{"url":"http://public2.vulnerablecode.io/api/packages/933580?format=json","purl":"pkg:deb/debian/openjdk-11@11.0.20%2B8-1~deb11u1?distro=sid","type":"deb","namespace":"debian","name":"openjdk-11","version":"11.0.20+8-1~deb11u1","qualifiers":{"distro":"sid"},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":"11.0.20+8-1","latest_non_vulnerable_version":"11.0.31+11-1","affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/78480?format=json","vulnerability_id":"VCID-8wud-7t2q-xfa3","summary":"OpenJDK: missing check for slash characters in URI-to-path conversion (8298667)","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-21968.json","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-21968.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-21968","reference_id":"","reference_type":"","scores":[{"value":"0.00077","scoring_system":"epss","scoring_elements":"0.2268","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00077","scoring_system":"epss","scoring_elements":"0.2278","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00077","scoring_system":"epss","scoring_elements":"0.22792","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00077","scoring_system":"epss","scoring_elements":"0.22786","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00077","scoring_system":"epss","scoring_elements":"0.22959","published_at":"2026-04-21T12:55:00Z"},{"value":"0.0008","scoring_system":"epss","scoring_elements":"0.23735","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0008","scoring_system":"epss","scoring_elements":"0.23693","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00088","scoring_system":"epss","scoring_elements":"0.25099","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00088","scoring_system":"epss","scoring_elements":"0.25064","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00088","scoring_system":"epss","scoring_elements":"0.25134","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00088","scoring_system":"epss","scoring_elements":"0.25179","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00088","scoring_system":"epss","scoring_elements":"0.25193","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00088","scoring_system":"epss","scoring_elements":"0.2515","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00088","scoring_system":"epss","scoring_elements":"0.25098","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00088","scoring_system":"epss","scoring_elements":"0.25108","published_at":"2026-04-16T12:55:00Z"},{"value":"0.0009","scoring_system":"epss","scoring_elements":"0.25207","published_at":"2026-05-07T12:55:00Z"},{"value":"0.0009","scoring_system":"epss","scoring_elements":"0.25268","published_at":"2026-05-09T12:55:00Z"},{"value":"0.0009","scoring_system":"epss","scoring_elements":"0.25193","published_at":"2026-05-11T12:55:00Z"},{"value":"0.0009","scoring_system":"epss","scoring_elements":"0.25212","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00091","scoring_system":"epss","scoring_elements":"0.25471","published_at":"2026-05-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-21968"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21930","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21930"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21937","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21937"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21938","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21938"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21939","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21939"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21954","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21954"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21967","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21967"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21968","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21968"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22006","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22006"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22036","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22036"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22041","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22041"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22045","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22045"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22049","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22049"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1035957","reference_id":"1035957","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1035957"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036280","reference_id":"1036280","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036280"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2187802","reference_id":"2187802","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2187802"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1875","reference_id":"RHSA-2023:1875","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1875"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1877","reference_id":"RHSA-2023:1877","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1877"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1878","reference_id":"RHSA-2023:1878","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1878"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1879","reference_id":"RHSA-2023:1879","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1879"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1880","reference_id":"RHSA-2023:1880","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1880"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1882","reference_id":"RHSA-2023:1882","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1882"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1883","reference_id":"RHSA-2023:1883","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1883"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1884","reference_id":"RHSA-2023:1884","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1884"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1885","reference_id":"RHSA-2023:1885","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1885"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1889","reference_id":"RHSA-2023:1889","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1889"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1890","reference_id":"RHSA-2023:1890","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1890"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1891","reference_id":"RHSA-2023:1891","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1891"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1892","reference_id":"RHSA-2023:1892","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1892"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1895","reference_id":"RHSA-2023:1895","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1895"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1898","reference_id":"RHSA-2023:1898","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1898"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1899","reference_id":"RHSA-2023:1899","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1899"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1900","reference_id":"RHSA-2023:1900","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1900"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1903","reference_id":"RHSA-2023:1903","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1903"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1904","reference_id":"RHSA-2023:1904","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1904"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1905","reference_id":"RHSA-2023:1905","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1905"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1906","reference_id":"RHSA-2023:1906","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1906"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1907","reference_id":"RHSA-2023:1907","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1907"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1908","reference_id":"RHSA-2023:1908","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1908"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1909","reference_id":"RHSA-2023:1909","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1909"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1910","reference_id":"RHSA-2023:1910","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1910"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1911","reference_id":"RHSA-2023:1911","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1911"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1912","reference_id":"RHSA-2023:1912","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1912"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4103","reference_id":"RHSA-2023:4103","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4103"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4160","reference_id":"RHSA-2023:4160","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4160"},{"reference_url":"https://usn.ubuntu.com/6077-1/","reference_id":"USN-6077-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6077-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/933581?format=json","purl":"pkg:deb/debian/openjdk-11@11.0.19%2B7-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.19%252B7-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933580?format=json","purl":"pkg:deb/debian/openjdk-11@11.0.20%2B8-1~deb11u1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.20%252B8-1~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933555?format=json","purl":"pkg:deb/debian/openjdk-11@11.0.24%2B8-2~deb11u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1gha-995s-7qdg"},{"vulnerability":"VCID-57sd-8y93-qqhu"},{"vulnerability":"VCID-6r1k-8y1c-q7fm"},{"vulnerability":"VCID-jxgd-j4wr-tyb7"},{"vulnerability":"VCID-sz6r-65q1-q3bh"},{"vulnerability":"VCID-xte1-h9nn-4bbk"},{"vulnerability":"VCID-zsun-4q6p-8fek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.24%252B8-2~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933557?format=json","purl":"pkg:deb/debian/openjdk-11@11.0.31~6ea-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.31~6ea-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1062445?format=json","purl":"pkg:deb/debian/openjdk-11@11.0.31~10ea-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.31~10ea-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1067591?format=json","purl":"pkg:deb/debian/openjdk-11@11.0.31~10ea-2?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.31~10ea-2%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1077465?format=json","purl":"pkg:deb/debian/openjdk-11@11.0.31%2B11-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.31%252B11-1%3Fdistro=sid"}],"aliases":["CVE-2023-21968"],"risk_score":1.6,"exploitability":"0.5","weighted_severity":"3.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8wud-7t2q-xfa3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/78477?format=json","vulnerability_id":"VCID-9uzg-sja9-hkcy","summary":"OpenJDK: Swing HTML parsing issue (8296832)","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-21939.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-21939.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-21939","reference_id":"","reference_type":"","scores":[{"value":"0.018","scoring_system":"epss","scoring_elements":"0.82825","published_at":"2026-04-21T12:55:00Z"},{"value":"0.018","scoring_system":"epss","scoring_elements":"0.82881","published_at":"2026-05-05T12:55:00Z"},{"value":"0.018","scoring_system":"epss","scoring_elements":"0.82861","published_at":"2026-04-29T12:55:00Z"},{"value":"0.018","scoring_system":"epss","scoring_elements":"0.82857","published_at":"2026-04-26T12:55:00Z"},{"value":"0.018","scoring_system":"epss","scoring_elements":"0.82848","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01861","scoring_system":"epss","scoring_elements":"0.83014","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01861","scoring_system":"epss","scoring_elements":"0.83001","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01861","scoring_system":"epss","scoring_elements":"0.83012","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01861","scoring_system":"epss","scoring_elements":"0.83037","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01861","scoring_system":"epss","scoring_elements":"0.83044","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01861","scoring_system":"epss","scoring_elements":"0.83059","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01861","scoring_system":"epss","scoring_elements":"0.83053","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01861","scoring_system":"epss","scoring_elements":"0.83048","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01861","scoring_system":"epss","scoring_elements":"0.83087","published_at":"2026-04-18T12:55:00Z"},{"value":"0.02084","scoring_system":"epss","scoring_elements":"0.84108","published_at":"2026-05-07T12:55:00Z"},{"value":"0.02084","scoring_system":"epss","scoring_elements":"0.84141","published_at":"2026-05-12T12:55:00Z"},{"value":"0.02084","scoring_system":"epss","scoring_elements":"0.84123","published_at":"2026-05-11T12:55:00Z"},{"value":"0.02084","scoring_system":"epss","scoring_elements":"0.84124","published_at":"2026-05-09T12:55:00Z"},{"value":"0.02108","scoring_system":"epss","scoring_elements":"0.84274","published_at":"2026-05-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-21939"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21930","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21930"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21937","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21937"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21938","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21938"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21939","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21939"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21954","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21954"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21967","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21967"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21968","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21968"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22006","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22006"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22036","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22036"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22041","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22041"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22045","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22045"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22049","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22049"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1035957","reference_id":"1035957","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1035957"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036280","reference_id":"1036280","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036280"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2187724","reference_id":"2187724","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2187724"},{"reference_url":"https://www.debian.org/security/2023/dsa-5430","reference_id":"dsa-5430","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-05T19:26:29Z/"}],"url":"https://www.debian.org/security/2023/dsa-5430"},{"reference_url":"https://www.debian.org/security/2023/dsa-5478","reference_id":"dsa-5478","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-05T19:26:29Z/"}],"url":"https://www.debian.org/security/2023/dsa-5478"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2023/09/msg00018.html","reference_id":"msg00018.html","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-05T19:26:29Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2023/09/msg00018.html"},{"reference_url":"https://security.netapp.com/advisory/ntap-20230427-0008/","reference_id":"ntap-20230427-0008","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-05T19:26:29Z/"}],"url":"https://security.netapp.com/advisory/ntap-20230427-0008/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1875","reference_id":"RHSA-2023:1875","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1875"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1877","reference_id":"RHSA-2023:1877","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1877"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1878","reference_id":"RHSA-2023:1878","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1878"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1879","reference_id":"RHSA-2023:1879","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1879"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1880","reference_id":"RHSA-2023:1880","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1880"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1882","reference_id":"RHSA-2023:1882","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1882"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1883","reference_id":"RHSA-2023:1883","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1883"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1884","reference_id":"RHSA-2023:1884","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1884"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1885","reference_id":"RHSA-2023:1885","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1885"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1889","reference_id":"RHSA-2023:1889","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1889"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1890","reference_id":"RHSA-2023:1890","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1890"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1891","reference_id":"RHSA-2023:1891","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1891"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1892","reference_id":"RHSA-2023:1892","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1892"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1895","reference_id":"RHSA-2023:1895","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1895"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1898","reference_id":"RHSA-2023:1898","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1898"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1899","reference_id":"RHSA-2023:1899","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1899"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1900","reference_id":"RHSA-2023:1900","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1900"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1903","reference_id":"RHSA-2023:1903","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1903"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1904","reference_id":"RHSA-2023:1904","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1904"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1905","reference_id":"RHSA-2023:1905","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1905"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1906","reference_id":"RHSA-2023:1906","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1906"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1907","reference_id":"RHSA-2023:1907","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1907"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1908","reference_id":"RHSA-2023:1908","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1908"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1909","reference_id":"RHSA-2023:1909","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1909"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1910","reference_id":"RHSA-2023:1910","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1910"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1911","reference_id":"RHSA-2023:1911","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1911"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1912","reference_id":"RHSA-2023:1912","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1912"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4103","reference_id":"RHSA-2023:4103","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4103"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4160","reference_id":"RHSA-2023:4160","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4160"},{"reference_url":"https://usn.ubuntu.com/6077-1/","reference_id":"USN-6077-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6077-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/933581?format=json","purl":"pkg:deb/debian/openjdk-11@11.0.19%2B7-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.19%252B7-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933580?format=json","purl":"pkg:deb/debian/openjdk-11@11.0.20%2B8-1~deb11u1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.20%252B8-1~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933555?format=json","purl":"pkg:deb/debian/openjdk-11@11.0.24%2B8-2~deb11u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1gha-995s-7qdg"},{"vulnerability":"VCID-57sd-8y93-qqhu"},{"vulnerability":"VCID-6r1k-8y1c-q7fm"},{"vulnerability":"VCID-jxgd-j4wr-tyb7"},{"vulnerability":"VCID-sz6r-65q1-q3bh"},{"vulnerability":"VCID-xte1-h9nn-4bbk"},{"vulnerability":"VCID-zsun-4q6p-8fek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.24%252B8-2~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933557?format=json","purl":"pkg:deb/debian/openjdk-11@11.0.31~6ea-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.31~6ea-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1062445?format=json","purl":"pkg:deb/debian/openjdk-11@11.0.31~10ea-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.31~10ea-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1067591?format=json","purl":"pkg:deb/debian/openjdk-11@11.0.31~10ea-2?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.31~10ea-2%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1077465?format=json","purl":"pkg:deb/debian/openjdk-11@11.0.31%2B11-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.31%252B11-1%3Fdistro=sid"}],"aliases":["CVE-2023-21939"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9uzg-sja9-hkcy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/31962?format=json","vulnerability_id":"VCID-a59u-h67v-yygm","summary":"Multiple vulnerabilities have been discovered in OpenJDK, the worst of which could lead to remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-22041.json","reference_id":"","reference_type":"","scores":[{"value":"5.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-22041.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-22041","reference_id":"","reference_type":"","scores":[{"value":"0.00073","scoring_system":"epss","scoring_elements":"0.22241","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00073","scoring_system":"epss","scoring_elements":"0.22289","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00073","scoring_system":"epss","scoring_elements":"0.22073","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00073","scoring_system":"epss","scoring_elements":"0.22154","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00073","scoring_system":"epss","scoring_elements":"0.22208","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00073","scoring_system":"epss","scoring_elements":"0.22229","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00073","scoring_system":"epss","scoring_elements":"0.22188","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00073","scoring_system":"epss","scoring_elements":"0.22128","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00073","scoring_system":"epss","scoring_elements":"0.22127","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00073","scoring_system":"epss","scoring_elements":"0.22122","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00095","scoring_system":"epss","scoring_elements":"0.26149","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00095","scoring_system":"epss","scoring_elements":"0.26356","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00095","scoring_system":"epss","scoring_elements":"0.26286","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00095","scoring_system":"epss","scoring_elements":"0.26278","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00095","scoring_system":"epss","scoring_elements":"0.26228","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00095","scoring_system":"epss","scoring_elements":"0.261","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00095","scoring_system":"epss","scoring_elements":"0.26166","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00095","scoring_system":"epss","scoring_elements":"0.26222","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00102","scoring_system":"epss","scoring_elements":"0.2755","published_at":"2026-05-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-22041"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21930","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21930"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21937","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21937"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21938","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21938"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21939","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21939"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21954","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21954"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21967","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21967"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21968","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21968"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22006","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22006"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22036","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22036"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22041","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22041"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22045","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22045"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22049","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22049"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2223207","reference_id":"2223207","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2223207"},{"reference_url":"https://security.gentoo.org/glsa/202407-24","reference_id":"GLSA-202407-24","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202407-24"},{"reference_url":"https://security.gentoo.org/glsa/202412-07","reference_id":"GLSA-202412-07","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-07"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4157","reference_id":"RHSA-2023:4157","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4157"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4158","reference_id":"RHSA-2023:4158","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4158"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4159","reference_id":"RHSA-2023:4159","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4159"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4161","reference_id":"RHSA-2023:4161","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4161"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4162","reference_id":"RHSA-2023:4162","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4162"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4163","reference_id":"RHSA-2023:4163","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4163"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4164","reference_id":"RHSA-2023:4164","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4164"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4165","reference_id":"RHSA-2023:4165","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4165"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4169","reference_id":"RHSA-2023:4169","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4169"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4170","reference_id":"RHSA-2023:4170","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4170"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4171","reference_id":"RHSA-2023:4171","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4171"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4175","reference_id":"RHSA-2023:4175","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4175"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4177","reference_id":"RHSA-2023:4177","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4177"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4208","reference_id":"RHSA-2023:4208","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4208"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4210","reference_id":"RHSA-2023:4210","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4210"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4211","reference_id":"RHSA-2023:4211","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4211"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4233","reference_id":"RHSA-2023:4233","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4233"},{"reference_url":"https://usn.ubuntu.com/6263-1/","reference_id":"USN-6263-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6263-1/"},{"reference_url":"https://usn.ubuntu.com/6272-1/","reference_id":"USN-6272-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6272-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/933580?format=json","purl":"pkg:deb/debian/openjdk-11@11.0.20%2B8-1~deb11u1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.20%252B8-1~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933582?format=json","purl":"pkg:deb/debian/openjdk-11@11.0.20%2B8-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.20%252B8-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933555?format=json","purl":"pkg:deb/debian/openjdk-11@11.0.24%2B8-2~deb11u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1gha-995s-7qdg"},{"vulnerability":"VCID-57sd-8y93-qqhu"},{"vulnerability":"VCID-6r1k-8y1c-q7fm"},{"vulnerability":"VCID-jxgd-j4wr-tyb7"},{"vulnerability":"VCID-sz6r-65q1-q3bh"},{"vulnerability":"VCID-xte1-h9nn-4bbk"},{"vulnerability":"VCID-zsun-4q6p-8fek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.24%252B8-2~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933557?format=json","purl":"pkg:deb/debian/openjdk-11@11.0.31~6ea-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.31~6ea-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1062445?format=json","purl":"pkg:deb/debian/openjdk-11@11.0.31~10ea-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.31~10ea-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1067591?format=json","purl":"pkg:deb/debian/openjdk-11@11.0.31~10ea-2?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.31~10ea-2%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1077465?format=json","purl":"pkg:deb/debian/openjdk-11@11.0.31%2B11-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.31%252B11-1%3Fdistro=sid"}],"aliases":["CVE-2023-22041"],"risk_score":2.3,"exploitability":"0.5","weighted_severity":"4.6","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-a59u-h67v-yygm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/78479?format=json","vulnerability_id":"VCID-dwh6-xw5k-mqg8","summary":"OpenJDK: missing string checks for NULL characters (8296622)","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-21937.json","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-21937.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-21937","reference_id":"","reference_type":"","scores":[{"value":"0.00084","scoring_system":"epss","scoring_elements":"0.24483","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00084","scoring_system":"epss","scoring_elements":"0.24246","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00084","scoring_system":"epss","scoring_elements":"0.24367","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00084","scoring_system":"epss","scoring_elements":"0.2441","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00084","scoring_system":"epss","scoring_elements":"0.24425","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.2496","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.25149","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.25188","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.25029","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.25073","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.25087","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.25047","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.24993","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.25005","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.24998","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00098","scoring_system":"epss","scoring_elements":"0.2675","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00098","scoring_system":"epss","scoring_elements":"0.26691","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00098","scoring_system":"epss","scoring_elements":"0.26673","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00098","scoring_system":"epss","scoring_elements":"0.26702","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00099","scoring_system":"epss","scoring_elements":"0.27184","published_at":"2026-05-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-21937"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21930","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21930"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21937","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21937"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21938","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21938"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21939","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21939"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21954","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21954"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21967","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21967"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21968","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21968"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22006","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22006"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22036","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22036"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22041","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22041"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22045","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22045"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22049","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22049"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1035957","reference_id":"1035957","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1035957"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036280","reference_id":"1036280","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036280"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2187790","reference_id":"2187790","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2187790"},{"reference_url":"https://www.debian.org/security/2023/dsa-5430","reference_id":"dsa-5430","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-17T13:34:57Z/"}],"url":"https://www.debian.org/security/2023/dsa-5430"},{"reference_url":"https://www.debian.org/security/2023/dsa-5478","reference_id":"dsa-5478","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-17T13:34:57Z/"}],"url":"https://www.debian.org/security/2023/dsa-5478"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2023/09/msg00018.html","reference_id":"msg00018.html","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-17T13:34:57Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2023/09/msg00018.html"},{"reference_url":"https://security.netapp.com/advisory/ntap-20230427-0008/","reference_id":"ntap-20230427-0008","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-17T13:34:57Z/"}],"url":"https://security.netapp.com/advisory/ntap-20230427-0008/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1875","reference_id":"RHSA-2023:1875","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1875"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1877","reference_id":"RHSA-2023:1877","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1877"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1878","reference_id":"RHSA-2023:1878","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1878"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1879","reference_id":"RHSA-2023:1879","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1879"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1880","reference_id":"RHSA-2023:1880","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1880"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1882","reference_id":"RHSA-2023:1882","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1882"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1883","reference_id":"RHSA-2023:1883","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1883"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1884","reference_id":"RHSA-2023:1884","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1884"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1885","reference_id":"RHSA-2023:1885","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1885"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1889","reference_id":"RHSA-2023:1889","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1889"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1890","reference_id":"RHSA-2023:1890","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1890"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1891","reference_id":"RHSA-2023:1891","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1891"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1892","reference_id":"RHSA-2023:1892","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1892"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1895","reference_id":"RHSA-2023:1895","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1895"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1898","reference_id":"RHSA-2023:1898","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1898"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1899","reference_id":"RHSA-2023:1899","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1899"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1900","reference_id":"RHSA-2023:1900","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1900"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1903","reference_id":"RHSA-2023:1903","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1903"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1904","reference_id":"RHSA-2023:1904","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1904"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1905","reference_id":"RHSA-2023:1905","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1905"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1906","reference_id":"RHSA-2023:1906","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1906"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1907","reference_id":"RHSA-2023:1907","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1907"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1908","reference_id":"RHSA-2023:1908","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1908"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1909","reference_id":"RHSA-2023:1909","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1909"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1910","reference_id":"RHSA-2023:1910","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1910"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1911","reference_id":"RHSA-2023:1911","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1911"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1912","reference_id":"RHSA-2023:1912","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1912"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4103","reference_id":"RHSA-2023:4103","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4103"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4160","reference_id":"RHSA-2023:4160","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4160"},{"reference_url":"https://usn.ubuntu.com/6077-1/","reference_id":"USN-6077-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6077-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/933581?format=json","purl":"pkg:deb/debian/openjdk-11@11.0.19%2B7-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.19%252B7-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933580?format=json","purl":"pkg:deb/debian/openjdk-11@11.0.20%2B8-1~deb11u1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.20%252B8-1~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933555?format=json","purl":"pkg:deb/debian/openjdk-11@11.0.24%2B8-2~deb11u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1gha-995s-7qdg"},{"vulnerability":"VCID-57sd-8y93-qqhu"},{"vulnerability":"VCID-6r1k-8y1c-q7fm"},{"vulnerability":"VCID-jxgd-j4wr-tyb7"},{"vulnerability":"VCID-sz6r-65q1-q3bh"},{"vulnerability":"VCID-xte1-h9nn-4bbk"},{"vulnerability":"VCID-zsun-4q6p-8fek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.24%252B8-2~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933557?format=json","purl":"pkg:deb/debian/openjdk-11@11.0.31~6ea-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.31~6ea-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1062445?format=json","purl":"pkg:deb/debian/openjdk-11@11.0.31~10ea-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.31~10ea-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1067591?format=json","purl":"pkg:deb/debian/openjdk-11@11.0.31~10ea-2?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.31~10ea-2%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1077465?format=json","purl":"pkg:deb/debian/openjdk-11@11.0.31%2B11-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.31%252B11-1%3Fdistro=sid"}],"aliases":["CVE-2023-21937"],"risk_score":1.6,"exploitability":"0.5","weighted_severity":"3.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-dwh6-xw5k-mqg8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/31965?format=json","vulnerability_id":"VCID-dyg2-udwy-cud7","summary":"Multiple vulnerabilities have been discovered in OpenJDK, the worst of which could lead to remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-22045.json","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-22045.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-22045","reference_id":"","reference_type":"","scores":[{"value":"0.00132","scoring_system":"epss","scoring_elements":"0.32215","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00132","scoring_system":"epss","scoring_elements":"0.32194","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00132","scoring_system":"epss","scoring_elements":"0.32287","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00132","scoring_system":"epss","scoring_elements":"0.32276","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00132","scoring_system":"epss","scoring_elements":"0.32212","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00132","scoring_system":"epss","scoring_elements":"0.32349","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00132","scoring_system":"epss","scoring_elements":"0.32431","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00132","scoring_system":"epss","scoring_elements":"0.32699","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00132","scoring_system":"epss","scoring_elements":"0.32547","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00141","scoring_system":"epss","scoring_elements":"0.33758","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00153","scoring_system":"epss","scoring_elements":"0.36067","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00153","scoring_system":"epss","scoring_elements":"0.3604","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00153","scoring_system":"epss","scoring_elements":"0.36066","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00153","scoring_system":"epss","scoring_elements":"0.36104","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00153","scoring_system":"epss","scoring_elements":"0.36098","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00153","scoring_system":"epss","scoring_elements":"0.3608","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00153","scoring_system":"epss","scoring_elements":"0.3603","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00201","scoring_system":"epss","scoring_elements":"0.42172","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00201","scoring_system":"epss","scoring_elements":"0.42145","published_at":"2026-04-02T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-22045"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21930","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21930"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21937","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21937"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21938","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21938"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21939","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21939"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21954","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21954"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21967","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21967"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21968","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21968"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22006","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22006"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22036","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22036"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22041","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22041"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22045","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22045"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22049","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22049"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2221645","reference_id":"2221645","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2221645"},{"reference_url":"https://security.gentoo.org/glsa/202407-24","reference_id":"GLSA-202407-24","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202407-24"},{"reference_url":"https://security.gentoo.org/glsa/202412-07","reference_id":"GLSA-202412-07","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-07"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4157","reference_id":"RHSA-2023:4157","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4157"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4158","reference_id":"RHSA-2023:4158","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4158"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4159","reference_id":"RHSA-2023:4159","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4159"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4161","reference_id":"RHSA-2023:4161","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4161"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4162","reference_id":"RHSA-2023:4162","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4162"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4163","reference_id":"RHSA-2023:4163","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4163"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4164","reference_id":"RHSA-2023:4164","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4164"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4165","reference_id":"RHSA-2023:4165","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4165"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4166","reference_id":"RHSA-2023:4166","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4166"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4167","reference_id":"RHSA-2023:4167","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4167"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4168","reference_id":"RHSA-2023:4168","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4168"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4169","reference_id":"RHSA-2023:4169","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4169"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4170","reference_id":"RHSA-2023:4170","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4170"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4171","reference_id":"RHSA-2023:4171","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4171"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4172","reference_id":"RHSA-2023:4172","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4172"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4173","reference_id":"RHSA-2023:4173","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4173"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4174","reference_id":"RHSA-2023:4174","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4174"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4175","reference_id":"RHSA-2023:4175","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4175"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4176","reference_id":"RHSA-2023:4176","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4176"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4177","reference_id":"RHSA-2023:4177","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4177"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4178","reference_id":"RHSA-2023:4178","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4178"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4208","reference_id":"RHSA-2023:4208","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4208"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4209","reference_id":"RHSA-2023:4209","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4209"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4210","reference_id":"RHSA-2023:4210","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4210"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4211","reference_id":"RHSA-2023:4211","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4211"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4212","reference_id":"RHSA-2023:4212","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4212"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4233","reference_id":"RHSA-2023:4233","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4233"},{"reference_url":"https://usn.ubuntu.com/6263-1/","reference_id":"USN-6263-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6263-1/"},{"reference_url":"https://usn.ubuntu.com/6272-1/","reference_id":"USN-6272-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6272-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/933580?format=json","purl":"pkg:deb/debian/openjdk-11@11.0.20%2B8-1~deb11u1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.20%252B8-1~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933582?format=json","purl":"pkg:deb/debian/openjdk-11@11.0.20%2B8-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.20%252B8-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933555?format=json","purl":"pkg:deb/debian/openjdk-11@11.0.24%2B8-2~deb11u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1gha-995s-7qdg"},{"vulnerability":"VCID-57sd-8y93-qqhu"},{"vulnerability":"VCID-6r1k-8y1c-q7fm"},{"vulnerability":"VCID-jxgd-j4wr-tyb7"},{"vulnerability":"VCID-sz6r-65q1-q3bh"},{"vulnerability":"VCID-xte1-h9nn-4bbk"},{"vulnerability":"VCID-zsun-4q6p-8fek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.24%252B8-2~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933557?format=json","purl":"pkg:deb/debian/openjdk-11@11.0.31~6ea-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.31~6ea-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1062445?format=json","purl":"pkg:deb/debian/openjdk-11@11.0.31~10ea-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.31~10ea-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1067591?format=json","purl":"pkg:deb/debian/openjdk-11@11.0.31~10ea-2?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.31~10ea-2%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1077465?format=json","purl":"pkg:deb/debian/openjdk-11@11.0.31%2B11-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.31%252B11-1%3Fdistro=sid"}],"aliases":["CVE-2023-22045"],"risk_score":1.6,"exploitability":"0.5","weighted_severity":"3.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-dyg2-udwy-cud7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/78475?format=json","vulnerability_id":"VCID-fhj9-p1gx-c7hp","summary":"OpenJDK: incorrect enqueue of references in garbage collector (8298191)","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-21954.json","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-21954.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-21954","reference_id":"","reference_type":"","scores":[{"value":"0.00047","scoring_system":"epss","scoring_elements":"0.14614","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00047","scoring_system":"epss","scoring_elements":"0.1458","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00047","scoring_system":"epss","scoring_elements":"0.14458","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00047","scoring_system":"epss","scoring_elements":"0.14641","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00047","scoring_system":"epss","scoring_elements":"0.14644","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00049","scoring_system":"epss","scoring_elements":"0.15161","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00049","scoring_system":"epss","scoring_elements":"0.15288","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00049","scoring_system":"epss","scoring_elements":"0.15357","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00049","scoring_system":"epss","scoring_elements":"0.15249","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00049","scoring_system":"epss","scoring_elements":"0.15301","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00049","scoring_system":"epss","scoring_elements":"0.1527","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00049","scoring_system":"epss","scoring_elements":"0.15232","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00049","scoring_system":"epss","scoring_elements":"0.15167","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00049","scoring_system":"epss","scoring_elements":"0.15081","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00049","scoring_system":"epss","scoring_elements":"0.15089","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00055","scoring_system":"epss","scoring_elements":"0.17162","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00055","scoring_system":"epss","scoring_elements":"0.1717","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00055","scoring_system":"epss","scoring_elements":"0.17133","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00055","scoring_system":"epss","scoring_elements":"0.17069","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00056","scoring_system":"epss","scoring_elements":"0.17436","published_at":"2026-05-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-21954"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21930","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21930"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21937","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21937"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21938","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21938"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21939","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21939"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21954","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21954"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21967","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21967"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21968","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21968"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22006","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22006"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22036","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22036"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22041","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22041"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22045","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22045"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22049","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22049"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1035957","reference_id":"1035957","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1035957"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036280","reference_id":"1036280","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036280"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2187441","reference_id":"2187441","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2187441"},{"reference_url":"https://www.debian.org/security/2023/dsa-5430","reference_id":"dsa-5430","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-16T14:39:04Z/"}],"url":"https://www.debian.org/security/2023/dsa-5430"},{"reference_url":"https://www.debian.org/security/2023/dsa-5478","reference_id":"dsa-5478","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-16T14:39:04Z/"}],"url":"https://www.debian.org/security/2023/dsa-5478"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2023/09/msg00018.html","reference_id":"msg00018.html","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-16T14:39:04Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2023/09/msg00018.html"},{"reference_url":"https://security.netapp.com/advisory/ntap-20230427-0008/","reference_id":"ntap-20230427-0008","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-16T14:39:04Z/"}],"url":"https://security.netapp.com/advisory/ntap-20230427-0008/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1875","reference_id":"RHSA-2023:1875","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1875"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1877","reference_id":"RHSA-2023:1877","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1877"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1878","reference_id":"RHSA-2023:1878","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1878"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1879","reference_id":"RHSA-2023:1879","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1879"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1880","reference_id":"RHSA-2023:1880","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1880"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1882","reference_id":"RHSA-2023:1882","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1882"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1883","reference_id":"RHSA-2023:1883","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1883"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1884","reference_id":"RHSA-2023:1884","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1884"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1885","reference_id":"RHSA-2023:1885","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1885"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1889","reference_id":"RHSA-2023:1889","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1889"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1890","reference_id":"RHSA-2023:1890","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1890"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1891","reference_id":"RHSA-2023:1891","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1891"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1892","reference_id":"RHSA-2023:1892","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1892"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1895","reference_id":"RHSA-2023:1895","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1895"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1898","reference_id":"RHSA-2023:1898","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1898"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1899","reference_id":"RHSA-2023:1899","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1899"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1900","reference_id":"RHSA-2023:1900","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1900"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1903","reference_id":"RHSA-2023:1903","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1903"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1904","reference_id":"RHSA-2023:1904","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1904"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1905","reference_id":"RHSA-2023:1905","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1905"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1906","reference_id":"RHSA-2023:1906","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1906"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1907","reference_id":"RHSA-2023:1907","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1907"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1908","reference_id":"RHSA-2023:1908","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1908"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1909","reference_id":"RHSA-2023:1909","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1909"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1910","reference_id":"RHSA-2023:1910","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1910"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1911","reference_id":"RHSA-2023:1911","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1911"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1912","reference_id":"RHSA-2023:1912","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1912"},{"reference_url":"https://usn.ubuntu.com/6077-1/","reference_id":"USN-6077-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6077-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/933581?format=json","purl":"pkg:deb/debian/openjdk-11@11.0.19%2B7-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.19%252B7-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933580?format=json","purl":"pkg:deb/debian/openjdk-11@11.0.20%2B8-1~deb11u1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.20%252B8-1~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933555?format=json","purl":"pkg:deb/debian/openjdk-11@11.0.24%2B8-2~deb11u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1gha-995s-7qdg"},{"vulnerability":"VCID-57sd-8y93-qqhu"},{"vulnerability":"VCID-6r1k-8y1c-q7fm"},{"vulnerability":"VCID-jxgd-j4wr-tyb7"},{"vulnerability":"VCID-sz6r-65q1-q3bh"},{"vulnerability":"VCID-xte1-h9nn-4bbk"},{"vulnerability":"VCID-zsun-4q6p-8fek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.24%252B8-2~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933557?format=json","purl":"pkg:deb/debian/openjdk-11@11.0.31~6ea-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.31~6ea-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1062445?format=json","purl":"pkg:deb/debian/openjdk-11@11.0.31~10ea-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.31~10ea-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1067591?format=json","purl":"pkg:deb/debian/openjdk-11@11.0.31~10ea-2?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.31~10ea-2%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1077465?format=json","purl":"pkg:deb/debian/openjdk-11@11.0.31%2B11-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.31%252B11-1%3Fdistro=sid"}],"aliases":["CVE-2023-21954"],"risk_score":2.6,"exploitability":"0.5","weighted_severity":"5.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fhj9-p1gx-c7hp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/31966?format=json","vulnerability_id":"VCID-gjgy-dfq7-zfb2","summary":"Multiple vulnerabilities have been discovered in OpenJDK, the worst of which could lead to remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-22049.json","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-22049.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-22049","reference_id":"","reference_type":"","scores":[{"value":"0.00065","scoring_system":"epss","scoring_elements":"0.20281","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00065","scoring_system":"epss","scoring_elements":"0.20223","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00065","scoring_system":"epss","scoring_elements":"0.20303","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00065","scoring_system":"epss","scoring_elements":"0.20363","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00065","scoring_system":"epss","scoring_elements":"0.20392","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00065","scoring_system":"epss","scoring_elements":"0.20347","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00065","scoring_system":"epss","scoring_elements":"0.20289","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00065","scoring_system":"epss","scoring_elements":"0.20277","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00078","scoring_system":"epss","scoring_elements":"0.22952","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00078","scoring_system":"epss","scoring_elements":"0.22808","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00078","scoring_system":"epss","scoring_elements":"0.22891","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00078","scoring_system":"epss","scoring_elements":"0.22968","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00078","scoring_system":"epss","scoring_elements":"0.22935","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00078","scoring_system":"epss","scoring_elements":"0.23097","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00078","scoring_system":"epss","scoring_elements":"0.22921","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00078","scoring_system":"epss","scoring_elements":"0.22915","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00078","scoring_system":"epss","scoring_elements":"0.22912","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.2409","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00086","scoring_system":"epss","scoring_elements":"0.24903","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00086","scoring_system":"epss","scoring_elements":"0.24864","published_at":"2026-04-02T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-22049"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21930","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21930"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21937","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21937"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21938","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21938"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21939","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21939"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21954","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21954"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21967","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21967"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21968","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21968"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22006","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22006"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22036","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22036"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22041","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22041"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22045","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22045"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22049","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22049"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2221647","reference_id":"2221647","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2221647"},{"reference_url":"https://security.gentoo.org/glsa/202407-24","reference_id":"GLSA-202407-24","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202407-24"},{"reference_url":"https://security.gentoo.org/glsa/202412-07","reference_id":"GLSA-202412-07","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-07"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4157","reference_id":"RHSA-2023:4157","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4157"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4158","reference_id":"RHSA-2023:4158","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4158"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4159","reference_id":"RHSA-2023:4159","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4159"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4161","reference_id":"RHSA-2023:4161","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4161"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4162","reference_id":"RHSA-2023:4162","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4162"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4163","reference_id":"RHSA-2023:4163","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4163"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4164","reference_id":"RHSA-2023:4164","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4164"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4165","reference_id":"RHSA-2023:4165","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4165"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4166","reference_id":"RHSA-2023:4166","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4166"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4167","reference_id":"RHSA-2023:4167","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4167"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4168","reference_id":"RHSA-2023:4168","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4168"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4169","reference_id":"RHSA-2023:4169","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4169"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4170","reference_id":"RHSA-2023:4170","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4170"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4171","reference_id":"RHSA-2023:4171","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4171"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4172","reference_id":"RHSA-2023:4172","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4172"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4173","reference_id":"RHSA-2023:4173","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4173"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4174","reference_id":"RHSA-2023:4174","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4174"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4175","reference_id":"RHSA-2023:4175","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4175"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4176","reference_id":"RHSA-2023:4176","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4176"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4177","reference_id":"RHSA-2023:4177","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4177"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4178","reference_id":"RHSA-2023:4178","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4178"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4208","reference_id":"RHSA-2023:4208","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4208"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4209","reference_id":"RHSA-2023:4209","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4209"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4210","reference_id":"RHSA-2023:4210","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4210"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4211","reference_id":"RHSA-2023:4211","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4211"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4212","reference_id":"RHSA-2023:4212","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4212"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4233","reference_id":"RHSA-2023:4233","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4233"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4876","reference_id":"RHSA-2023:4876","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4876"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4877","reference_id":"RHSA-2023:4877","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4877"},{"reference_url":"https://usn.ubuntu.com/6263-1/","reference_id":"USN-6263-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6263-1/"},{"reference_url":"https://usn.ubuntu.com/6272-1/","reference_id":"USN-6272-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6272-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/933580?format=json","purl":"pkg:deb/debian/openjdk-11@11.0.20%2B8-1~deb11u1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.20%252B8-1~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933582?format=json","purl":"pkg:deb/debian/openjdk-11@11.0.20%2B8-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.20%252B8-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933555?format=json","purl":"pkg:deb/debian/openjdk-11@11.0.24%2B8-2~deb11u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1gha-995s-7qdg"},{"vulnerability":"VCID-57sd-8y93-qqhu"},{"vulnerability":"VCID-6r1k-8y1c-q7fm"},{"vulnerability":"VCID-jxgd-j4wr-tyb7"},{"vulnerability":"VCID-sz6r-65q1-q3bh"},{"vulnerability":"VCID-xte1-h9nn-4bbk"},{"vulnerability":"VCID-zsun-4q6p-8fek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.24%252B8-2~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933557?format=json","purl":"pkg:deb/debian/openjdk-11@11.0.31~6ea-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.31~6ea-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1062445?format=json","purl":"pkg:deb/debian/openjdk-11@11.0.31~10ea-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.31~10ea-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1067591?format=json","purl":"pkg:deb/debian/openjdk-11@11.0.31~10ea-2?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.31~10ea-2%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1077465?format=json","purl":"pkg:deb/debian/openjdk-11@11.0.31%2B11-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.31%252B11-1%3Fdistro=sid"}],"aliases":["CVE-2023-22049"],"risk_score":1.6,"exploitability":"0.5","weighted_severity":"3.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-gjgy-dfq7-zfb2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/31960?format=json","vulnerability_id":"VCID-jw6x-cntu-nfht","summary":"Multiple vulnerabilities have been discovered in OpenJDK, the worst of which could lead to remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-22036.json","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-22036.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-22036","reference_id":"","reference_type":"","scores":[{"value":"0.00097","scoring_system":"epss","scoring_elements":"0.26986","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00097","scoring_system":"epss","scoring_elements":"0.27022","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00097","scoring_system":"epss","scoring_elements":"0.26812","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00097","scoring_system":"epss","scoring_elements":"0.26881","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00097","scoring_system":"epss","scoring_elements":"0.26928","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00097","scoring_system":"epss","scoring_elements":"0.26932","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00097","scoring_system":"epss","scoring_elements":"0.26888","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00097","scoring_system":"epss","scoring_elements":"0.26831","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00097","scoring_system":"epss","scoring_elements":"0.26838","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00097","scoring_system":"epss","scoring_elements":"0.26809","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00097","scoring_system":"epss","scoring_elements":"0.26554","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00097","scoring_system":"epss","scoring_elements":"0.26572","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00097","scoring_system":"epss","scoring_elements":"0.26771","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00097","scoring_system":"epss","scoring_elements":"0.26714","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00097","scoring_system":"epss","scoring_elements":"0.26706","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00097","scoring_system":"epss","scoring_elements":"0.26636","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00097","scoring_system":"epss","scoring_elements":"0.26502","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00097","scoring_system":"epss","scoring_elements":"0.26571","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00097","scoring_system":"epss","scoring_elements":"0.26626","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00104","scoring_system":"epss","scoring_elements":"0.27943","published_at":"2026-05-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-22036"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21930","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21930"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21937","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21937"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21938","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21938"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21939","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21939"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21954","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21954"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21967","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21967"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21968","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21968"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22006","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22006"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22036","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22036"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22041","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22041"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22045","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22045"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22049","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22049"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2221634","reference_id":"2221634","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2221634"},{"reference_url":"https://security.gentoo.org/glsa/202407-24","reference_id":"GLSA-202407-24","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202407-24"},{"reference_url":"https://security.gentoo.org/glsa/202412-07","reference_id":"GLSA-202412-07","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-07"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4157","reference_id":"RHSA-2023:4157","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4157"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4158","reference_id":"RHSA-2023:4158","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4158"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4159","reference_id":"RHSA-2023:4159","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4159"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4161","reference_id":"RHSA-2023:4161","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4161"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4162","reference_id":"RHSA-2023:4162","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4162"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4163","reference_id":"RHSA-2023:4163","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4163"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4164","reference_id":"RHSA-2023:4164","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4164"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4165","reference_id":"RHSA-2023:4165","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4165"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4169","reference_id":"RHSA-2023:4169","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4169"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4170","reference_id":"RHSA-2023:4170","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4170"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4171","reference_id":"RHSA-2023:4171","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4171"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4175","reference_id":"RHSA-2023:4175","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4175"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4177","reference_id":"RHSA-2023:4177","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4177"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4208","reference_id":"RHSA-2023:4208","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4208"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4210","reference_id":"RHSA-2023:4210","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4210"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4211","reference_id":"RHSA-2023:4211","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4211"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4233","reference_id":"RHSA-2023:4233","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4233"},{"reference_url":"https://usn.ubuntu.com/6263-1/","reference_id":"USN-6263-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6263-1/"},{"reference_url":"https://usn.ubuntu.com/6272-1/","reference_id":"USN-6272-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6272-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/933580?format=json","purl":"pkg:deb/debian/openjdk-11@11.0.20%2B8-1~deb11u1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.20%252B8-1~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933582?format=json","purl":"pkg:deb/debian/openjdk-11@11.0.20%2B8-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.20%252B8-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933555?format=json","purl":"pkg:deb/debian/openjdk-11@11.0.24%2B8-2~deb11u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1gha-995s-7qdg"},{"vulnerability":"VCID-57sd-8y93-qqhu"},{"vulnerability":"VCID-6r1k-8y1c-q7fm"},{"vulnerability":"VCID-jxgd-j4wr-tyb7"},{"vulnerability":"VCID-sz6r-65q1-q3bh"},{"vulnerability":"VCID-xte1-h9nn-4bbk"},{"vulnerability":"VCID-zsun-4q6p-8fek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.24%252B8-2~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933557?format=json","purl":"pkg:deb/debian/openjdk-11@11.0.31~6ea-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.31~6ea-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1062445?format=json","purl":"pkg:deb/debian/openjdk-11@11.0.31~10ea-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.31~10ea-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1067591?format=json","purl":"pkg:deb/debian/openjdk-11@11.0.31~10ea-2?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.31~10ea-2%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1077465?format=json","purl":"pkg:deb/debian/openjdk-11@11.0.31%2B11-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.31%252B11-1%3Fdistro=sid"}],"aliases":["CVE-2023-22036"],"risk_score":1.6,"exploitability":"0.5","weighted_severity":"3.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-jw6x-cntu-nfht"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/78474?format=json","vulnerability_id":"VCID-kq78-adbv-67a7","summary":"OpenJDK: improper connection handling during TLS handshake (8294474)","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-21930.json","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-21930.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-21930","reference_id":"","reference_type":"","scores":[{"value":"0.0015","scoring_system":"epss","scoring_elements":"0.35479","published_at":"2026-04-21T12:55:00Z"},{"value":"0.0015","scoring_system":"epss","scoring_elements":"0.35021","published_at":"2026-05-05T12:55:00Z"},{"value":"0.0015","scoring_system":"epss","scoring_elements":"0.35142","published_at":"2026-04-29T12:55:00Z"},{"value":"0.0015","scoring_system":"epss","scoring_elements":"0.35221","published_at":"2026-04-26T12:55:00Z"},{"value":"0.0015","scoring_system":"epss","scoring_elements":"0.35243","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00155","scoring_system":"epss","scoring_elements":"0.36239","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00155","scoring_system":"epss","scoring_elements":"0.36242","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00155","scoring_system":"epss","scoring_elements":"0.36258","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00155","scoring_system":"epss","scoring_elements":"0.36214","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00155","scoring_system":"epss","scoring_elements":"0.36276","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00159","scoring_system":"epss","scoring_elements":"0.36774","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00159","scoring_system":"epss","scoring_elements":"0.36908","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00159","scoring_system":"epss","scoring_elements":"0.36941","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00159","scoring_system":"epss","scoring_elements":"0.36824","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00159","scoring_system":"epss","scoring_elements":"0.36839","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00174","scoring_system":"epss","scoring_elements":"0.38417","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00174","scoring_system":"epss","scoring_elements":"0.38327","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00174","scoring_system":"epss","scoring_elements":"0.38406","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00174","scoring_system":"epss","scoring_elements":"0.38351","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00236","scoring_system":"epss","scoring_elements":"0.46562","published_at":"2026-05-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-21930"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21930","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21930"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21937","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21937"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21938","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21938"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21939","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21939"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21954","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21954"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21967","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21967"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21968","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21968"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22006","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22006"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22036","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22036"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22041","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22041"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22045","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22045"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22049","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22049"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1035957","reference_id":"1035957","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1035957"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036280","reference_id":"1036280","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036280"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2187435","reference_id":"2187435","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2187435"},{"reference_url":"https://www.debian.org/security/2023/dsa-5430","reference_id":"dsa-5430","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-22T19:44:31Z/"}],"url":"https://www.debian.org/security/2023/dsa-5430"},{"reference_url":"https://www.debian.org/security/2023/dsa-5478","reference_id":"dsa-5478","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-22T19:44:31Z/"}],"url":"https://www.debian.org/security/2023/dsa-5478"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2023/09/msg00018.html","reference_id":"msg00018.html","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-22T19:44:31Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2023/09/msg00018.html"},{"reference_url":"https://security.netapp.com/advisory/ntap-20230427-0008/","reference_id":"ntap-20230427-0008","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-22T19:44:31Z/"}],"url":"https://security.netapp.com/advisory/ntap-20230427-0008/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1875","reference_id":"RHSA-2023:1875","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1875"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1877","reference_id":"RHSA-2023:1877","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1877"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1878","reference_id":"RHSA-2023:1878","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1878"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1879","reference_id":"RHSA-2023:1879","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1879"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1880","reference_id":"RHSA-2023:1880","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1880"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1882","reference_id":"RHSA-2023:1882","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1882"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1883","reference_id":"RHSA-2023:1883","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1883"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1884","reference_id":"RHSA-2023:1884","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1884"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1885","reference_id":"RHSA-2023:1885","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1885"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1889","reference_id":"RHSA-2023:1889","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1889"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1890","reference_id":"RHSA-2023:1890","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1890"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1891","reference_id":"RHSA-2023:1891","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1891"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1892","reference_id":"RHSA-2023:1892","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1892"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1895","reference_id":"RHSA-2023:1895","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1895"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1898","reference_id":"RHSA-2023:1898","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1898"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1899","reference_id":"RHSA-2023:1899","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1899"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1900","reference_id":"RHSA-2023:1900","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1900"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1903","reference_id":"RHSA-2023:1903","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1903"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1904","reference_id":"RHSA-2023:1904","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1904"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1905","reference_id":"RHSA-2023:1905","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1905"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1906","reference_id":"RHSA-2023:1906","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1906"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1907","reference_id":"RHSA-2023:1907","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1907"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1908","reference_id":"RHSA-2023:1908","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1908"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1909","reference_id":"RHSA-2023:1909","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1909"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1910","reference_id":"RHSA-2023:1910","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1910"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1911","reference_id":"RHSA-2023:1911","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1911"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1912","reference_id":"RHSA-2023:1912","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1912"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4103","reference_id":"RHSA-2023:4103","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4103"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4160","reference_id":"RHSA-2023:4160","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4160"},{"reference_url":"https://usn.ubuntu.com/6077-1/","reference_id":"USN-6077-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6077-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/933581?format=json","purl":"pkg:deb/debian/openjdk-11@11.0.19%2B7-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.19%252B7-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933580?format=json","purl":"pkg:deb/debian/openjdk-11@11.0.20%2B8-1~deb11u1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.20%252B8-1~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933555?format=json","purl":"pkg:deb/debian/openjdk-11@11.0.24%2B8-2~deb11u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1gha-995s-7qdg"},{"vulnerability":"VCID-57sd-8y93-qqhu"},{"vulnerability":"VCID-6r1k-8y1c-q7fm"},{"vulnerability":"VCID-jxgd-j4wr-tyb7"},{"vulnerability":"VCID-sz6r-65q1-q3bh"},{"vulnerability":"VCID-xte1-h9nn-4bbk"},{"vulnerability":"VCID-zsun-4q6p-8fek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.24%252B8-2~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933557?format=json","purl":"pkg:deb/debian/openjdk-11@11.0.31~6ea-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.31~6ea-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1062445?format=json","purl":"pkg:deb/debian/openjdk-11@11.0.31~10ea-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.31~10ea-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1067591?format=json","purl":"pkg:deb/debian/openjdk-11@11.0.31~10ea-2?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.31~10ea-2%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1077465?format=json","purl":"pkg:deb/debian/openjdk-11@11.0.31%2B11-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.31%252B11-1%3Fdistro=sid"}],"aliases":["CVE-2023-21930"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-kq78-adbv-67a7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/78478?format=json","vulnerability_id":"VCID-q5gr-6u92-6ybk","summary":"OpenJDK: incorrect handling of NULL characters in ProcessBuilder (8295304)","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-21938.json","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-21938.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-21938","reference_id":"","reference_type":"","scores":[{"value":"0.00084","scoring_system":"epss","scoring_elements":"0.24483","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00084","scoring_system":"epss","scoring_elements":"0.24246","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00084","scoring_system":"epss","scoring_elements":"0.24367","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00084","scoring_system":"epss","scoring_elements":"0.2441","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00084","scoring_system":"epss","scoring_elements":"0.24425","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.2496","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.25149","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.25188","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.25029","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.25073","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.25087","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.25047","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.24993","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.25005","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.24998","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00098","scoring_system":"epss","scoring_elements":"0.2675","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00098","scoring_system":"epss","scoring_elements":"0.26691","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00098","scoring_system":"epss","scoring_elements":"0.26673","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00098","scoring_system":"epss","scoring_elements":"0.26702","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00099","scoring_system":"epss","scoring_elements":"0.27184","published_at":"2026-05-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-21938"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21930","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21930"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21937","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21937"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21938","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21938"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21939","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21939"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21954","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21954"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21967","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21967"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21968","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21968"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22006","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22006"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22036","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22036"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22041","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22041"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22045","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22045"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22049","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22049"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1035957","reference_id":"1035957","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1035957"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036280","reference_id":"1036280","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036280"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2187758","reference_id":"2187758","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2187758"},{"reference_url":"https://www.debian.org/security/2023/dsa-5430","reference_id":"dsa-5430","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-16T14:39:35Z/"}],"url":"https://www.debian.org/security/2023/dsa-5430"},{"reference_url":"https://www.debian.org/security/2023/dsa-5478","reference_id":"dsa-5478","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-16T14:39:35Z/"}],"url":"https://www.debian.org/security/2023/dsa-5478"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2023/09/msg00018.html","reference_id":"msg00018.html","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-16T14:39:35Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2023/09/msg00018.html"},{"reference_url":"https://security.netapp.com/advisory/ntap-20230427-0008/","reference_id":"ntap-20230427-0008","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-16T14:39:35Z/"}],"url":"https://security.netapp.com/advisory/ntap-20230427-0008/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1875","reference_id":"RHSA-2023:1875","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1875"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1877","reference_id":"RHSA-2023:1877","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1877"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1878","reference_id":"RHSA-2023:1878","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1878"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1879","reference_id":"RHSA-2023:1879","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1879"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1880","reference_id":"RHSA-2023:1880","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1880"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1882","reference_id":"RHSA-2023:1882","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1882"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1883","reference_id":"RHSA-2023:1883","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1883"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1884","reference_id":"RHSA-2023:1884","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1884"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1885","reference_id":"RHSA-2023:1885","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1885"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1889","reference_id":"RHSA-2023:1889","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1889"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1890","reference_id":"RHSA-2023:1890","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1890"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1891","reference_id":"RHSA-2023:1891","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1891"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1892","reference_id":"RHSA-2023:1892","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1892"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1895","reference_id":"RHSA-2023:1895","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1895"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1898","reference_id":"RHSA-2023:1898","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1898"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1899","reference_id":"RHSA-2023:1899","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1899"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1900","reference_id":"RHSA-2023:1900","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1900"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1903","reference_id":"RHSA-2023:1903","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1903"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1904","reference_id":"RHSA-2023:1904","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1904"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1905","reference_id":"RHSA-2023:1905","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1905"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1906","reference_id":"RHSA-2023:1906","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1906"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1907","reference_id":"RHSA-2023:1907","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1907"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1908","reference_id":"RHSA-2023:1908","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1908"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1909","reference_id":"RHSA-2023:1909","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1909"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1910","reference_id":"RHSA-2023:1910","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1910"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1911","reference_id":"RHSA-2023:1911","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1911"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1912","reference_id":"RHSA-2023:1912","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1912"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4103","reference_id":"RHSA-2023:4103","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4103"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4160","reference_id":"RHSA-2023:4160","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4160"},{"reference_url":"https://usn.ubuntu.com/6077-1/","reference_id":"USN-6077-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6077-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/933581?format=json","purl":"pkg:deb/debian/openjdk-11@11.0.19%2B7-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.19%252B7-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933580?format=json","purl":"pkg:deb/debian/openjdk-11@11.0.20%2B8-1~deb11u1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.20%252B8-1~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933555?format=json","purl":"pkg:deb/debian/openjdk-11@11.0.24%2B8-2~deb11u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1gha-995s-7qdg"},{"vulnerability":"VCID-57sd-8y93-qqhu"},{"vulnerability":"VCID-6r1k-8y1c-q7fm"},{"vulnerability":"VCID-jxgd-j4wr-tyb7"},{"vulnerability":"VCID-sz6r-65q1-q3bh"},{"vulnerability":"VCID-xte1-h9nn-4bbk"},{"vulnerability":"VCID-zsun-4q6p-8fek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.24%252B8-2~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933557?format=json","purl":"pkg:deb/debian/openjdk-11@11.0.31~6ea-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.31~6ea-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1062445?format=json","purl":"pkg:deb/debian/openjdk-11@11.0.31~10ea-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.31~10ea-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1067591?format=json","purl":"pkg:deb/debian/openjdk-11@11.0.31~10ea-2?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.31~10ea-2%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1077465?format=json","purl":"pkg:deb/debian/openjdk-11@11.0.31%2B11-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.31%252B11-1%3Fdistro=sid"}],"aliases":["CVE-2023-21938"],"risk_score":1.6,"exploitability":"0.5","weighted_severity":"3.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-q5gr-6u92-6ybk"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/31957?format=json","vulnerability_id":"VCID-x4ms-sbj7-aufu","summary":"Multiple vulnerabilities have been discovered in OpenJDK, the worst of which could lead to remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-22006.json","reference_id":"","reference_type":"","scores":[{"value":"3.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-22006.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-22006","reference_id":"","reference_type":"","scores":[{"value":"0.00134","scoring_system":"epss","scoring_elements":"0.3248","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00134","scoring_system":"epss","scoring_elements":"0.32459","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00134","scoring_system":"epss","scoring_elements":"0.32555","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00134","scoring_system":"epss","scoring_elements":"0.32546","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00134","scoring_system":"epss","scoring_elements":"0.32482","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00134","scoring_system":"epss","scoring_elements":"0.32622","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00134","scoring_system":"epss","scoring_elements":"0.32705","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00134","scoring_system":"epss","scoring_elements":"0.32964","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00134","scoring_system":"epss","scoring_elements":"0.32818","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00143","scoring_system":"epss","scoring_elements":"0.34037","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00147","scoring_system":"epss","scoring_elements":"0.35221","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00147","scoring_system":"epss","scoring_elements":"0.35235","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00147","scoring_system":"epss","scoring_elements":"0.35196","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00147","scoring_system":"epss","scoring_elements":"0.3522","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00147","scoring_system":"epss","scoring_elements":"0.35255","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00147","scoring_system":"epss","scoring_elements":"0.35251","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00147","scoring_system":"epss","scoring_elements":"0.35226","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00147","scoring_system":"epss","scoring_elements":"0.35182","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00147","scoring_system":"epss","scoring_elements":"0.353","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00147","scoring_system":"epss","scoring_elements":"0.35272","published_at":"2026-04-02T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-22006"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21930","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21930"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21937","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21937"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21938","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21938"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21939","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21939"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21954","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21954"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21967","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21967"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21968","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21968"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22006","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22006"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22036","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22036"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22041","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22041"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22045","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22045"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22049","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22049"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2221626","reference_id":"2221626","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2221626"},{"reference_url":"https://security.gentoo.org/glsa/202407-24","reference_id":"GLSA-202407-24","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202407-24"},{"reference_url":"https://security.gentoo.org/glsa/202412-07","reference_id":"GLSA-202412-07","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-07"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4157","reference_id":"RHSA-2023:4157","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4157"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4158","reference_id":"RHSA-2023:4158","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4158"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4159","reference_id":"RHSA-2023:4159","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4159"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4161","reference_id":"RHSA-2023:4161","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4161"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4162","reference_id":"RHSA-2023:4162","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4162"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4163","reference_id":"RHSA-2023:4163","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4163"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4164","reference_id":"RHSA-2023:4164","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4164"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4165","reference_id":"RHSA-2023:4165","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4165"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4169","reference_id":"RHSA-2023:4169","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4169"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4170","reference_id":"RHSA-2023:4170","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4170"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4171","reference_id":"RHSA-2023:4171","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4171"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4175","reference_id":"RHSA-2023:4175","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4175"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4177","reference_id":"RHSA-2023:4177","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4177"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4208","reference_id":"RHSA-2023:4208","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4208"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4210","reference_id":"RHSA-2023:4210","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4210"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4211","reference_id":"RHSA-2023:4211","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4211"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4233","reference_id":"RHSA-2023:4233","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4233"},{"reference_url":"https://usn.ubuntu.com/6263-1/","reference_id":"USN-6263-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6263-1/"},{"reference_url":"https://usn.ubuntu.com/6272-1/","reference_id":"USN-6272-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6272-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/933580?format=json","purl":"pkg:deb/debian/openjdk-11@11.0.20%2B8-1~deb11u1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.20%252B8-1~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933582?format=json","purl":"pkg:deb/debian/openjdk-11@11.0.20%2B8-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.20%252B8-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933555?format=json","purl":"pkg:deb/debian/openjdk-11@11.0.24%2B8-2~deb11u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1gha-995s-7qdg"},{"vulnerability":"VCID-57sd-8y93-qqhu"},{"vulnerability":"VCID-6r1k-8y1c-q7fm"},{"vulnerability":"VCID-jxgd-j4wr-tyb7"},{"vulnerability":"VCID-sz6r-65q1-q3bh"},{"vulnerability":"VCID-xte1-h9nn-4bbk"},{"vulnerability":"VCID-zsun-4q6p-8fek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.24%252B8-2~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933557?format=json","purl":"pkg:deb/debian/openjdk-11@11.0.31~6ea-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.31~6ea-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1062445?format=json","purl":"pkg:deb/debian/openjdk-11@11.0.31~10ea-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.31~10ea-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1067591?format=json","purl":"pkg:deb/debian/openjdk-11@11.0.31~10ea-2?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.31~10ea-2%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1077465?format=json","purl":"pkg:deb/debian/openjdk-11@11.0.31%2B11-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.31%252B11-1%3Fdistro=sid"}],"aliases":["CVE-2023-22006"],"risk_score":1.4,"exploitability":"0.5","weighted_severity":"2.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-x4ms-sbj7-aufu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/78476?format=json","vulnerability_id":"VCID-xk2v-7cgk-13ex","summary":"OpenJDK: certificate validation issue in TLS session negotiation (8298310)","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-21967.json","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-21967.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-21967","reference_id":"","reference_type":"","scores":[{"value":"0.00068","scoring_system":"epss","scoring_elements":"0.20967","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00068","scoring_system":"epss","scoring_elements":"0.20705","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00068","scoring_system":"epss","scoring_elements":"0.20802","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00068","scoring_system":"epss","scoring_elements":"0.20834","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00068","scoring_system":"epss","scoring_elements":"0.20837","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.21556","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.2175","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.21805","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.21633","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.21691","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.21702","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.21664","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.21607","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.21605","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.21613","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00079","scoring_system":"epss","scoring_elements":"0.23285","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00079","scoring_system":"epss","scoring_elements":"0.23265","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00079","scoring_system":"epss","scoring_elements":"0.23248","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00079","scoring_system":"epss","scoring_elements":"0.2321","published_at":"2026-05-07T12:55:00Z"},{"value":"0.0008","scoring_system":"epss","scoring_elements":"0.23567","published_at":"2026-05-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-21967"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21930","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21930"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21937","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21937"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21938","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21938"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21939","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21939"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21954","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21954"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21967","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21967"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21968","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21968"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22006","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22006"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22036","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22036"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22041","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22041"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22045","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22045"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22049","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22049"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1035957","reference_id":"1035957","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1035957"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036280","reference_id":"1036280","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036280"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2187704","reference_id":"2187704","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2187704"},{"reference_url":"https://www.debian.org/security/2023/dsa-5430","reference_id":"dsa-5430","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-17T13:34:32Z/"}],"url":"https://www.debian.org/security/2023/dsa-5430"},{"reference_url":"https://www.debian.org/security/2023/dsa-5478","reference_id":"dsa-5478","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-17T13:34:32Z/"}],"url":"https://www.debian.org/security/2023/dsa-5478"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2023/09/msg00018.html","reference_id":"msg00018.html","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-17T13:34:32Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2023/09/msg00018.html"},{"reference_url":"https://security.netapp.com/advisory/ntap-20230427-0008/","reference_id":"ntap-20230427-0008","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-17T13:34:32Z/"}],"url":"https://security.netapp.com/advisory/ntap-20230427-0008/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1875","reference_id":"RHSA-2023:1875","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1875"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1877","reference_id":"RHSA-2023:1877","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1877"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1878","reference_id":"RHSA-2023:1878","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1878"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1879","reference_id":"RHSA-2023:1879","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1879"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1880","reference_id":"RHSA-2023:1880","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1880"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1882","reference_id":"RHSA-2023:1882","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1882"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1883","reference_id":"RHSA-2023:1883","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1883"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1884","reference_id":"RHSA-2023:1884","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1884"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1885","reference_id":"RHSA-2023:1885","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1885"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1889","reference_id":"RHSA-2023:1889","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1889"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1890","reference_id":"RHSA-2023:1890","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1890"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1891","reference_id":"RHSA-2023:1891","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1891"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1892","reference_id":"RHSA-2023:1892","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1892"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1895","reference_id":"RHSA-2023:1895","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1895"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1898","reference_id":"RHSA-2023:1898","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1898"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1899","reference_id":"RHSA-2023:1899","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1899"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1900","reference_id":"RHSA-2023:1900","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1900"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1903","reference_id":"RHSA-2023:1903","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1903"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1904","reference_id":"RHSA-2023:1904","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1904"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1905","reference_id":"RHSA-2023:1905","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1905"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1906","reference_id":"RHSA-2023:1906","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1906"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1907","reference_id":"RHSA-2023:1907","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1907"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1908","reference_id":"RHSA-2023:1908","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1908"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1909","reference_id":"RHSA-2023:1909","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1909"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1910","reference_id":"RHSA-2023:1910","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1910"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1911","reference_id":"RHSA-2023:1911","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1911"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1912","reference_id":"RHSA-2023:1912","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1912"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4103","reference_id":"RHSA-2023:4103","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4103"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4160","reference_id":"RHSA-2023:4160","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4160"},{"reference_url":"https://usn.ubuntu.com/6077-1/","reference_id":"USN-6077-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6077-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/933581?format=json","purl":"pkg:deb/debian/openjdk-11@11.0.19%2B7-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.19%252B7-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933580?format=json","purl":"pkg:deb/debian/openjdk-11@11.0.20%2B8-1~deb11u1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.20%252B8-1~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933555?format=json","purl":"pkg:deb/debian/openjdk-11@11.0.24%2B8-2~deb11u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1gha-995s-7qdg"},{"vulnerability":"VCID-57sd-8y93-qqhu"},{"vulnerability":"VCID-6r1k-8y1c-q7fm"},{"vulnerability":"VCID-jxgd-j4wr-tyb7"},{"vulnerability":"VCID-sz6r-65q1-q3bh"},{"vulnerability":"VCID-xte1-h9nn-4bbk"},{"vulnerability":"VCID-zsun-4q6p-8fek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.24%252B8-2~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933557?format=json","purl":"pkg:deb/debian/openjdk-11@11.0.31~6ea-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.31~6ea-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1062445?format=json","purl":"pkg:deb/debian/openjdk-11@11.0.31~10ea-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.31~10ea-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1067591?format=json","purl":"pkg:deb/debian/openjdk-11@11.0.31~10ea-2?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.31~10ea-2%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1077465?format=json","purl":"pkg:deb/debian/openjdk-11@11.0.31%2B11-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.31%252B11-1%3Fdistro=sid"}],"aliases":["CVE-2023-21967"],"risk_score":2.6,"exploitability":"0.5","weighted_severity":"5.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xk2v-7cgk-13ex"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-11@11.0.20%252B8-1~deb11u1%3Fdistro=sid"}