0.21063","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-53057"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-53057","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-53057"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1118944","reference_id":"1118944","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1118944"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2403082","reference_id":"2403082","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2403082"},{"reference_url":"https://www.oracle.com/security-alerts/cpuoct2025.html","reference_id":"cpuoct2025.html","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-22T14:46:38Z/"}],"url":"https://www.oracle.com/security-alerts/cpuoct2025.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:18814","reference_id":"RHSA-2025:18814","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:18814"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:18815","reference_id":"RHSA-2025:18815","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:18815"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:18816","reference_id":"RHSA-2025:18816","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:18816"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:18817","reference_id":"RHSA-2025:18817","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:18817"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:18818","reference_id":"RHSA-2025:18818","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:18818"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:18819","reference_id":"RHSA-2025:18819","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:18819"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:18820","reference_id":"RHSA-2025:18820","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:18820"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:18821","reference_id":"RHSA-2025:18821","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:18821"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:18822","reference_id":"RHSA-2025:18822","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:18822"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:18823","reference_id":"RHSA-2025:18823","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:18823"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:18824","reference_id":"RHSA-2025:18824","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:18824"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:18825","reference_id":"RHSA-2025:18825","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:18825"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:18826","reference_id":"RHSA-2025:18826","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:18826"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21485","reference_id":"RHSA-2025:21485","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21485"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22370","reference_id":"RHSA-2025:22370","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:22370"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22672","reference_id":"RHSA-2025:22672","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:22672"},{"reference_url":"https://usn.ubuntu.com/7881-1/","reference_id":"USN-7881-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7881-1/"},{"reference_url":"https://usn.ubuntu.com/7882-1/","reference_id":"USN-7882-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7882-1/"},{"reference_url":"https://usn.ubuntu.com/7883-1/","reference_id":"USN-7883-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7883-1/"},{"reference_url":"https://usn.ubuntu.com/7884-1/","reference_id":"USN-7884-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7884-1/"},{"reference_url":"https://usn.ubuntu.com/7885-1/","reference_id":"USN-7885-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7885-1/"},{"reference_url":"https://usn.ubuntu.com/7900-1/","reference_id":"USN-7900-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7900-1/"},{"reference_url":"https://usn.ubuntu.com/7901-1/","reference_id":"USN-7901-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7901-1/"},{"reference_url":"https://usn.ubuntu.com/7902-1/","reference_id":"USN-7902-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7902-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/705164?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19%2B10-1~deb12u2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19%252B10-1~deb12u2"}],"aliases":["CVE-2025-53057"],"risk_score":2.6,"exploitability":"0.5","weighted_severity":"5.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-jqur-1ksx-1bdg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/68164?format=json","vulnerability_id":"VCID-mqz2-frbx-6bb6","summary":"openjdk: Improve JMX connections (Oracle CPU 2026-01)","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-21925.json","reference_id":"","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-21925.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-21925","reference_id":"","reference_type":"","scores":[{"value":"0.00055","scoring_system":"epss","scoring_elements":"0.17323","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00055","scoring_system":"epss","scoring_elements":"0.17442","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00055","scoring_system":"epss","scoring_elements":"0.17437","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00055","scoring_system":"epss","scoring_elements":"0.17402","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-21925"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-21925","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-21925"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1126119","reference_id":"1126119","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1126119"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2429924","reference_id":"2429924","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2429924"},{"reference_url":"https://www.oracle.com/security-alerts/cpujan2026.html","reference_id":"cpujan2026.html","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-21T20:50:27Z/"}],"url":"https://www.oracle.com/security-alerts/cpujan2026.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0847","reference_id":"RHSA-2026:0847","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0847"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0848","reference_id":"RHSA-2026:0848","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0848"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0849","reference_id":"RHSA-2026:0849","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0849"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0895","reference_id":"RHSA-2026:0895","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0895"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0896","reference_id":"RHSA-2026:0896","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0896"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0897","reference_id":"RHSA-2026:0897","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0897"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0898","reference_id":"RHSA-2026:0898","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0898"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0899","reference_id":"RHSA-2026:0899","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0899"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0900","reference_id":"RHSA-2026:0900","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0900"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0901","reference_id":"RHSA-2026:0901","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0901"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0927","reference_id":"RHSA-2026:0927","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0927"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0928","reference_id":"RHSA-2026:0928","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0928"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0931","reference_id":"RHSA-2026:0931","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0931"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0932","reference_id":"RHSA-2026:0932","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0932"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0933","reference_id":"RHSA-2026:0933","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0933"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1606","reference_id":"RHSA-2026:1606","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1606"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4832","reference_id":"RHSA-2026:4832","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4832"},{"reference_url":"https://usn.ubuntu.com/7995-1/","reference_id":"USN-7995-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7995-1/"},{"reference_url":"https://usn.ubuntu.com/7996-1/","reference_id":"USN-7996-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7996-1/"},{"reference_url":"https://usn.ubuntu.com/7997-1/","reference_id":"USN-7997-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7997-1/"},{"reference_url":"https://usn.ubuntu.com/7998-1/","reference_id":"USN-7998-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7998-1/"},{"reference_url":"https://usn.ubuntu.com/8000-1/","reference_id":"USN-8000-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8000-1/"},{"reference_url":"https://usn.ubuntu.com/8001-1/","reference_id":"USN-8001-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8001-1/"},{"reference_url":"https://usn.ubuntu.com/8002-1/","reference_id":"USN-8002-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8002-1/"},{"reference_url":"https://usn.ubuntu.com/8003-1/","reference_id":"USN-8003-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8003-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/705164?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19%2B10-1~deb12u2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19%252B10-1~deb12u2"}],"aliases":["CVE-2026-21925"],"risk_score":2.1,"exploitability":"0.5","weighted_severity":"4.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-mqz2-frbx-6bb6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/83341?format=json","vulnerability_id":"VCID-q2qe-3n13-kybr","summary":"openjdk: Better TLS connection support (Oracle CPU 2025-04)","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-21587.json","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-21587.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-21587","reference_id":"","reference_type":"","scores":[{"value":"0.00167","scoring_system":"epss","scoring_elements":"0.37563","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00226","scoring_system":"epss","scoring_elements":"0.45538","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00226","scoring_system":"epss","scoring_elements":"0.45518","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00226","scoring_system":"epss","scoring_elements":"0.45493","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-21587"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21587","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21587"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103897","reference_id":"1103897","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103897"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103898","reference_id":"1103898","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103898"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103899","reference_id":"1103899","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103899"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103900","reference_id":"1103900","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103900"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2359695","reference_id":"2359695","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2359695"},{"reference_url":"https://www.oracle.com/security-alerts/cpuapr2025.html","reference_id":"cpuapr2025.html","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-17T03:55:41Z/"}],"url":"https://www.oracle.com/security-alerts/cpuapr2025.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3844","reference_id":"RHSA-2025:3844","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3844"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3845","reference_id":"RHSA-2025:3845","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3845"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3846","reference_id":"RHSA-2025:3846","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3846"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3847","reference_id":"RHSA-2025:3847","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3847"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3848","reference_id":"RHSA-2025:3848","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3848"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3849","reference_id":"RHSA-2025:3849","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3849"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3850","reference_id":"RHSA-2025:3850","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3850"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3852","reference_id":"RHSA-2025:3852","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3852"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3853","reference_id":"RHSA-2025:3853","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3853"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3854","reference_id":"RHSA-2025:3854","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3854"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3855","reference_id":"RHSA-2025:3855","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3855"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3856","reference_id":"RHSA-2025:3856","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3856"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3857","reference_id":"RHSA-2025:3857","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3857"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:7508","reference_id":"RHSA-2025:7508","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:7508"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8063","reference_id":"RHSA-2025:8063","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:8063"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8431","reference_id":"RHSA-2025:8431","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:8431"},{"reference_url":"https://usn.ubuntu.com/7480-1/","reference_id":"USN-7480-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7480-1/"},{"reference_url":"https://usn.ubuntu.com/7481-1/","reference_id":"USN-7481-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7481-1/"},{"reference_url":"https://usn.ubuntu.com/7482-1/","reference_id":"USN-7482-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7482-1/"},{"reference_url":"https://usn.ubuntu.com/7483-1/","reference_id":"USN-7483-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7483-1/"},{"reference_url":"https://usn.ubuntu.com/7484-1/","reference_id":"USN-7484-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7484-1/"},{"reference_url":"https://usn.ubuntu.com/7531-1/","reference_id":"USN-7531-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7531-1/"},{"reference_url":"https://usn.ubuntu.com/7533-1/","reference_id":"USN-7533-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7533-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/705164?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19%2B10-1~deb12u2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19%252B10-1~deb12u2"}],"aliases":["CVE-2025-21587"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-q2qe-3n13-kybr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/78281?format=json","vulnerability_id":"VCID-qefk-tp2g-tuer","summary":"openjdk: Better Glyph drawing (Oracle CPU 2025-07)","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-30749.json","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-30749.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-30749","reference_id":"","reference_type":"","scores":[{"value":"0.02123","scoring_system":"epss","scoring_elements":"0.84473","published_at":"2026-06-08T12:55:00Z"},{"value":"0.02123","scoring_system":"epss","scoring_elements":"0.84488","published_at":"2026-06-05T12:55:00Z"},{"value":"0.02123","scoring_system":"epss","scoring_elements":"0.84492","published_at":"2026-06-06T12:55:00Z"},{"value":"0.02123","scoring_system":"epss","scoring_elements":"0.84485","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-30749"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-30749","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-30749"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2376783","reference_id":"2376783","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2376783"},{"reference_url":"https://www.oracle.com/security-alerts/cpujul2025.html","reference_id":"cpujul2025.html","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-07-15T20:23:21Z/"}],"url":"https://www.oracle.com/security-alerts/cpujul2025.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10861","reference_id":"RHSA-2025:10861","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10861"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10862","reference_id":"RHSA-2025:10862","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10862"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10863","reference_id":"RHSA-2025:10863","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10863"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10864","reference_id":"RHSA-2025:10864","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10864"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10865","reference_id":"RHSA-2025:10865","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10865"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10866","reference_id":"RHSA-2025:10866","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10866"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10867","reference_id":"RHSA-2025:10867","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10867"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10868","reference_id":"RHSA-2025:10868","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10868"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10869","reference_id":"RHSA-2025:10869","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10869"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10870","reference_id":"RHSA-2025:10870","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10870"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10873","reference_id":"RHSA-2025:10873","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10873"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10874","reference_id":"RHSA-2025:10874","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10874"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10875","reference_id":"RHSA-2025:10875","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10875"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:13656","reference_id":"RHSA-2025:13656","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:13656"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:13675","reference_id":"RHSA-2025:13675","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:13675"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0934","reference_id":"RHSA-2026:0934","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0934"},{"reference_url":"https://usn.ubuntu.com/7667-1/","reference_id":"USN-7667-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7667-1/"},{"reference_url":"https://usn.ubuntu.com/7668-1/","reference_id":"USN-7668-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7668-1/"},{"reference_url":"https://usn.ubuntu.com/7669-1/","reference_id":"USN-7669-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7669-1/"},{"reference_url":"https://usn.ubuntu.com/7672-1/","reference_id":"USN-7672-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7672-1/"},{"reference_url":"https://usn.ubuntu.com/7673-1/","reference_id":"USN-7673-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7673-1/"},{"reference_url":"https://usn.ubuntu.com/7674-1/","reference_id":"USN-7674-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7674-1/"},{"reference_url":"https://usn.ubuntu.com/7690-1/","reference_id":"USN-7690-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7690-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/705164?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19%2B10-1~deb12u2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19%252B10-1~deb12u2"}],"aliases":["CVE-2025-30749"],"risk_score":3.6,"exploitability":"0.5","weighted_severity":"7.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qefk-tp2g-tuer"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/83326?format=json","vulnerability_id":"VCID-qgje-p8f5-8qc4","summary":"openjdk: Improve compiler transformations (Oracle CPU 2025-04)","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-30691.json","reference_id":"","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-30691.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-30691","reference_id":"","reference_type":"","scores":[{"value":"0.00137","scoring_system":"epss","scoring_elements":"0.33378","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00137","scoring_system":"epss","scoring_elements":"0.33432","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00137","scoring_system":"epss","scoring_elements":"0.33447","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00137","scoring_system":"epss","scoring_elements":"0.33412","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-30691"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-30691","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-30691"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103897","reference_id":"1103897","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103897"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103898","reference_id":"1103898","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103898"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103899","reference_id":"1103899","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103899"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103900","reference_id":"1103900","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103900"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2359694","reference_id":"2359694","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2359694"},{"reference_url":"https://www.oracle.com/security-alerts/cpuapr2025.html","reference_id":"cpuapr2025.html","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-16T14:24:18Z/"}],"url":"https://www.oracle.com/security-alerts/cpuapr2025.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3844","reference_id":"RHSA-2025:3844","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3844"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3845","reference_id":"RHSA-2025:3845","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3845"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3846","reference_id":"RHSA-2025:3846","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3846"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3847","reference_id":"RHSA-2025:3847","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3847"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3848","reference_id":"RHSA-2025:3848","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3848"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3849","reference_id":"RHSA-2025:3849","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3849"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3850","reference_id":"RHSA-2025:3850","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3850"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3852","reference_id":"RHSA-2025:3852","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3852"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3853","reference_id":"RHSA-2025:3853","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3853"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3854","reference_id":"RHSA-2025:3854","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3854"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3855","reference_id":"RHSA-2025:3855","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3855"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3856","reference_id":"RHSA-2025:3856","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3856"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3857","reference_id":"RHSA-2025:3857","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3857"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:7508","reference_id":"RHSA-2025:7508","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:7508"},{"reference_url":"https://usn.ubuntu.com/7480-1/","reference_id":"USN-7480-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7480-1/"},{"reference_url":"https://usn.ubuntu.com/7481-1/","reference_id":"USN-7481-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7481-1/"},{"reference_url":"https://usn.ubuntu.com/7482-1/","reference_id":"USN-7482-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7482-1/"},{"reference_url":"https://usn.ubuntu.com/7483-1/","reference_id":"USN-7483-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7483-1/"},{"reference_url":"https://usn.ubuntu.com/7484-1/","reference_id":"USN-7484-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7484-1/"},{"reference_url":"https://usn.ubuntu.com/7531-1/","reference_id":"USN-7531-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7531-1/"},{"reference_url":"https://usn.ubuntu.com/7533-1/","reference_id":"USN-7533-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7533-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/705164?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19%2B10-1~deb12u2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19%252B10-1~deb12u2"}],"aliases":["CVE-2025-30691"],"risk_score":2.1,"exploitability":"0.5","weighted_severity":"4.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qgje-p8f5-8qc4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/62509?format=json","vulnerability_id":"VCID-rh92-u493-w7fp","summary":"openjdk: Enhance key generation (Oracle CPU 2026-04)","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-34268.json","reference_id":"","reference_type":"","scores":[{"value":"2.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-34268.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-34268","reference_id":"","reference_type":"","scores":[{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.06323","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.06386","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.06377","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.06368","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-34268"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-34268","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-34268"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"2.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1134894","reference_id":"1134894","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1134894"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2460043","reference_id":"2460043","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2460043"},{"reference_url":"https://www.oracle.com/security-alerts/cpuapr2026.html","reference_id":"cpuapr2026.html","reference_type":"","scores":[{"value":"2.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-22T13:55:07Z/"}],"url":"https://www.oracle.com/security-alerts/cpuapr2026.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11403","reference_id":"RHSA-2026:11403","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:11403"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11655","reference_id":"RHSA-2026:11655","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:11655"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11822","reference_id":"RHSA-2026:11822","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:11822"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11829","reference_id":"RHSA-2026:11829","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:11829"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11902","reference_id":"RHSA-2026:11902","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:11902"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:22139","reference_id":"RHSA-2026:22139","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:22139"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:22328","reference_id":"RHSA-2026:22328","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:22328"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9254","reference_id":"RHSA-2026:9254","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9254"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9255","reference_id":"RHSA-2026:9255","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9255"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9256","reference_id":"RHSA-2026:9256","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9256"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9682","reference_id":"RHSA-2026:9682","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9682"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9683","reference_id":"RHSA-2026:9683","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9683"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9684","reference_id":"RHSA-2026:9684","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9684"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9685","reference_id":"RHSA-2026:9685","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9685"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9686","reference_id":"RHSA-2026:9686","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9686"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9687","reference_id":"RHSA-2026:9687","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9687"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9688","reference_id":"RHSA-2026:9688","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9688"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9689","reference_id":"RHSA-2026:9689","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9689"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9690","reference_id":"RHSA-2026:9690","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9690"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9691","reference_id":"RHSA-2026:9691","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9691"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9693","reference_id":"RHSA-2026:9693","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9693"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9694","reference_id":"RHSA-2026:9694","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9694"},{"reference_url":"https://usn.ubuntu.com/8327-1/","reference_id":"USN-8327-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8327-1/"},{"reference_url":"https://usn.ubuntu.com/8328-1/","reference_id":"USN-8328-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8328-1/"},{"reference_url":"https://usn.ubuntu.com/8330-1/","reference_id":"USN-8330-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8330-1/"},{"reference_url":"https://usn.ubuntu.com/8331-1/","reference_id":"USN-8331-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8331-1/"},{"reference_url":"https://usn.ubuntu.com/8332-1/","reference_id":"USN-8332-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8332-1/"},{"reference_url":"https://usn.ubuntu.com/8333-1/","reference_id":"USN-8333-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8333-1/"},{"reference_url":"https://usn.ubuntu.com/8334-1/","reference_id":"USN-8334-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8334-1/"},{"reference_url":"https://usn.ubuntu.com/8339-1/","reference_id":"USN-8339-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8339-1/"},{"reference_url":"https://usn.ubuntu.com/8341-1/","reference_id":"USN-8341-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8341-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/705164?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19%2B10-1~deb12u2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19%252B10-1~deb12u2"}],"aliases":["CVE-2026-34268"],"risk_score":1.3,"exploitability":"0.5","weighted_severity":"2.6","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-rh92-u493-w7fp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/83309?format=json","vulnerability_id":"VCID-tbum-sf7h-rybq","summary":"openjdk: Enhance Buffered Image handling (Oracle CPU 2025-04)","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-30698.json","reference_id":"","reference_type":"","scores":[{"value":"5.6","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-30698.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-30698","reference_id":"","reference_type":"","scores":[{"value":"0.00076","scoring_system":"epss","scoring_elements":"0.22811","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00076","scoring_system":"epss","scoring_elements":"0.22921","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00076","scoring_system":"epss","scoring_elements":"0.22905","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00076","scoring_system":"epss","scoring_elements":"0.22862","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-30698"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-30698","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-30698"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103897","reference_id":"1103897","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103897"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103898","reference_id":"1103898","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103898"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103899","reference_id":"1103899","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103899"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103900","reference_id":"1103900","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103900"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2359693","reference_id":"2359693","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2359693"},{"reference_url":"https://www.oracle.com/security-alerts/cpuapr2025.html","reference_id":"cpuapr2025.html","reference_type":"","scores":[{"value":"5.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-16T14:13:36Z/"}],"url":"https://www.oracle.com/security-alerts/cpuapr2025.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3844","reference_id":"RHSA-2025:3844","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3844"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3845","reference_id":"RHSA-2025:3845","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3845"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3846","reference_id":"RHSA-2025:3846","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3846"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3847","reference_id":"RHSA-2025:3847","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3847"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3848","reference_id":"RHSA-2025:3848","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3848"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3849","reference_id":"RHSA-2025:3849","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3849"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3850","reference_id":"RHSA-2025:3850","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3850"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3852","reference_id":"RHSA-2025:3852","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3852"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3853","reference_id":"RHSA-2025:3853","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3853"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3854","reference_id":"RHSA-2025:3854","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3854"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3855","reference_id":"RHSA-2025:3855","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3855"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3856","reference_id":"RHSA-2025:3856","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3856"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3857","reference_id":"RHSA-2025:3857","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3857"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:7508","reference_id":"RHSA-2025:7508","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:7508"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8063","reference_id":"RHSA-2025:8063","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:8063"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8431","reference_id":"RHSA-2025:8431","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:8431"},{"reference_url":"https://usn.ubuntu.com/7480-1/","reference_id":"USN-7480-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7480-1/"},{"reference_url":"https://usn.ubuntu.com/7481-1/","reference_id":"USN-7481-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7481-1/"},{"reference_url":"https://usn.ubuntu.com/7482-1/","reference_id":"USN-7482-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7482-1/"},{"reference_url":"https://usn.ubuntu.com/7483-1/","reference_id":"USN-7483-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7483-1/"},{"reference_url":"https://usn.ubuntu.com/7484-1/","reference_id":"USN-7484-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7484-1/"},{"reference_url":"https://usn.ubuntu.com/7531-1/","reference_id":"USN-7531-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7531-1/"},{"reference_url":"https://usn.ubuntu.com/7533-1/","reference_id":"USN-7533-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7533-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/705164?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19%2B10-1~deb12u2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19%252B10-1~deb12u2"}],"aliases":["CVE-2025-30698"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-tbum-sf7h-rybq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/68165?format=json","vulnerability_id":"VCID-wgy2-g8ur-13h7","summary":"openjdk: Enhance Handling of URIs (Oracle CPU 2026-01)","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-21932.json","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-21932.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-21932","reference_id":"","reference_type":"","scores":[{"value":"0.00056","scoring_system":"epss","scoring_elements":"0.17641","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00056","scoring_system":"epss","scoring_elements":"0.17757","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00056","scoring_system":"epss","scoring_elements":"0.17751","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00056","scoring_system":"epss","scoring_elements":"0.17717","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-21932"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-21932","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-21932"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1126119","reference_id":"1126119","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1126119"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2429925","reference_id":"2429925","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2429925"},{"reference_url":"https://www.oracle.com/security-alerts/cpujan2026.html","reference_id":"cpujan2026.html","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-21T20:55:36Z/"}],"url":"https://www.oracle.com/security-alerts/cpujan2026.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0849","reference_id":"RHSA-2026:0849","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0849"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0896","reference_id":"RHSA-2026:0896","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0896"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0898","reference_id":"RHSA-2026:0898","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0898"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0900","reference_id":"RHSA-2026:0900","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0900"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1606","reference_id":"RHSA-2026:1606","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1606"},{"reference_url":"https://usn.ubuntu.com/7995-1/","reference_id":"USN-7995-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7995-1/"},{"reference_url":"https://usn.ubuntu.com/7996-1/","reference_id":"USN-7996-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7996-1/"},{"reference_url":"https://usn.ubuntu.com/7997-1/","reference_id":"USN-7997-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7997-1/"},{"reference_url":"https://usn.ubuntu.com/7998-1/","reference_id":"USN-7998-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7998-1/"},{"reference_url":"https://usn.ubuntu.com/8000-1/","reference_id":"USN-8000-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8000-1/"},{"reference_url":"https://usn.ubuntu.com/8001-1/","reference_id":"USN-8001-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8001-1/"},{"reference_url":"https://usn.ubuntu.com/8002-1/","reference_id":"USN-8002-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8002-1/"},{"reference_url":"https://usn.ubuntu.com/8003-1/","reference_id":"USN-8003-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8003-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/705164?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19%2B10-1~deb12u2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19%252B10-1~deb12u2"}],"aliases":["CVE-2026-21932"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wgy2-g8ur-13h7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/68167?format=json","vulnerability_id":"VCID-xvhb-1zgc-y3b6","summary":"openjdk: Enhance Certificate Checking (Oracle CPU 2026-01)","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-21945.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-21945.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-21945","reference_id":"","reference_type":"","scores":[{"value":"0.00089","scoring_system":"epss","scoring_elements":"0.25326","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00089","scoring_system":"epss","scoring_elements":"0.25446","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00089","scoring_system":"epss","scoring_elements":"0.25432","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00089","scoring_system":"epss","scoring_elements":"0.25384","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-21945"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-21945","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-21945"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1126119","reference_id":"1126119","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1126119"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2429927","reference_id":"2429927","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2429927"},{"reference_url":"https://www.oracle.com/security-alerts/cpujan2026.html","reference_id":"cpujan2026.html","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-01-21T15:04:39Z/"}],"url":"https://www.oracle.com/security-alerts/cpujan2026.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0847","reference_id":"RHSA-2026:0847","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0847"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0848","reference_id":"RHSA-2026:0848","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0848"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0849","reference_id":"RHSA-2026:0849","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0849"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0895","reference_id":"RHSA-2026:0895","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0895"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0896","reference_id":"RHSA-2026:0896","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0896"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0897","reference_id":"RHSA-2026:0897","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0897"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0898","reference_id":"RHSA-2026:0898","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0898"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0899","reference_id":"RHSA-2026:0899","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0899"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0900","reference_id":"RHSA-2026:0900","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0900"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0901","reference_id":"RHSA-2026:0901","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0901"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0927","reference_id":"RHSA-2026:0927","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0927"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0928","reference_id":"RHSA-2026:0928","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0928"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0931","reference_id":"RHSA-2026:0931","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0931"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0932","reference_id":"RHSA-2026:0932","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0932"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0933","reference_id":"RHSA-2026:0933","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0933"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1606","reference_id":"RHSA-2026:1606","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1606"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4832","reference_id":"RHSA-2026:4832","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4832"},{"reference_url":"https://usn.ubuntu.com/7995-1/","reference_id":"USN-7995-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7995-1/"},{"reference_url":"https://usn.ubuntu.com/7996-1/","reference_id":"USN-7996-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7996-1/"},{"reference_url":"https://usn.ubuntu.com/7997-1/","reference_id":"USN-7997-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7997-1/"},{"reference_url":"https://usn.ubuntu.com/7998-1/","reference_id":"USN-7998-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7998-1/"},{"reference_url":"https://usn.ubuntu.com/8000-1/","reference_id":"USN-8000-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8000-1/"},{"reference_url":"https://usn.ubuntu.com/8001-1/","reference_id":"USN-8001-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8001-1/"},{"reference_url":"https://usn.ubuntu.com/8002-1/","reference_id":"USN-8002-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8002-1/"},{"reference_url":"https://usn.ubuntu.com/8003-1/","reference_id":"USN-8003-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8003-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/705164?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19%2B10-1~deb12u2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19%252B10-1~deb12u2"}],"aliases":["CVE-2026-21945"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xvhb-1zgc-y3b6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/78338?format=json","vulnerability_id":"VCID-ytxk-m92w-zkha","summary":"openjdk: Glyph out-of-memory access and crash (Oracle CPU 2025-07)","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-50106.json","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-50106.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-50106","reference_id":"","reference_type":"","scores":[{"value":"0.01014","scoring_system":"epss","scoring_elements":"0.77507","published_at":"2026-06-08T12:55:00Z"},{"value":"0.01014","scoring_system":"epss","scoring_elements":"0.77518","published_at":"2026-06-07T12:55:00Z"},{"value":"0.01014","scoring_system":"epss","scoring_elements":"0.77527","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-50106"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-50106","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-50106"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2379031","reference_id":"2379031","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2379031"},{"reference_url":"https://www.oracle.com/security-alerts/cpujul2025.html","reference_id":"cpujul2025.html","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-07-15T20:22:48Z/"}],"url":"https://www.oracle.com/security-alerts/cpujul2025.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10861","reference_id":"RHSA-2025:10861","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10861"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10862","reference_id":"RHSA-2025:10862","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10862"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10863","reference_id":"RHSA-2025:10863","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10863"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10864","reference_id":"RHSA-2025:10864","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10864"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10865","reference_id":"RHSA-2025:10865","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10865"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10866","reference_id":"RHSA-2025:10866","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10866"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10867","reference_id":"RHSA-2025:10867","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10867"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10868","reference_id":"RHSA-2025:10868","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10868"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10869","reference_id":"RHSA-2025:10869","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10869"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10870","reference_id":"RHSA-2025:10870","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10870"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10873","reference_id":"RHSA-2025:10873","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10873"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10874","reference_id":"RHSA-2025:10874","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10874"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10875","reference_id":"RHSA-2025:10875","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10875"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:13656","reference_id":"RHSA-2025:13656","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:13656"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:13675","reference_id":"RHSA-2025:13675","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:13675"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0934","reference_id":"RHSA-2026:0934","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0934"},{"reference_url":"https://usn.ubuntu.com/7667-1/","reference_id":"USN-7667-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7667-1/"},{"reference_url":"https://usn.ubuntu.com/7668-1/","reference_id":"USN-7668-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7668-1/"},{"reference_url":"https://usn.ubuntu.com/7669-1/","reference_id":"USN-7669-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7669-1/"},{"reference_url":"https://usn.ubuntu.com/7672-1/","reference_id":"USN-7672-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7672-1/"},{"reference_url":"https://usn.ubuntu.com/7673-1/","reference_id":"USN-7673-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7673-1/"},{"reference_url":"https://usn.ubuntu.com/7674-1/","reference_id":"USN-7674-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7674-1/"},{"reference_url":"https://usn.ubuntu.com/7690-1/","reference_id":"USN-7690-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7690-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/705164?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19%2B10-1~deb12u2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19%252B10-1~deb12u2"}],"aliases":["CVE-2025-50106"],"risk_score":3.6,"exploitability":"0.5","weighted_severity":"7.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ytxk-m92w-zkha"}],"fixing_vulnerabilities":[],"risk_score":"3.9","resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.12%252B7-2~deb11u1"}