{"url":"http://public2.vulnerablecode.io/api/packages/933604?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.12%2B7-2~deb11u1?distro=sid","type":"deb","namespace":"debian","name":"openjdk-17","version":"17.0.12+7-2~deb11u1","qualifiers":{"distro":"sid"},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":"17.0.12+7-2~deb12u1","latest_non_vulnerable_version":"17.0.19+10-1","affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/353818?format=json","vulnerability_id":"VCID-1gha-995s-7qdg","summary":"Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JAXP). Supported versions that are affected are Oracle Java SE: 8u481, 8u481-b50, 8u481-perf, 11.0.30, 17.0.18, 21.0.10, 25.0.2, 26; Oracle GraalVM for JDK: 17.0.18 and 21.0.10; Oracle GraalVM Enterprise Edition: 21.3.17. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. CVSS 3.1 Base Score 7.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N).","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-22016.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-22016.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-22016","reference_id":"","reference_type":"","scores":[{"value":"0.00033","scoring_system":"epss","scoring_elements":"0.09688","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00033","scoring_system":"epss","scoring_elements":"0.09722","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00117","scoring_system":"epss","scoring_elements":"0.2995","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00117","scoring_system":"epss","scoring_elements":"0.30087","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-22016"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-22016","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-22016"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1134894","reference_id":"1134894","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1134894"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2460039","reference_id":"2460039","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2460039"},{"reference_url":"https://www.oracle.com/security-alerts/cpuapr2026.html","reference_id":"cpuapr2026.html","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-22T14:11:15Z/"}],"url":"https://www.oracle.com/security-alerts/cpuapr2026.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11403","reference_id":"RHSA-2026:11403","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:11403"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11655","reference_id":"RHSA-2026:11655","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:11655"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11822","reference_id":"RHSA-2026:11822","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:11822"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11829","reference_id":"RHSA-2026:11829","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:11829"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11902","reference_id":"RHSA-2026:11902","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:11902"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9254","reference_id":"RHSA-2026:9254","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9254"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9255","reference_id":"RHSA-2026:9255","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9255"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9256","reference_id":"RHSA-2026:9256","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9256"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9682","reference_id":"RHSA-2026:9682","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9682"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9683","reference_id":"RHSA-2026:9683","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9683"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9684","reference_id":"RHSA-2026:9684","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9684"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9685","reference_id":"RHSA-2026:9685","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9685"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9686","reference_id":"RHSA-2026:9686","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9686"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9687","reference_id":"RHSA-2026:9687","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9687"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9688","reference_id":"RHSA-2026:9688","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9688"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9689","reference_id":"RHSA-2026:9689","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9689"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9690","reference_id":"RHSA-2026:9690","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9690"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9691","reference_id":"RHSA-2026:9691","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9691"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9693","reference_id":"RHSA-2026:9693","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9693"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9694","reference_id":"RHSA-2026:9694","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9694"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1103025?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19%2B10-1~deb11u1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19%252B10-1~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933602?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1gha-995s-7qdg"},{"vulnerability":"VCID-57sd-8y93-qqhu"},{"vulnerability":"VCID-6r1k-8y1c-q7fm"},{"vulnerability":"VCID-jxgd-j4wr-tyb7"},{"vulnerability":"VCID-sz6r-65q1-q3bh"},{"vulnerability":"VCID-xte1-h9nn-4bbk"},{"vulnerability":"VCID-zsun-4q6p-8fek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.17%252B10-1~deb12u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1088715?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19%2B10-1~deb12u2?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19%252B10-1~deb12u2%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1077466?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19%2B10-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19%252B10-1%3Fdistro=sid"}],"aliases":["CVE-2026-22016"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1gha-995s-7qdg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/353650?format=json","vulnerability_id":"VCID-57sd-8y93-qqhu","summary":"Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Networking). Supported versions that are affected are Oracle Java SE: 8u481-perf, 11.0.30, 17.0.18, 21.0.10, 25.0.2, 26; Oracle GraalVM for JDK: 17.0.18 and 21.0.10; Oracle GraalVM Enterprise Edition: 21.3.17. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. CVSS 3.1 Base Score 7.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H).","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-34282.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-34282.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-34282","reference_id":"","reference_type":"","scores":[{"value":"0.0004","scoring_system":"epss","scoring_elements":"0.12067","published_at":"2026-04-26T12:55:00Z"},{"value":"0.0004","scoring_system":"epss","scoring_elements":"0.121","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00047","scoring_system":"epss","scoring_elements":"0.14194","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00047","scoring_system":"epss","scoring_elements":"0.14332","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-34282"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-34282","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-34282"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2460044","reference_id":"2460044","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2460044"},{"reference_url":"https://www.oracle.com/security-alerts/cpuapr2026.html","reference_id":"cpuapr2026.html","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-22T15:33:23Z/"}],"url":"https://www.oracle.com/security-alerts/cpuapr2026.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11403","reference_id":"RHSA-2026:11403","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:11403"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11655","reference_id":"RHSA-2026:11655","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:11655"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11822","reference_id":"RHSA-2026:11822","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:11822"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11829","reference_id":"RHSA-2026:11829","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:11829"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11902","reference_id":"RHSA-2026:11902","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:11902"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9254","reference_id":"RHSA-2026:9254","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9254"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9255","reference_id":"RHSA-2026:9255","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9255"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9256","reference_id":"RHSA-2026:9256","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9256"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9686","reference_id":"RHSA-2026:9686","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9686"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9687","reference_id":"RHSA-2026:9687","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9687"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9688","reference_id":"RHSA-2026:9688","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9688"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9689","reference_id":"RHSA-2026:9689","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9689"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9690","reference_id":"RHSA-2026:9690","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9690"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9691","reference_id":"RHSA-2026:9691","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9691"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9693","reference_id":"RHSA-2026:9693","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9693"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9694","reference_id":"RHSA-2026:9694","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9694"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1103025?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19%2B10-1~deb11u1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19%252B10-1~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933602?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1gha-995s-7qdg"},{"vulnerability":"VCID-57sd-8y93-qqhu"},{"vulnerability":"VCID-6r1k-8y1c-q7fm"},{"vulnerability":"VCID-jxgd-j4wr-tyb7"},{"vulnerability":"VCID-sz6r-65q1-q3bh"},{"vulnerability":"VCID-xte1-h9nn-4bbk"},{"vulnerability":"VCID-zsun-4q6p-8fek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.17%252B10-1~deb12u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1088715?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19%2B10-1~deb12u2?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19%252B10-1~deb12u2%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1077466?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19%2B10-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19%252B10-1%3Fdistro=sid"}],"aliases":["CVE-2026-34282"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-57sd-8y93-qqhu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/353834?format=json","vulnerability_id":"VCID-6r1k-8y1c-q7fm","summary":"Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Security). Supported versions that are affected are Oracle Java SE: 8u481, 8u481-b50, 8u481-perf, 11.0.30, 17.0.18, 21.0.10, 25.0.2, 26; Oracle GraalVM for JDK: 17.0.18 and 21.0.10; Oracle GraalVM Enterprise Edition: 21.3.17. Difficult to exploit vulnerability allows unauthenticated attacker with logon to the infrastructure where Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition executes to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. CVSS 3.1 Base Score 2.9 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N).","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-22007.json","reference_id":"","reference_type":"","scores":[{"value":"2.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-22007.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-22007","reference_id":"","reference_type":"","scores":[{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01698","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01704","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05774","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05765","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-22007"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-22007","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-22007"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"2.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1134894","reference_id":"1134894","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1134894"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2460038","reference_id":"2460038","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2460038"},{"reference_url":"https://www.oracle.com/security-alerts/cpuapr2026.html","reference_id":"cpuapr2026.html","reference_type":"","scores":[{"value":"2.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-22T14:05:16Z/"}],"url":"https://www.oracle.com/security-alerts/cpuapr2026.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11403","reference_id":"RHSA-2026:11403","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:11403"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11655","reference_id":"RHSA-2026:11655","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:11655"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11822","reference_id":"RHSA-2026:11822","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:11822"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11829","reference_id":"RHSA-2026:11829","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:11829"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11902","reference_id":"RHSA-2026:11902","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:11902"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9254","reference_id":"RHSA-2026:9254","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9254"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9255","reference_id":"RHSA-2026:9255","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9255"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9256","reference_id":"RHSA-2026:9256","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9256"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9682","reference_id":"RHSA-2026:9682","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9682"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9683","reference_id":"RHSA-2026:9683","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9683"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9684","reference_id":"RHSA-2026:9684","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9684"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9685","reference_id":"RHSA-2026:9685","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9685"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9686","reference_id":"RHSA-2026:9686","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9686"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9687","reference_id":"RHSA-2026:9687","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9687"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9688","reference_id":"RHSA-2026:9688","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9688"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9689","reference_id":"RHSA-2026:9689","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9689"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9690","reference_id":"RHSA-2026:9690","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9690"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9691","reference_id":"RHSA-2026:9691","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9691"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9693","reference_id":"RHSA-2026:9693","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9693"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9694","reference_id":"RHSA-2026:9694","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9694"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1103025?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19%2B10-1~deb11u1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19%252B10-1~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933602?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1gha-995s-7qdg"},{"vulnerability":"VCID-57sd-8y93-qqhu"},{"vulnerability":"VCID-6r1k-8y1c-q7fm"},{"vulnerability":"VCID-jxgd-j4wr-tyb7"},{"vulnerability":"VCID-sz6r-65q1-q3bh"},{"vulnerability":"VCID-xte1-h9nn-4bbk"},{"vulnerability":"VCID-zsun-4q6p-8fek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.17%252B10-1~deb12u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1088715?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19%2B10-1~deb12u2?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19%252B10-1~deb12u2%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1077466?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19%2B10-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19%252B10-1%3Fdistro=sid"}],"aliases":["CVE-2026-22007"],"risk_score":1.3,"exploitability":"0.5","weighted_severity":"2.6","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6r1k-8y1c-q7fm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/353681?format=json","vulnerability_id":"VCID-jxgd-j4wr-tyb7","summary":"Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Security). Supported versions that are affected are Oracle Java SE: 8u481, 8u481-b50, 8u481-perf, 11.0.30, 17.0.18, 21.0.10, 25.0.2, 26; Oracle GraalVM for JDK: 17.0.18 and 21.0.10; Oracle GraalVM Enterprise Edition: 21.3.17. Difficult to exploit vulnerability allows unauthenticated attacker with logon to the infrastructure where Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition executes to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. CVSS 3.1 Base Score 2.9 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N).","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-34268.json","reference_id":"","reference_type":"","scores":[{"value":"2.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-34268.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-34268","reference_id":"","reference_type":"","scores":[{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01698","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01704","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05774","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05765","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-34268"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-34268","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-34268"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"2.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1134894","reference_id":"1134894","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1134894"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2460043","reference_id":"2460043","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2460043"},{"reference_url":"https://www.oracle.com/security-alerts/cpuapr2026.html","reference_id":"cpuapr2026.html","reference_type":"","scores":[{"value":"2.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-22T13:55:07Z/"}],"url":"https://www.oracle.com/security-alerts/cpuapr2026.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11403","reference_id":"RHSA-2026:11403","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:11403"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11655","reference_id":"RHSA-2026:11655","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:11655"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11822","reference_id":"RHSA-2026:11822","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:11822"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11829","reference_id":"RHSA-2026:11829","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:11829"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11902","reference_id":"RHSA-2026:11902","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:11902"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9254","reference_id":"RHSA-2026:9254","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9254"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9255","reference_id":"RHSA-2026:9255","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9255"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9256","reference_id":"RHSA-2026:9256","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9256"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9682","reference_id":"RHSA-2026:9682","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9682"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9683","reference_id":"RHSA-2026:9683","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9683"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9684","reference_id":"RHSA-2026:9684","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9684"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9685","reference_id":"RHSA-2026:9685","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9685"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9686","reference_id":"RHSA-2026:9686","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9686"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9687","reference_id":"RHSA-2026:9687","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9687"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9688","reference_id":"RHSA-2026:9688","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9688"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9689","reference_id":"RHSA-2026:9689","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9689"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9690","reference_id":"RHSA-2026:9690","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9690"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9691","reference_id":"RHSA-2026:9691","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9691"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9693","reference_id":"RHSA-2026:9693","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9693"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9694","reference_id":"RHSA-2026:9694","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9694"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1103025?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19%2B10-1~deb11u1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19%252B10-1~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933602?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1gha-995s-7qdg"},{"vulnerability":"VCID-57sd-8y93-qqhu"},{"vulnerability":"VCID-6r1k-8y1c-q7fm"},{"vulnerability":"VCID-jxgd-j4wr-tyb7"},{"vulnerability":"VCID-sz6r-65q1-q3bh"},{"vulnerability":"VCID-xte1-h9nn-4bbk"},{"vulnerability":"VCID-zsun-4q6p-8fek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.17%252B10-1~deb12u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1088715?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19%2B10-1~deb12u2?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19%252B10-1~deb12u2%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1077466?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19%2B10-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19%252B10-1%3Fdistro=sid"}],"aliases":["CVE-2026-34268"],"risk_score":1.3,"exploitability":"0.5","weighted_severity":"2.6","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-jxgd-j4wr-tyb7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/353829?format=json","vulnerability_id":"VCID-sz6r-65q1-q3bh","summary":"Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE). Supported versions that are affected are Oracle Java SE: 8u481, 8u481-b50, 8u481-perf, 11.0.30, 17.0.18, 21.0.10, 25.0.2, 26; Oracle GraalVM for JDK: 17.0.18 and 21.0.10; Oracle GraalVM Enterprise Edition: 21.3.17. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. CVSS 3.1 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-22021.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-22021.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-22021","reference_id":"","reference_type":"","scores":[{"value":"0.00039","scoring_system":"epss","scoring_elements":"0.11627","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00039","scoring_system":"epss","scoring_elements":"0.11666","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00047","scoring_system":"epss","scoring_elements":"0.14194","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00047","scoring_system":"epss","scoring_elements":"0.14332","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-22021"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-22021","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-22021"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1134894","reference_id":"1134894","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1134894"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2460042","reference_id":"2460042","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2460042"},{"reference_url":"https://www.oracle.com/security-alerts/cpuapr2026.html","reference_id":"cpuapr2026.html","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-22T13:58:16Z/"}],"url":"https://www.oracle.com/security-alerts/cpuapr2026.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11403","reference_id":"RHSA-2026:11403","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:11403"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11655","reference_id":"RHSA-2026:11655","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:11655"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11822","reference_id":"RHSA-2026:11822","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:11822"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11829","reference_id":"RHSA-2026:11829","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:11829"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11902","reference_id":"RHSA-2026:11902","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:11902"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9254","reference_id":"RHSA-2026:9254","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9254"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9255","reference_id":"RHSA-2026:9255","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9255"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9256","reference_id":"RHSA-2026:9256","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9256"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9682","reference_id":"RHSA-2026:9682","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9682"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9683","reference_id":"RHSA-2026:9683","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9683"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9684","reference_id":"RHSA-2026:9684","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9684"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9685","reference_id":"RHSA-2026:9685","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9685"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9686","reference_id":"RHSA-2026:9686","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9686"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9687","reference_id":"RHSA-2026:9687","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9687"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9688","reference_id":"RHSA-2026:9688","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9688"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9689","reference_id":"RHSA-2026:9689","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9689"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9690","reference_id":"RHSA-2026:9690","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9690"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9691","reference_id":"RHSA-2026:9691","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9691"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9693","reference_id":"RHSA-2026:9693","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9693"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9694","reference_id":"RHSA-2026:9694","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9694"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1103025?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19%2B10-1~deb11u1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19%252B10-1~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933602?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1gha-995s-7qdg"},{"vulnerability":"VCID-57sd-8y93-qqhu"},{"vulnerability":"VCID-6r1k-8y1c-q7fm"},{"vulnerability":"VCID-jxgd-j4wr-tyb7"},{"vulnerability":"VCID-sz6r-65q1-q3bh"},{"vulnerability":"VCID-xte1-h9nn-4bbk"},{"vulnerability":"VCID-zsun-4q6p-8fek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.17%252B10-1~deb12u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1088715?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19%2B10-1~deb12u2?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19%252B10-1~deb12u2%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1077466?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19%2B10-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19%252B10-1%3Fdistro=sid"}],"aliases":["CVE-2026-22021"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-sz6r-65q1-q3bh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/353832?format=json","vulnerability_id":"VCID-xte1-h9nn-4bbk","summary":"Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Oracle Java SE: 8u481, 8u481-b50, 8u481-perf, 11.0.30, 17.0.18, 21.0.10, 25.0.2, 26; Oracle GraalVM for JDK: 17.0.18 and 21.0.10; Oracle GraalVM Enterprise Edition: 21.3.17. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. CVSS 3.1 Base Score 3.7 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L).","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-22018.json","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-22018.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-22018","reference_id":"","reference_type":"","scores":[{"value":"0.00039","scoring_system":"epss","scoring_elements":"0.11627","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00039","scoring_system":"epss","scoring_elements":"0.11666","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00047","scoring_system":"epss","scoring_elements":"0.14194","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00047","scoring_system":"epss","scoring_elements":"0.14332","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-22018"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-22018","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-22018"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1134894","reference_id":"1134894","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1134894"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2460041","reference_id":"2460041","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2460041"},{"reference_url":"https://www.oracle.com/security-alerts/cpuapr2026.html","reference_id":"cpuapr2026.html","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-22T14:05:52Z/"}],"url":"https://www.oracle.com/security-alerts/cpuapr2026.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11403","reference_id":"RHSA-2026:11403","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:11403"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11655","reference_id":"RHSA-2026:11655","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:11655"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11822","reference_id":"RHSA-2026:11822","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:11822"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11829","reference_id":"RHSA-2026:11829","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:11829"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11902","reference_id":"RHSA-2026:11902","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:11902"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9254","reference_id":"RHSA-2026:9254","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9254"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9255","reference_id":"RHSA-2026:9255","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9255"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9256","reference_id":"RHSA-2026:9256","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9256"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9682","reference_id":"RHSA-2026:9682","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9682"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9683","reference_id":"RHSA-2026:9683","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9683"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9684","reference_id":"RHSA-2026:9684","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9684"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9685","reference_id":"RHSA-2026:9685","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9685"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9686","reference_id":"RHSA-2026:9686","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9686"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9687","reference_id":"RHSA-2026:9687","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9687"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9688","reference_id":"RHSA-2026:9688","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9688"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9689","reference_id":"RHSA-2026:9689","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9689"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9690","reference_id":"RHSA-2026:9690","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9690"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9691","reference_id":"RHSA-2026:9691","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9691"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9693","reference_id":"RHSA-2026:9693","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9693"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9694","reference_id":"RHSA-2026:9694","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9694"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1103025?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19%2B10-1~deb11u1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19%252B10-1~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933602?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1gha-995s-7qdg"},{"vulnerability":"VCID-57sd-8y93-qqhu"},{"vulnerability":"VCID-6r1k-8y1c-q7fm"},{"vulnerability":"VCID-jxgd-j4wr-tyb7"},{"vulnerability":"VCID-sz6r-65q1-q3bh"},{"vulnerability":"VCID-xte1-h9nn-4bbk"},{"vulnerability":"VCID-zsun-4q6p-8fek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.17%252B10-1~deb12u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1088715?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19%2B10-1~deb12u2?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19%252B10-1~deb12u2%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1077466?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19%2B10-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19%252B10-1%3Fdistro=sid"}],"aliases":["CVE-2026-22018"],"risk_score":1.6,"exploitability":"0.5","weighted_severity":"3.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xte1-h9nn-4bbk"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/353820?format=json","vulnerability_id":"VCID-zsun-4q6p-8fek","summary":"Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JGSS). Supported versions that are affected are Oracle Java SE: 8u481, 8u481-b50, 8u481-perf, 11.0.30, 17.0.18, 21.0.10, 25.0.2, 26; Oracle GraalVM for JDK: 17.0.18 and 21.0.10; Oracle GraalVM Enterprise Edition: 21.3.17. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.1 Base Score 5.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N).","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-22013.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-22013.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-22013","reference_id":"","reference_type":"","scores":[{"value":"0.0004","scoring_system":"epss","scoring_elements":"0.12084","published_at":"2026-04-26T12:55:00Z"},{"value":"0.0004","scoring_system":"epss","scoring_elements":"0.12118","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00052","scoring_system":"epss","scoring_elements":"0.15882","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00052","scoring_system":"epss","scoring_elements":"0.16002","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-22013"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-22013","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-22013"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1134894","reference_id":"1134894","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1134894"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2460040","reference_id":"2460040","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2460040"},{"reference_url":"https://www.oracle.com/security-alerts/cpuapr2026.html","reference_id":"cpuapr2026.html","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-22T14:09:34Z/"}],"url":"https://www.oracle.com/security-alerts/cpuapr2026.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11403","reference_id":"RHSA-2026:11403","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:11403"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11655","reference_id":"RHSA-2026:11655","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:11655"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11822","reference_id":"RHSA-2026:11822","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:11822"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11829","reference_id":"RHSA-2026:11829","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:11829"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11902","reference_id":"RHSA-2026:11902","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:11902"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9254","reference_id":"RHSA-2026:9254","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9254"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9255","reference_id":"RHSA-2026:9255","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9255"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9256","reference_id":"RHSA-2026:9256","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9256"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9682","reference_id":"RHSA-2026:9682","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9682"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9683","reference_id":"RHSA-2026:9683","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9683"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9684","reference_id":"RHSA-2026:9684","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9684"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9685","reference_id":"RHSA-2026:9685","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9685"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9686","reference_id":"RHSA-2026:9686","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9686"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9687","reference_id":"RHSA-2026:9687","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9687"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9688","reference_id":"RHSA-2026:9688","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9688"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9689","reference_id":"RHSA-2026:9689","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9689"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9690","reference_id":"RHSA-2026:9690","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9690"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9691","reference_id":"RHSA-2026:9691","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9691"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9693","reference_id":"RHSA-2026:9693","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9693"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9694","reference_id":"RHSA-2026:9694","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9694"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1103025?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19%2B10-1~deb11u1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19%252B10-1~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933602?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1gha-995s-7qdg"},{"vulnerability":"VCID-57sd-8y93-qqhu"},{"vulnerability":"VCID-6r1k-8y1c-q7fm"},{"vulnerability":"VCID-jxgd-j4wr-tyb7"},{"vulnerability":"VCID-sz6r-65q1-q3bh"},{"vulnerability":"VCID-xte1-h9nn-4bbk"},{"vulnerability":"VCID-zsun-4q6p-8fek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.17%252B10-1~deb12u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1088715?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19%2B10-1~deb12u2?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19%252B10-1~deb12u2%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1077466?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19%2B10-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19%252B10-1%3Fdistro=sid"}],"aliases":["CVE-2026-22013"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zsun-4q6p-8fek"}],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/70352?format=json","vulnerability_id":"VCID-11vj-5zz4-6fe7","summary":"openjdk: Enhance Buffered Image handling (Oracle CPU 2025-04)","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-30698.json","reference_id":"","reference_type":"","scores":[{"value":"5.6","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-30698.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-30698","reference_id":"","reference_type":"","scores":[{"value":"0.00605","scoring_system":"epss","scoring_elements":"0.69565","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00605","scoring_system":"epss","scoring_elements":"0.69692","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00605","scoring_system":"epss","scoring_elements":"0.69703","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00605","scoring_system":"epss","scoring_elements":"0.69712","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00605","scoring_system":"epss","scoring_elements":"0.69717","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00605","scoring_system":"epss","scoring_elements":"0.69581","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00605","scoring_system":"epss","scoring_elements":"0.6956","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00605","scoring_system":"epss","scoring_elements":"0.69611","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00605","scoring_system":"epss","scoring_elements":"0.69627","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00605","scoring_system":"epss","scoring_elements":"0.6965","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00605","scoring_system":"epss","scoring_elements":"0.69635","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00605","scoring_system":"epss","scoring_elements":"0.69621","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00605","scoring_system":"epss","scoring_elements":"0.69661","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00605","scoring_system":"epss","scoring_elements":"0.6967","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00605","scoring_system":"epss","scoring_elements":"0.69651","published_at":"2026-04-21T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-30698"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-30698","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-30698"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103897","reference_id":"1103897","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103897"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103898","reference_id":"1103898","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103898"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103899","reference_id":"1103899","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103899"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103900","reference_id":"1103900","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103900"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2359693","reference_id":"2359693","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2359693"},{"reference_url":"https://www.oracle.com/security-alerts/cpuapr2025.html","reference_id":"cpuapr2025.html","reference_type":"","scores":[{"value":"5.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-16T14:13:36Z/"}],"url":"https://www.oracle.com/security-alerts/cpuapr2025.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3844","reference_id":"RHSA-2025:3844","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3844"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3845","reference_id":"RHSA-2025:3845","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3845"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3846","reference_id":"RHSA-2025:3846","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3846"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3847","reference_id":"RHSA-2025:3847","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3847"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3848","reference_id":"RHSA-2025:3848","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3848"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3849","reference_id":"RHSA-2025:3849","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3849"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3850","reference_id":"RHSA-2025:3850","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3850"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3852","reference_id":"RHSA-2025:3852","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3852"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3853","reference_id":"RHSA-2025:3853","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3853"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3854","reference_id":"RHSA-2025:3854","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3854"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3855","reference_id":"RHSA-2025:3855","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3855"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3856","reference_id":"RHSA-2025:3856","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3856"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3857","reference_id":"RHSA-2025:3857","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3857"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:7508","reference_id":"RHSA-2025:7508","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:7508"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8063","reference_id":"RHSA-2025:8063","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:8063"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8431","reference_id":"RHSA-2025:8431","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:8431"},{"reference_url":"https://usn.ubuntu.com/7480-1/","reference_id":"USN-7480-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7480-1/"},{"reference_url":"https://usn.ubuntu.com/7481-1/","reference_id":"USN-7481-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7481-1/"},{"reference_url":"https://usn.ubuntu.com/7482-1/","reference_id":"USN-7482-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7482-1/"},{"reference_url":"https://usn.ubuntu.com/7483-1/","reference_id":"USN-7483-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7483-1/"},{"reference_url":"https://usn.ubuntu.com/7484-1/","reference_id":"USN-7484-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7484-1/"},{"reference_url":"https://usn.ubuntu.com/7531-1/","reference_id":"USN-7531-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7531-1/"},{"reference_url":"https://usn.ubuntu.com/7533-1/","reference_id":"USN-7533-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7533-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/933604?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.12%2B7-2~deb11u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1gha-995s-7qdg"},{"vulnerability":"VCID-57sd-8y93-qqhu"},{"vulnerability":"VCID-6r1k-8y1c-q7fm"},{"vulnerability":"VCID-jxgd-j4wr-tyb7"},{"vulnerability":"VCID-sz6r-65q1-q3bh"},{"vulnerability":"VCID-xte1-h9nn-4bbk"},{"vulnerability":"VCID-zsun-4q6p-8fek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.12%252B7-2~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933641?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.15%2B6-1~deb11u1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.15%252B6-1~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933640?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.15%2B6-1~deb12u1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.15%252B6-1~deb12u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933642?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.15%2B6-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.15%252B6-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933602?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1gha-995s-7qdg"},{"vulnerability":"VCID-57sd-8y93-qqhu"},{"vulnerability":"VCID-6r1k-8y1c-q7fm"},{"vulnerability":"VCID-jxgd-j4wr-tyb7"},{"vulnerability":"VCID-sz6r-65q1-q3bh"},{"vulnerability":"VCID-xte1-h9nn-4bbk"},{"vulnerability":"VCID-zsun-4q6p-8fek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.17%252B10-1~deb12u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933605?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~6ea-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~6ea-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1062446?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~9ea-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1067592?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~9ea-2?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-2%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1077466?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19%2B10-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19%252B10-1%3Fdistro=sid"}],"aliases":["CVE-2025-30698"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-11vj-5zz4-6fe7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/66833?format=json","vulnerability_id":"VCID-13t7-vubq-8kae","summary":"openjdk: Enhance certificate handling (Oracle CPU 2025-10)","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-53057.json","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-53057.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-53057","reference_id":"","reference_type":"","scores":[{"value":"0.00058","scoring_system":"epss","scoring_elements":"0.18209","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00075","scoring_system":"epss","scoring_elements":"0.22288","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00075","scoring_system":"epss","scoring_elements":"0.22702","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00075","scoring_system":"epss","scoring_elements":"0.22397","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00075","scoring_system":"epss","scoring_elements":"0.22386","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00075","scoring_system":"epss","scoring_elements":"0.22384","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00075","scoring_system":"epss","scoring_elements":"0.22747","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00075","scoring_system":"epss","scoring_elements":"0.22535","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00075","scoring_system":"epss","scoring_elements":"0.22612","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00075","scoring_system":"epss","scoring_elements":"0.22666","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00075","scoring_system":"epss","scoring_elements":"0.22683","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00075","scoring_system":"epss","scoring_elements":"0.22642","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00075","scoring_system":"epss","scoring_elements":"0.22587","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00075","scoring_system":"epss","scoring_elements":"0.22602","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00075","scoring_system":"epss","scoring_elements":"0.22599","published_at":"2026-04-18T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-53057"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-53057","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-53057"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1118944","reference_id":"1118944","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1118944"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2403082","reference_id":"2403082","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2403082"},{"reference_url":"https://www.oracle.com/security-alerts/cpuoct2025.html","reference_id":"cpuoct2025.html","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-22T14:46:38Z/"}],"url":"https://www.oracle.com/security-alerts/cpuoct2025.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:18814","reference_id":"RHSA-2025:18814","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:18814"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:18815","reference_id":"RHSA-2025:18815","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:18815"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:18816","reference_id":"RHSA-2025:18816","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:18816"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:18817","reference_id":"RHSA-2025:18817","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:18817"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:18818","reference_id":"RHSA-2025:18818","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:18818"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:18819","reference_id":"RHSA-2025:18819","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:18819"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:18820","reference_id":"RHSA-2025:18820","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:18820"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:18821","reference_id":"RHSA-2025:18821","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:18821"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:18822","reference_id":"RHSA-2025:18822","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:18822"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:18823","reference_id":"RHSA-2025:18823","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:18823"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:18824","reference_id":"RHSA-2025:18824","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:18824"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:18825","reference_id":"RHSA-2025:18825","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:18825"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:18826","reference_id":"RHSA-2025:18826","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:18826"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21485","reference_id":"RHSA-2025:21485","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21485"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22370","reference_id":"RHSA-2025:22370","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:22370"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22672","reference_id":"RHSA-2025:22672","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:22672"},{"reference_url":"https://usn.ubuntu.com/7881-1/","reference_id":"USN-7881-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7881-1/"},{"reference_url":"https://usn.ubuntu.com/7882-1/","reference_id":"USN-7882-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7882-1/"},{"reference_url":"https://usn.ubuntu.com/7883-1/","reference_id":"USN-7883-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7883-1/"},{"reference_url":"https://usn.ubuntu.com/7884-1/","reference_id":"USN-7884-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7884-1/"},{"reference_url":"https://usn.ubuntu.com/7885-1/","reference_id":"USN-7885-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7885-1/"},{"reference_url":"https://usn.ubuntu.com/7900-1/","reference_id":"USN-7900-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7900-1/"},{"reference_url":"https://usn.ubuntu.com/7901-1/","reference_id":"USN-7901-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7901-1/"},{"reference_url":"https://usn.ubuntu.com/7902-1/","reference_id":"USN-7902-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7902-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/933604?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.12%2B7-2~deb11u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1gha-995s-7qdg"},{"vulnerability":"VCID-57sd-8y93-qqhu"},{"vulnerability":"VCID-6r1k-8y1c-q7fm"},{"vulnerability":"VCID-jxgd-j4wr-tyb7"},{"vulnerability":"VCID-sz6r-65q1-q3bh"},{"vulnerability":"VCID-xte1-h9nn-4bbk"},{"vulnerability":"VCID-zsun-4q6p-8fek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.12%252B7-2~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933646?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb11u1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.17%252B10-1~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933602?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1gha-995s-7qdg"},{"vulnerability":"VCID-57sd-8y93-qqhu"},{"vulnerability":"VCID-6r1k-8y1c-q7fm"},{"vulnerability":"VCID-jxgd-j4wr-tyb7"},{"vulnerability":"VCID-sz6r-65q1-q3bh"},{"vulnerability":"VCID-xte1-h9nn-4bbk"},{"vulnerability":"VCID-zsun-4q6p-8fek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.17%252B10-1~deb12u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933647?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.17%2B10-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.17%252B10-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933605?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~6ea-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~6ea-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1062446?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~9ea-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1067592?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~9ea-2?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-2%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1077466?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19%2B10-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19%252B10-1%3Fdistro=sid"}],"aliases":["CVE-2025-53057"],"risk_score":2.6,"exploitability":"0.5","weighted_severity":"5.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-13t7-vubq-8kae"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/31964?format=json","vulnerability_id":"VCID-1buj-5nv9-bbcd","summary":"Multiple vulnerabilities have been discovered in OpenJDK, the worst of which could lead to remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-22044.json","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-22044.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-22044","reference_id":"","reference_type":"","scores":[{"value":"0.00122","scoring_system":"epss","scoring_elements":"0.30766","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00122","scoring_system":"epss","scoring_elements":"0.31292","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00122","scoring_system":"epss","scoring_elements":"0.3112","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00122","scoring_system":"epss","scoring_elements":"0.30999","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00122","scoring_system":"epss","scoring_elements":"0.30916","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00141","scoring_system":"epss","scoring_elements":"0.34329","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00141","scoring_system":"epss","scoring_elements":"0.34387","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00141","scoring_system":"epss","scoring_elements":"0.34316","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00141","scoring_system":"epss","scoring_elements":"0.34415","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00141","scoring_system":"epss","scoring_elements":"0.34282","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00141","scoring_system":"epss","scoring_elements":"0.34325","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00141","scoring_system":"epss","scoring_elements":"0.34355","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00141","scoring_system":"epss","scoring_elements":"0.34357","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00141","scoring_system":"epss","scoring_elements":"0.34317","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00141","scoring_system":"epss","scoring_elements":"0.34294","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-22044"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22044","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22044"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2221642","reference_id":"2221642","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2221642"},{"reference_url":"https://www.oracle.com/security-alerts/cpujul2023.html","reference_id":"cpujul2023.html","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-13T16:29:00Z/"}],"url":"https://www.oracle.com/security-alerts/cpujul2023.html"},{"reference_url":"https://www.debian.org/security/2023/dsa-5458","reference_id":"dsa-5458","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-13T16:29:00Z/"}],"url":"https://www.debian.org/security/2023/dsa-5458"},{"reference_url":"https://security.gentoo.org/glsa/202407-24","reference_id":"GLSA-202407-24","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202407-24"},{"reference_url":"https://security.gentoo.org/glsa/202412-07","reference_id":"GLSA-202412-07","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-07"},{"reference_url":"https://security.netapp.com/advisory/ntap-20230725-0006/","reference_id":"ntap-20230725-0006","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-13T16:29:00Z/"}],"url":"https://security.netapp.com/advisory/ntap-20230725-0006/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4159","reference_id":"RHSA-2023:4159","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4159"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4169","reference_id":"RHSA-2023:4169","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4169"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4170","reference_id":"RHSA-2023:4170","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4170"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4171","reference_id":"RHSA-2023:4171","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4171"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4177","reference_id":"RHSA-2023:4177","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4177"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4210","reference_id":"RHSA-2023:4210","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4210"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4211","reference_id":"RHSA-2023:4211","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4211"},{"reference_url":"https://usn.ubuntu.com/6263-1/","reference_id":"USN-6263-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6263-1/"},{"reference_url":"https://usn.ubuntu.com/6272-1/","reference_id":"USN-6272-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6272-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/933621?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.8%2B7-1~deb12u1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.8%252B7-1~deb12u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933622?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.8%2B7-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.8%252B7-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933604?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.12%2B7-2~deb11u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1gha-995s-7qdg"},{"vulnerability":"VCID-57sd-8y93-qqhu"},{"vulnerability":"VCID-6r1k-8y1c-q7fm"},{"vulnerability":"VCID-jxgd-j4wr-tyb7"},{"vulnerability":"VCID-sz6r-65q1-q3bh"},{"vulnerability":"VCID-xte1-h9nn-4bbk"},{"vulnerability":"VCID-zsun-4q6p-8fek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.12%252B7-2~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933602?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1gha-995s-7qdg"},{"vulnerability":"VCID-57sd-8y93-qqhu"},{"vulnerability":"VCID-6r1k-8y1c-q7fm"},{"vulnerability":"VCID-jxgd-j4wr-tyb7"},{"vulnerability":"VCID-sz6r-65q1-q3bh"},{"vulnerability":"VCID-xte1-h9nn-4bbk"},{"vulnerability":"VCID-zsun-4q6p-8fek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.17%252B10-1~deb12u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933605?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~6ea-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~6ea-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1062446?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~9ea-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1067592?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~9ea-2?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-2%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1077466?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19%2B10-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19%252B10-1%3Fdistro=sid"}],"aliases":["CVE-2023-22044"],"risk_score":1.6,"exploitability":"0.5","weighted_severity":"3.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1buj-5nv9-bbcd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/79485?format=json","vulnerability_id":"VCID-1d6t-ndfc-m7hg","summary":"OpenJDK: Missing check for negative ObjectIdentifier (Libraries, 8275151)","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21443.json","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21443.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-21443","reference_id":"","reference_type":"","scores":[{"value":"0.00058","scoring_system":"epss","scoring_elements":"0.17767","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00058","scoring_system":"epss","scoring_elements":"0.18274","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00058","scoring_system":"epss","scoring_elements":"0.18326","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00058","scoring_system":"epss","scoring_elements":"0.18029","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00058","scoring_system":"epss","scoring_elements":"0.18111","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00058","scoring_system":"epss","scoring_elements":"0.18168","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00058","scoring_system":"epss","scoring_elements":"0.18174","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00058","scoring_system":"epss","scoring_elements":"0.18126","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00058","scoring_system":"epss","scoring_elements":"0.18078","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00058","scoring_system":"epss","scoring_elements":"0.1802","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00058","scoring_system":"epss","scoring_elements":"0.18033","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00058","scoring_system":"epss","scoring_elements":"0.18067","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00058","scoring_system":"epss","scoring_elements":"0.17976","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00058","scoring_system":"epss","scoring_elements":"0.17952","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00058","scoring_system":"epss","scoring_elements":"0.17914","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-21443"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21426","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21426"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21434","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21434"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21443","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21443"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21449","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21449"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21476","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21476"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21496","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21496"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2075793","reference_id":"2075793","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2075793"},{"reference_url":"https://security.archlinux.org/AVG-2686","reference_id":"AVG-2686","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2686"},{"reference_url":"https://security.archlinux.org/AVG-2687","reference_id":"AVG-2687","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2687"},{"reference_url":"https://security.archlinux.org/AVG-2688","reference_id":"AVG-2688","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2688"},{"reference_url":"https://security.archlinux.org/AVG-2689","reference_id":"AVG-2689","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2689"},{"reference_url":"https://www.debian.org/security/2022/dsa-5128","reference_id":"dsa-5128","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-24T15:31:25Z/"}],"url":"https://www.debian.org/security/2022/dsa-5128"},{"reference_url":"https://www.debian.org/security/2022/dsa-5131","reference_id":"dsa-5131","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-24T15:31:25Z/"}],"url":"https://www.debian.org/security/2022/dsa-5131"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2022/05/msg00017.html","reference_id":"msg00017.html","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-24T15:31:25Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2022/05/msg00017.html"},{"reference_url":"https://security.netapp.com/advisory/ntap-20220429-0006/","reference_id":"ntap-20220429-0006","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-24T15:31:25Z/"}],"url":"https://security.netapp.com/advisory/ntap-20220429-0006/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:1435","reference_id":"RHSA-2022:1435","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:1435"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:1436","reference_id":"RHSA-2022:1436","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:1436"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:1437","reference_id":"RHSA-2022:1437","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:1437"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:1438","reference_id":"RHSA-2022:1438","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:1438"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:1439","reference_id":"RHSA-2022:1439","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:1439"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:1440","reference_id":"RHSA-2022:1440","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:1440"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:1441","reference_id":"RHSA-2022:1441","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:1441"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:1442","reference_id":"RHSA-2022:1442","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:1442"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:1443","reference_id":"RHSA-2022:1443","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:1443"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:1444","reference_id":"RHSA-2022:1444","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:1444"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:1445","reference_id":"RHSA-2022:1445","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:1445"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:1487","reference_id":"RHSA-2022:1487","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:1487"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:1488","reference_id":"RHSA-2022:1488","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:1488"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:1489","reference_id":"RHSA-2022:1489","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:1489"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:1490","reference_id":"RHSA-2022:1490","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:1490"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:1491","reference_id":"RHSA-2022:1491","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:1491"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:1492","reference_id":"RHSA-2022:1492","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:1492"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:1728","reference_id":"RHSA-2022:1728","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:1728"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:1729","reference_id":"RHSA-2022:1729","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:1729"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:2137","reference_id":"RHSA-2022:2137","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:2137"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:4957","reference_id":"RHSA-2022:4957","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:4957"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:4959","reference_id":"RHSA-2022:4959","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:4959"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5837","reference_id":"RHSA-2022:5837","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5837"},{"reference_url":"https://usn.ubuntu.com/5388-1/","reference_id":"USN-5388-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5388-1/"},{"reference_url":"https://usn.ubuntu.com/5388-2/","reference_id":"USN-5388-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5388-2/"},{"reference_url":"https://usn.ubuntu.com/5546-1/","reference_id":"USN-5546-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5546-1/"},{"reference_url":"https://usn.ubuntu.com/5546-2/","reference_id":"USN-5546-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5546-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/933612?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.3%2B7-1~deb11u1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.3%252B7-1~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933611?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.3%2B7-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.3%252B7-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933604?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.12%2B7-2~deb11u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1gha-995s-7qdg"},{"vulnerability":"VCID-57sd-8y93-qqhu"},{"vulnerability":"VCID-6r1k-8y1c-q7fm"},{"vulnerability":"VCID-jxgd-j4wr-tyb7"},{"vulnerability":"VCID-sz6r-65q1-q3bh"},{"vulnerability":"VCID-xte1-h9nn-4bbk"},{"vulnerability":"VCID-zsun-4q6p-8fek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.12%252B7-2~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933602?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1gha-995s-7qdg"},{"vulnerability":"VCID-57sd-8y93-qqhu"},{"vulnerability":"VCID-6r1k-8y1c-q7fm"},{"vulnerability":"VCID-jxgd-j4wr-tyb7"},{"vulnerability":"VCID-sz6r-65q1-q3bh"},{"vulnerability":"VCID-xte1-h9nn-4bbk"},{"vulnerability":"VCID-zsun-4q6p-8fek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.17%252B10-1~deb12u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933605?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~6ea-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~6ea-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1062446?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~9ea-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1067592?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~9ea-2?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-2%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1077466?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19%2B10-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19%252B10-1%3Fdistro=sid"}],"aliases":["CVE-2022-21443"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1d6t-ndfc-m7hg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/353818?format=json","vulnerability_id":"VCID-1gha-995s-7qdg","summary":"Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JAXP). Supported versions that are affected are Oracle Java SE: 8u481, 8u481-b50, 8u481-perf, 11.0.30, 17.0.18, 21.0.10, 25.0.2, 26; Oracle GraalVM for JDK: 17.0.18 and 21.0.10; Oracle GraalVM Enterprise Edition: 21.3.17. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. CVSS 3.1 Base Score 7.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N).","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-22016.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-22016.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-22016","reference_id":"","reference_type":"","scores":[{"value":"0.00033","scoring_system":"epss","scoring_elements":"0.09688","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00033","scoring_system":"epss","scoring_elements":"0.09722","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00117","scoring_system":"epss","scoring_elements":"0.2995","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00117","scoring_system":"epss","scoring_elements":"0.30087","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-22016"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-22016","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-22016"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1134894","reference_id":"1134894","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1134894"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2460039","reference_id":"2460039","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2460039"},{"reference_url":"https://www.oracle.com/security-alerts/cpuapr2026.html","reference_id":"cpuapr2026.html","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-22T14:11:15Z/"}],"url":"https://www.oracle.com/security-alerts/cpuapr2026.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11403","reference_id":"RHSA-2026:11403","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:11403"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11655","reference_id":"RHSA-2026:11655","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:11655"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11822","reference_id":"RHSA-2026:11822","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:11822"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11829","reference_id":"RHSA-2026:11829","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:11829"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11902","reference_id":"RHSA-2026:11902","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:11902"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9254","reference_id":"RHSA-2026:9254","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9254"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9255","reference_id":"RHSA-2026:9255","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9255"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9256","reference_id":"RHSA-2026:9256","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9256"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9682","reference_id":"RHSA-2026:9682","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9682"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9683","reference_id":"RHSA-2026:9683","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9683"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9684","reference_id":"RHSA-2026:9684","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9684"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9685","reference_id":"RHSA-2026:9685","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9685"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9686","reference_id":"RHSA-2026:9686","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9686"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9687","reference_id":"RHSA-2026:9687","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9687"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9688","reference_id":"RHSA-2026:9688","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9688"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9689","reference_id":"RHSA-2026:9689","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9689"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9690","reference_id":"RHSA-2026:9690","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9690"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9691","reference_id":"RHSA-2026:9691","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9691"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9693","reference_id":"RHSA-2026:9693","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9693"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9694","reference_id":"RHSA-2026:9694","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9694"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1103025?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19%2B10-1~deb11u1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19%252B10-1~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933604?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.12%2B7-2~deb11u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1gha-995s-7qdg"},{"vulnerability":"VCID-57sd-8y93-qqhu"},{"vulnerability":"VCID-6r1k-8y1c-q7fm"},{"vulnerability":"VCID-jxgd-j4wr-tyb7"},{"vulnerability":"VCID-sz6r-65q1-q3bh"},{"vulnerability":"VCID-xte1-h9nn-4bbk"},{"vulnerability":"VCID-zsun-4q6p-8fek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.12%252B7-2~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933602?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1gha-995s-7qdg"},{"vulnerability":"VCID-57sd-8y93-qqhu"},{"vulnerability":"VCID-6r1k-8y1c-q7fm"},{"vulnerability":"VCID-jxgd-j4wr-tyb7"},{"vulnerability":"VCID-sz6r-65q1-q3bh"},{"vulnerability":"VCID-xte1-h9nn-4bbk"},{"vulnerability":"VCID-zsun-4q6p-8fek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.17%252B10-1~deb12u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1088715?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19%2B10-1~deb12u2?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19%252B10-1~deb12u2%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1077466?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19%2B10-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19%252B10-1%3Fdistro=sid"}],"aliases":["CVE-2026-22016"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1gha-995s-7qdg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/76844?format=json","vulnerability_id":"VCID-2tju-1r8k-sbf9","summary":"OpenJDK: C2 compilation fails with \"Exceeded _node_regs array\" (8317507)","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21094.json","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21094.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-21094","reference_id":"","reference_type":"","scores":[{"value":"0.00417","scoring_system":"epss","scoring_elements":"0.61735","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00417","scoring_system":"epss","scoring_elements":"0.61756","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00417","scoring_system":"epss","scoring_elements":"0.61798","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00417","scoring_system":"epss","scoring_elements":"0.61803","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00417","scoring_system":"epss","scoring_elements":"0.61786","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00417","scoring_system":"epss","scoring_elements":"0.61781","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00417","scoring_system":"epss","scoring_elements":"0.61799","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00417","scoring_system":"epss","scoring_elements":"0.61792","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00417","scoring_system":"epss","scoring_elements":"0.617","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00417","scoring_system":"epss","scoring_elements":"0.6173","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00417","scoring_system":"epss","scoring_elements":"0.61701","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00417","scoring_system":"epss","scoring_elements":"0.6175","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00417","scoring_system":"epss","scoring_elements":"0.61766","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00417","scoring_system":"epss","scoring_elements":"0.61787","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00417","scoring_system":"epss","scoring_elements":"0.61775","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-21094"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21011","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21011"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21012","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21012"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21068","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21068"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21085","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21085"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21094","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21094"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1069678","reference_id":"1069678","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1069678"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2275005","reference_id":"2275005","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2275005"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm:20.3.13:*:*:*:enterprise:*:*:*","reference_id":"cpe:2.3:a:oracle:graalvm:20.3.13:*:*:*:enterprise:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm:20.3.13:*:*:*:enterprise:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm:21.3.9:*:*:*:enterprise:*:*:*","reference_id":"cpe:2.3:a:oracle:graalvm:21.3.9:*:*:*:enterprise:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm:21.3.9:*:*:*:enterprise:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:17.0.10:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:graalvm_for_jdk:17.0.10:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:17.0.10:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:21.0.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:graalvm_for_jdk:21.0.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:21.0.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:22:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:graalvm_for_jdk:22:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:22:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:11.0.22:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:java_se:11.0.22:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:11.0.22:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:17.0.10:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:java_se:17.0.10:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:17.0.10:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:21.0.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:java_se:21.0.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:21.0.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:22:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:java_se:22:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:22:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:8u401:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:java_se:8u401:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:8u401:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:8u401:*:*:*:enterprise_performance:*:*:*","reference_id":"cpe:2.3:a:oracle:java_se:8u401:*:*:*:enterprise_performance:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:8u401:*:*:*:enterprise_performance:*:*:*"},{"reference_url":"https://www.oracle.com/security-alerts/cpuapr2024.html","reference_id":"cpuapr2024.html","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-23T13:58:54Z/"}],"url":"https://www.oracle.com/security-alerts/cpuapr2024.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2024/04/msg00014.html","reference_id":"msg00014.html","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-23T13:58:54Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2024/04/msg00014.html"},{"reference_url":"https://security.netapp.com/advisory/ntap-20240426-0004/","reference_id":"ntap-20240426-0004","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-23T13:58:54Z/"}],"url":"https://security.netapp.com/advisory/ntap-20240426-0004/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0248","reference_id":"RHSA-2024:0248","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0248"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0249","reference_id":"RHSA-2024:0249","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0249"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1815","reference_id":"RHSA-2024:1815","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1815"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1816","reference_id":"RHSA-2024:1816","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1816"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1817","reference_id":"RHSA-2024:1817","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1817"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1818","reference_id":"RHSA-2024:1818","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1818"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1819","reference_id":"RHSA-2024:1819","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1819"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1820","reference_id":"RHSA-2024:1820","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1820"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1821","reference_id":"RHSA-2024:1821","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1821"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1822","reference_id":"RHSA-2024:1822","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1822"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1823","reference_id":"RHSA-2024:1823","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1823"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1824","reference_id":"RHSA-2024:1824","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1824"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1825","reference_id":"RHSA-2024:1825","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1825"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1826","reference_id":"RHSA-2024:1826","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1826"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1828","reference_id":"RHSA-2024:1828","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1828"},{"reference_url":"https://usn.ubuntu.com/6810-1/","reference_id":"USN-6810-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6810-1/"},{"reference_url":"https://usn.ubuntu.com/6811-1/","reference_id":"USN-6811-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6811-1/"},{"reference_url":"https://usn.ubuntu.com/6812-1/","reference_id":"USN-6812-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6812-1/"},{"reference_url":"https://usn.ubuntu.com/6813-1/","reference_id":"USN-6813-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6813-1/"},{"reference_url":"https://usn.ubuntu.com/7096-1/","reference_id":"USN-7096-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7096-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/933630?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.11%2B9-1~deb11u1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.11%252B9-1~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933629?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.11%2B9-1~deb12u1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.11%252B9-1~deb12u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933631?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.11%2B9-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.11%252B9-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933604?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.12%2B7-2~deb11u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1gha-995s-7qdg"},{"vulnerability":"VCID-57sd-8y93-qqhu"},{"vulnerability":"VCID-6r1k-8y1c-q7fm"},{"vulnerability":"VCID-jxgd-j4wr-tyb7"},{"vulnerability":"VCID-sz6r-65q1-q3bh"},{"vulnerability":"VCID-xte1-h9nn-4bbk"},{"vulnerability":"VCID-zsun-4q6p-8fek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.12%252B7-2~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933602?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1gha-995s-7qdg"},{"vulnerability":"VCID-57sd-8y93-qqhu"},{"vulnerability":"VCID-6r1k-8y1c-q7fm"},{"vulnerability":"VCID-jxgd-j4wr-tyb7"},{"vulnerability":"VCID-sz6r-65q1-q3bh"},{"vulnerability":"VCID-xte1-h9nn-4bbk"},{"vulnerability":"VCID-zsun-4q6p-8fek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.17%252B10-1~deb12u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933605?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~6ea-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~6ea-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1062446?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~9ea-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1067592?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~9ea-2?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-2%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1077466?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19%2B10-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19%252B10-1%3Fdistro=sid"}],"aliases":["CVE-2024-21094"],"risk_score":1.6,"exploitability":"0.5","weighted_severity":"3.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2tju-1r8k-sbf9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/34358?format=json","vulnerability_id":"VCID-3aae-859j-1bg9","summary":"Multiple vulnerabilities have been found in OpenJDK, the worst of which could result in denial of service.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21293.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21293.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-21293","reference_id":"","reference_type":"","scores":[{"value":"0.00096","scoring_system":"epss","scoring_elements":"0.26644","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00096","scoring_system":"epss","scoring_elements":"0.26688","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00096","scoring_system":"epss","scoring_elements":"0.26473","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00096","scoring_system":"epss","scoring_elements":"0.26541","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00096","scoring_system":"epss","scoring_elements":"0.2659","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00096","scoring_system":"epss","scoring_elements":"0.26596","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00096","scoring_system":"epss","scoring_elements":"0.26551","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00096","scoring_system":"epss","scoring_elements":"0.26494","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00096","scoring_system":"epss","scoring_elements":"0.265","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00096","scoring_system":"epss","scoring_elements":"0.26472","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00096","scoring_system":"epss","scoring_elements":"0.26434","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00096","scoring_system":"epss","scoring_elements":"0.26373","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00096","scoring_system":"epss","scoring_elements":"0.26366","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00096","scoring_system":"epss","scoring_elements":"0.26311","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00096","scoring_system":"epss","scoring_elements":"0.26179","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-21293"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21248","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21248"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21277","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21277"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21282","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21282"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21283","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21283"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21291","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21291"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21293","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21293"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21294","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21294"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21296","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21296"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21299","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21299"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21305","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21305"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21340","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21340"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21341","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21341"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21360","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21360"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21365","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21365"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21366","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21366"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2041417","reference_id":"2041417","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2041417"},{"reference_url":"https://security.gentoo.org/glsa/202209-05","reference_id":"GLSA-202209-05","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202209-05"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0161","reference_id":"RHSA-2022:0161","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0161"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0165","reference_id":"RHSA-2022:0165","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0165"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0166","reference_id":"RHSA-2022:0166","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0166"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0185","reference_id":"RHSA-2022:0185","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0185"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0204","reference_id":"RHSA-2022:0204","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0204"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0209","reference_id":"RHSA-2022:0209","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0209"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0211","reference_id":"RHSA-2022:0211","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0211"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0228","reference_id":"RHSA-2022:0228","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0228"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0229","reference_id":"RHSA-2022:0229","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0229"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0233","reference_id":"RHSA-2022:0233","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0233"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0304","reference_id":"RHSA-2022:0304","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0304"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0305","reference_id":"RHSA-2022:0305","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0305"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0306","reference_id":"RHSA-2022:0306","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0306"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0307","reference_id":"RHSA-2022:0307","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0307"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0312","reference_id":"RHSA-2022:0312","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0312"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0317","reference_id":"RHSA-2022:0317","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0317"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0321","reference_id":"RHSA-2022:0321","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0321"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0968","reference_id":"RHSA-2022:0968","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0968"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0969","reference_id":"RHSA-2022:0969","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0969"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0970","reference_id":"RHSA-2022:0970","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0970"},{"reference_url":"https://usn.ubuntu.com/5313-1/","reference_id":"USN-5313-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5313-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/933610?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.2%2B8-1~deb11u1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.2%252B8-1~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933609?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.2%2B8-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.2%252B8-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933604?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.12%2B7-2~deb11u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1gha-995s-7qdg"},{"vulnerability":"VCID-57sd-8y93-qqhu"},{"vulnerability":"VCID-6r1k-8y1c-q7fm"},{"vulnerability":"VCID-jxgd-j4wr-tyb7"},{"vulnerability":"VCID-sz6r-65q1-q3bh"},{"vulnerability":"VCID-xte1-h9nn-4bbk"},{"vulnerability":"VCID-zsun-4q6p-8fek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.12%252B7-2~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933602?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1gha-995s-7qdg"},{"vulnerability":"VCID-57sd-8y93-qqhu"},{"vulnerability":"VCID-6r1k-8y1c-q7fm"},{"vulnerability":"VCID-jxgd-j4wr-tyb7"},{"vulnerability":"VCID-sz6r-65q1-q3bh"},{"vulnerability":"VCID-xte1-h9nn-4bbk"},{"vulnerability":"VCID-zsun-4q6p-8fek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.17%252B10-1~deb12u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933605?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~6ea-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~6ea-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1062446?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~9ea-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1067592?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~9ea-2?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-2%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1077466?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19%2B10-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19%252B10-1%3Fdistro=sid"}],"aliases":["CVE-2022-21293"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3aae-859j-1bg9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/34372?format=json","vulnerability_id":"VCID-3hj5-z3ck-tkha","summary":"Multiple vulnerabilities have been found in OpenJDK, the worst of which could result in denial of service.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21365.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21365.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-21365","reference_id":"","reference_type":"","scores":[{"value":"0.00112","scoring_system":"epss","scoring_elements":"0.29709","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00112","scoring_system":"epss","scoring_elements":"0.29607","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00112","scoring_system":"epss","scoring_elements":"0.29669","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00112","scoring_system":"epss","scoring_elements":"0.29706","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00112","scoring_system":"epss","scoring_elements":"0.29664","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00112","scoring_system":"epss","scoring_elements":"0.29741","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00112","scoring_system":"epss","scoring_elements":"0.29145","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00112","scoring_system":"epss","scoring_elements":"0.29293","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00112","scoring_system":"epss","scoring_elements":"0.29356","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00112","scoring_system":"epss","scoring_elements":"0.29469","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00112","scoring_system":"epss","scoring_elements":"0.29563","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00112","scoring_system":"epss","scoring_elements":"0.29608","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00112","scoring_system":"epss","scoring_elements":"0.29633","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00112","scoring_system":"epss","scoring_elements":"0.29614","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00112","scoring_system":"epss","scoring_elements":"0.29788","published_at":"2026-04-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-21365"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21248","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21248"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21277","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21277"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21282","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21282"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21283","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21283"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21291","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21291"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21293","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21293"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21294","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21294"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21296","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21296"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21299","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21299"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21305","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21305"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21340","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21340"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21341","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21341"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21360","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21360"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21365","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21365"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21366","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21366"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2041785","reference_id":"2041785","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2041785"},{"reference_url":"https://www.debian.org/security/2022/dsa-5057","reference_id":"dsa-5057","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-30T20:59:23Z/"}],"url":"https://www.debian.org/security/2022/dsa-5057"},{"reference_url":"https://www.debian.org/security/2022/dsa-5058","reference_id":"dsa-5058","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-30T20:59:23Z/"}],"url":"https://www.debian.org/security/2022/dsa-5058"},{"reference_url":"https://security.gentoo.org/glsa/202209-05","reference_id":"GLSA-202209-05","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-30T20:59:23Z/"}],"url":"https://security.gentoo.org/glsa/202209-05"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2022/02/msg00011.html","reference_id":"msg00011.html","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-30T20:59:23Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2022/02/msg00011.html"},{"reference_url":"https://security.netapp.com/advisory/ntap-20220121-0007/","reference_id":"ntap-20220121-0007","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-30T20:59:23Z/"}],"url":"https://security.netapp.com/advisory/ntap-20220121-0007/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0161","reference_id":"RHSA-2022:0161","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0161"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0165","reference_id":"RHSA-2022:0165","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0165"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0166","reference_id":"RHSA-2022:0166","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0166"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0185","reference_id":"RHSA-2022:0185","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0185"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0204","reference_id":"RHSA-2022:0204","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0204"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0209","reference_id":"RHSA-2022:0209","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0209"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0211","reference_id":"RHSA-2022:0211","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0211"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0228","reference_id":"RHSA-2022:0228","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0228"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0229","reference_id":"RHSA-2022:0229","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0229"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0233","reference_id":"RHSA-2022:0233","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0233"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0304","reference_id":"RHSA-2022:0304","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0304"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0305","reference_id":"RHSA-2022:0305","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0305"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0306","reference_id":"RHSA-2022:0306","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0306"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0307","reference_id":"RHSA-2022:0307","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0307"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0312","reference_id":"RHSA-2022:0312","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0312"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0317","reference_id":"RHSA-2022:0317","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0317"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0321","reference_id":"RHSA-2022:0321","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0321"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0968","reference_id":"RHSA-2022:0968","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0968"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0969","reference_id":"RHSA-2022:0969","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0969"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0970","reference_id":"RHSA-2022:0970","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0970"},{"reference_url":"https://usn.ubuntu.com/5313-1/","reference_id":"USN-5313-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5313-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/933610?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.2%2B8-1~deb11u1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.2%252B8-1~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933609?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.2%2B8-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.2%252B8-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933604?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.12%2B7-2~deb11u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1gha-995s-7qdg"},{"vulnerability":"VCID-57sd-8y93-qqhu"},{"vulnerability":"VCID-6r1k-8y1c-q7fm"},{"vulnerability":"VCID-jxgd-j4wr-tyb7"},{"vulnerability":"VCID-sz6r-65q1-q3bh"},{"vulnerability":"VCID-xte1-h9nn-4bbk"},{"vulnerability":"VCID-zsun-4q6p-8fek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.12%252B7-2~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933602?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1gha-995s-7qdg"},{"vulnerability":"VCID-57sd-8y93-qqhu"},{"vulnerability":"VCID-6r1k-8y1c-q7fm"},{"vulnerability":"VCID-jxgd-j4wr-tyb7"},{"vulnerability":"VCID-sz6r-65q1-q3bh"},{"vulnerability":"VCID-xte1-h9nn-4bbk"},{"vulnerability":"VCID-zsun-4q6p-8fek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.17%252B10-1~deb12u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933605?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~6ea-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~6ea-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1062446?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~9ea-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1067592?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~9ea-2?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-2%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1077466?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19%2B10-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19%252B10-1%3Fdistro=sid"}],"aliases":["CVE-2022-21365"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3hj5-z3ck-tkha"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/34432?format=json","vulnerability_id":"VCID-3tav-ffar-hfhb","summary":"Multiple vulnerabilities have been found in IcedTea, the worst of which could result in arbitrary code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-21843.json","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-21843.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-21843","reference_id":"","reference_type":"","scores":[{"value":"0.00103","scoring_system":"epss","scoring_elements":"0.27766","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00103","scoring_system":"epss","scoring_elements":"0.28209","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00103","scoring_system":"epss","scoring_elements":"0.28122","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00103","scoring_system":"epss","scoring_elements":"0.2801","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00103","scoring_system":"epss","scoring_elements":"0.27932","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00117","scoring_system":"epss","scoring_elements":"0.30703","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00117","scoring_system":"epss","scoring_elements":"0.3075","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00117","scoring_system":"epss","scoring_elements":"0.30561","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00117","scoring_system":"epss","scoring_elements":"0.30619","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00117","scoring_system":"epss","scoring_elements":"0.30653","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00117","scoring_system":"epss","scoring_elements":"0.30658","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00117","scoring_system":"epss","scoring_elements":"0.30613","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00117","scoring_system":"epss","scoring_elements":"0.30566","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00117","scoring_system":"epss","scoring_elements":"0.30591","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00117","scoring_system":"epss","scoring_elements":"0.30573","published_at":"2026-04-18T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-21843"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21618","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21618"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21619","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21619"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21624","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21624"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21626","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21626"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21628","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21628"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39399","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39399"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21835","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21835"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21843","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21843"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2160475","reference_id":"2160475","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2160475"},{"reference_url":"https://security.gentoo.org/glsa/202409-26","reference_id":"GLSA-202409-26","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202409-26"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0190","reference_id":"RHSA-2023:0190","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0190"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0191","reference_id":"RHSA-2023:0191","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0191"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0192","reference_id":"RHSA-2023:0192","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0192"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0193","reference_id":"RHSA-2023:0193","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0193"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0194","reference_id":"RHSA-2023:0194","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0194"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0195","reference_id":"RHSA-2023:0195","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0195"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0196","reference_id":"RHSA-2023:0196","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0196"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0197","reference_id":"RHSA-2023:0197","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0197"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0198","reference_id":"RHSA-2023:0198","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0198"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0199","reference_id":"RHSA-2023:0199","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0199"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0200","reference_id":"RHSA-2023:0200","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0200"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0201","reference_id":"RHSA-2023:0201","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0201"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0202","reference_id":"RHSA-2023:0202","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0202"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0203","reference_id":"RHSA-2023:0203","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0203"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0204","reference_id":"RHSA-2023:0204","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0204"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0205","reference_id":"RHSA-2023:0205","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0205"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0206","reference_id":"RHSA-2023:0206","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0206"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0207","reference_id":"RHSA-2023:0207","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0207"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0208","reference_id":"RHSA-2023:0208","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0208"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0209","reference_id":"RHSA-2023:0209","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0209"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0210","reference_id":"RHSA-2023:0210","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0210"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0352","reference_id":"RHSA-2023:0352","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0352"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0353","reference_id":"RHSA-2023:0353","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0353"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0354","reference_id":"RHSA-2023:0354","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0354"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0387","reference_id":"RHSA-2023:0387","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0387"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0388","reference_id":"RHSA-2023:0388","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0388"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0389","reference_id":"RHSA-2023:0389","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0389"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3136","reference_id":"RHSA-2023:3136","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3136"},{"reference_url":"https://usn.ubuntu.com/5897-1/","reference_id":"USN-5897-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5897-1/"},{"reference_url":"https://usn.ubuntu.com/5898-1/","reference_id":"USN-5898-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5898-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/933616?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.6%2B10-1~deb11u1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.6%252B10-1~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933617?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.6%2B10-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.6%252B10-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933604?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.12%2B7-2~deb11u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1gha-995s-7qdg"},{"vulnerability":"VCID-57sd-8y93-qqhu"},{"vulnerability":"VCID-6r1k-8y1c-q7fm"},{"vulnerability":"VCID-jxgd-j4wr-tyb7"},{"vulnerability":"VCID-sz6r-65q1-q3bh"},{"vulnerability":"VCID-xte1-h9nn-4bbk"},{"vulnerability":"VCID-zsun-4q6p-8fek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.12%252B7-2~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933602?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1gha-995s-7qdg"},{"vulnerability":"VCID-57sd-8y93-qqhu"},{"vulnerability":"VCID-6r1k-8y1c-q7fm"},{"vulnerability":"VCID-jxgd-j4wr-tyb7"},{"vulnerability":"VCID-sz6r-65q1-q3bh"},{"vulnerability":"VCID-xte1-h9nn-4bbk"},{"vulnerability":"VCID-zsun-4q6p-8fek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.17%252B10-1~deb12u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933605?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~6ea-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~6ea-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1062446?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~9ea-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1067592?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~9ea-2?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-2%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1077466?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19%2B10-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19%252B10-1%3Fdistro=sid"}],"aliases":["CVE-2023-21843"],"risk_score":1.6,"exploitability":"0.5","weighted_severity":"3.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3tav-ffar-hfhb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60302?format=json","vulnerability_id":"VCID-44t4-tppq-ybb3","summary":"Multiple vulnerabilities have been discovered in OpenJDK, the worst of which can lead to remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21549.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21549.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-21549","reference_id":"","reference_type":"","scores":[{"value":"0.00227","scoring_system":"epss","scoring_elements":"0.45479","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00227","scoring_system":"epss","scoring_elements":"0.45501","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00227","scoring_system":"epss","scoring_elements":"0.45446","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00227","scoring_system":"epss","scoring_elements":"0.455","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00227","scoring_system":"epss","scoring_elements":"0.45521","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00227","scoring_system":"epss","scoring_elements":"0.45491","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00227","scoring_system":"epss","scoring_elements":"0.45496","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00227","scoring_system":"epss","scoring_elements":"0.45544","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00227","scoring_system":"epss","scoring_elements":"0.4554","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00227","scoring_system":"epss","scoring_elements":"0.4549","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00227","scoring_system":"epss","scoring_elements":"0.45406","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00227","scoring_system":"epss","scoring_elements":"0.45416","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00227","scoring_system":"epss","scoring_elements":"0.45354","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00227","scoring_system":"epss","scoring_elements":"0.4525","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-21549"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21540","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21540"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21541","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21541"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21549","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21549"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34169","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34169"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2108547","reference_id":"2108547","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2108547"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5726","reference_id":"RHSA-2022:5726","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5726"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5736","reference_id":"RHSA-2022:5736","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5736"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5757","reference_id":"RHSA-2022:5757","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5757"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5758","reference_id":"RHSA-2022:5758","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5758"},{"reference_url":"https://usn.ubuntu.com/5546-1/","reference_id":"USN-5546-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5546-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/933614?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.4%2B8-1~deb11u1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.4%252B8-1~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933613?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.4%2B8-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.4%252B8-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933604?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.12%2B7-2~deb11u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1gha-995s-7qdg"},{"vulnerability":"VCID-57sd-8y93-qqhu"},{"vulnerability":"VCID-6r1k-8y1c-q7fm"},{"vulnerability":"VCID-jxgd-j4wr-tyb7"},{"vulnerability":"VCID-sz6r-65q1-q3bh"},{"vulnerability":"VCID-xte1-h9nn-4bbk"},{"vulnerability":"VCID-zsun-4q6p-8fek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.12%252B7-2~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933602?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1gha-995s-7qdg"},{"vulnerability":"VCID-57sd-8y93-qqhu"},{"vulnerability":"VCID-6r1k-8y1c-q7fm"},{"vulnerability":"VCID-jxgd-j4wr-tyb7"},{"vulnerability":"VCID-sz6r-65q1-q3bh"},{"vulnerability":"VCID-xte1-h9nn-4bbk"},{"vulnerability":"VCID-zsun-4q6p-8fek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.17%252B10-1~deb12u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933605?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~6ea-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~6ea-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1062446?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~9ea-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1067592?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~9ea-2?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-2%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1077466?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19%2B10-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19%252B10-1%3Fdistro=sid"}],"aliases":["CVE-2022-21549"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-44t4-tppq-ybb3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60300?format=json","vulnerability_id":"VCID-47ae-xdqr-6qgb","summary":"Multiple vulnerabilities have been discovered in OpenJDK, the worst of which can lead to remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21540.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21540.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-21540","reference_id":"","reference_type":"","scores":[{"value":"0.00433","scoring_system":"epss","scoring_elements":"0.6268","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00433","scoring_system":"epss","scoring_elements":"0.62713","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00433","scoring_system":"epss","scoring_elements":"0.62677","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00433","scoring_system":"epss","scoring_elements":"0.62728","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00433","scoring_system":"epss","scoring_elements":"0.62745","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00433","scoring_system":"epss","scoring_elements":"0.62763","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00433","scoring_system":"epss","scoring_elements":"0.62752","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00433","scoring_system":"epss","scoring_elements":"0.62769","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00433","scoring_system":"epss","scoring_elements":"0.62777","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00433","scoring_system":"epss","scoring_elements":"0.62758","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00433","scoring_system":"epss","scoring_elements":"0.62774","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00433","scoring_system":"epss","scoring_elements":"0.6279","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00433","scoring_system":"epss","scoring_elements":"0.62789","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00433","scoring_system":"epss","scoring_elements":"0.62741","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-21540"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21540","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21540"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21541","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21541"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21549","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21549"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34169","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34169"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2108540","reference_id":"2108540","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2108540"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5681","reference_id":"RHSA-2022:5681","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5681"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5683","reference_id":"RHSA-2022:5683","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5683"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5684","reference_id":"RHSA-2022:5684","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5684"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5685","reference_id":"RHSA-2022:5685","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5685"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5687","reference_id":"RHSA-2022:5687","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5687"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5695","reference_id":"RHSA-2022:5695","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5695"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5696","reference_id":"RHSA-2022:5696","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5696"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5697","reference_id":"RHSA-2022:5697","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5697"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5698","reference_id":"RHSA-2022:5698","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5698"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5700","reference_id":"RHSA-2022:5700","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5700"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5701","reference_id":"RHSA-2022:5701","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5701"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5709","reference_id":"RHSA-2022:5709","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5709"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5726","reference_id":"RHSA-2022:5726","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5726"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5736","reference_id":"RHSA-2022:5736","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5736"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5753","reference_id":"RHSA-2022:5753","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5753"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5754","reference_id":"RHSA-2022:5754","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5754"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5755","reference_id":"RHSA-2022:5755","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5755"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5756","reference_id":"RHSA-2022:5756","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5756"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5757","reference_id":"RHSA-2022:5757","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5757"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5758","reference_id":"RHSA-2022:5758","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5758"},{"reference_url":"https://usn.ubuntu.com/5546-1/","reference_id":"USN-5546-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5546-1/"},{"reference_url":"https://usn.ubuntu.com/5546-2/","reference_id":"USN-5546-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5546-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/933614?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.4%2B8-1~deb11u1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.4%252B8-1~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933613?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.4%2B8-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.4%252B8-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933604?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.12%2B7-2~deb11u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1gha-995s-7qdg"},{"vulnerability":"VCID-57sd-8y93-qqhu"},{"vulnerability":"VCID-6r1k-8y1c-q7fm"},{"vulnerability":"VCID-jxgd-j4wr-tyb7"},{"vulnerability":"VCID-sz6r-65q1-q3bh"},{"vulnerability":"VCID-xte1-h9nn-4bbk"},{"vulnerability":"VCID-zsun-4q6p-8fek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.12%252B7-2~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933602?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1gha-995s-7qdg"},{"vulnerability":"VCID-57sd-8y93-qqhu"},{"vulnerability":"VCID-6r1k-8y1c-q7fm"},{"vulnerability":"VCID-jxgd-j4wr-tyb7"},{"vulnerability":"VCID-sz6r-65q1-q3bh"},{"vulnerability":"VCID-xte1-h9nn-4bbk"},{"vulnerability":"VCID-zsun-4q6p-8fek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.17%252B10-1~deb12u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933605?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~6ea-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~6ea-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1062446?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~9ea-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1067592?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~9ea-2?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-2%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1077466?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19%2B10-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19%252B10-1%3Fdistro=sid"}],"aliases":["CVE-2022-21540"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-47ae-xdqr-6qgb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/64943?format=json","vulnerability_id":"VCID-4snj-etwf-eqe8","summary":"openjdk: Improve HttpServer Request handling (Oracle CPU 2026-01)","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-21933.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-21933.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-21933","reference_id":"","reference_type":"","scores":[{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09035","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.08976","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09105","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09147","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09061","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09086","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.0901","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.0909","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09121","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09122","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09091","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09077","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.08972","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.08951","published_at":"2026-04-18T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-21933"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-21933","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-21933"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1126119","reference_id":"1126119","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1126119"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2429926","reference_id":"2429926","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2429926"},{"reference_url":"https://www.oracle.com/security-alerts/cpujan2026.html","reference_id":"cpujan2026.html","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-21T20:56:13Z/"}],"url":"https://www.oracle.com/security-alerts/cpujan2026.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0847","reference_id":"RHSA-2026:0847","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0847"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0848","reference_id":"RHSA-2026:0848","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0848"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0849","reference_id":"RHSA-2026:0849","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0849"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0895","reference_id":"RHSA-2026:0895","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0895"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0896","reference_id":"RHSA-2026:0896","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0896"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0897","reference_id":"RHSA-2026:0897","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0897"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0898","reference_id":"RHSA-2026:0898","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0898"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0899","reference_id":"RHSA-2026:0899","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0899"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0900","reference_id":"RHSA-2026:0900","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0900"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0901","reference_id":"RHSA-2026:0901","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0901"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0927","reference_id":"RHSA-2026:0927","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0927"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0928","reference_id":"RHSA-2026:0928","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0928"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0931","reference_id":"RHSA-2026:0931","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0931"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0932","reference_id":"RHSA-2026:0932","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0932"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0933","reference_id":"RHSA-2026:0933","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0933"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1606","reference_id":"RHSA-2026:1606","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1606"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4832","reference_id":"RHSA-2026:4832","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4832"},{"reference_url":"https://usn.ubuntu.com/7995-1/","reference_id":"USN-7995-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7995-1/"},{"reference_url":"https://usn.ubuntu.com/7996-1/","reference_id":"USN-7996-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7996-1/"},{"reference_url":"https://usn.ubuntu.com/7997-1/","reference_id":"USN-7997-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7997-1/"},{"reference_url":"https://usn.ubuntu.com/7998-1/","reference_id":"USN-7998-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7998-1/"},{"reference_url":"https://usn.ubuntu.com/8000-1/","reference_id":"USN-8000-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8000-1/"},{"reference_url":"https://usn.ubuntu.com/8001-1/","reference_id":"USN-8001-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8001-1/"},{"reference_url":"https://usn.ubuntu.com/8002-1/","reference_id":"USN-8002-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8002-1/"},{"reference_url":"https://usn.ubuntu.com/8003-1/","reference_id":"USN-8003-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8003-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/933604?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.12%2B7-2~deb11u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1gha-995s-7qdg"},{"vulnerability":"VCID-57sd-8y93-qqhu"},{"vulnerability":"VCID-6r1k-8y1c-q7fm"},{"vulnerability":"VCID-jxgd-j4wr-tyb7"},{"vulnerability":"VCID-sz6r-65q1-q3bh"},{"vulnerability":"VCID-xte1-h9nn-4bbk"},{"vulnerability":"VCID-zsun-4q6p-8fek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.12%252B7-2~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933602?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1gha-995s-7qdg"},{"vulnerability":"VCID-57sd-8y93-qqhu"},{"vulnerability":"VCID-6r1k-8y1c-q7fm"},{"vulnerability":"VCID-jxgd-j4wr-tyb7"},{"vulnerability":"VCID-sz6r-65q1-q3bh"},{"vulnerability":"VCID-xte1-h9nn-4bbk"},{"vulnerability":"VCID-zsun-4q6p-8fek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.17%252B10-1~deb12u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933649?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.18%2B8-1~deb11u1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.18%252B8-1~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933648?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.18%2B8-1~deb12u1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.18%252B8-1~deb12u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933650?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.18%2B8-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.18%252B8-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933605?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~6ea-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~6ea-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1062446?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~9ea-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1067592?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~9ea-2?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-2%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1077466?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19%2B10-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19%252B10-1%3Fdistro=sid"}],"aliases":["CVE-2026-21933"],"risk_score":2.8,"exploitability":"0.5","weighted_severity":"5.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4snj-etwf-eqe8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/34370?format=json","vulnerability_id":"VCID-4thy-7844-xuc9","summary":"Multiple vulnerabilities have been found in OpenJDK, the worst of which could result in denial of service.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21360.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21360.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-21360","reference_id":"","reference_type":"","scores":[{"value":"0.00112","scoring_system":"epss","scoring_elements":"0.29741","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00112","scoring_system":"epss","scoring_elements":"0.29788","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00112","scoring_system":"epss","scoring_elements":"0.29607","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00112","scoring_system":"epss","scoring_elements":"0.29669","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00112","scoring_system":"epss","scoring_elements":"0.29706","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00112","scoring_system":"epss","scoring_elements":"0.29709","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00112","scoring_system":"epss","scoring_elements":"0.29664","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00112","scoring_system":"epss","scoring_elements":"0.29614","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00112","scoring_system":"epss","scoring_elements":"0.29633","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00112","scoring_system":"epss","scoring_elements":"0.29608","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00112","scoring_system":"epss","scoring_elements":"0.29563","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00112","scoring_system":"epss","scoring_elements":"0.29469","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00112","scoring_system":"epss","scoring_elements":"0.29356","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00112","scoring_system":"epss","scoring_elements":"0.29293","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00112","scoring_system":"epss","scoring_elements":"0.29145","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-21360"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21248","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21248"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21277","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21277"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21282","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21282"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21283","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21283"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21291","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21291"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21293","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21293"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21294","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21294"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21296","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21296"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21299","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21299"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21305","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21305"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21340","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21340"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21341","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21341"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21360","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21360"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21365","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21365"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21366","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21366"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2041491","reference_id":"2041491","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2041491"},{"reference_url":"https://security.gentoo.org/glsa/202209-05","reference_id":"GLSA-202209-05","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202209-05"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0161","reference_id":"RHSA-2022:0161","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0161"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0165","reference_id":"RHSA-2022:0165","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0165"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0166","reference_id":"RHSA-2022:0166","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0166"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0185","reference_id":"RHSA-2022:0185","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0185"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0204","reference_id":"RHSA-2022:0204","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0204"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0209","reference_id":"RHSA-2022:0209","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0209"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0211","reference_id":"RHSA-2022:0211","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0211"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0228","reference_id":"RHSA-2022:0228","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0228"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0229","reference_id":"RHSA-2022:0229","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0229"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0233","reference_id":"RHSA-2022:0233","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0233"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0304","reference_id":"RHSA-2022:0304","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0304"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0305","reference_id":"RHSA-2022:0305","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0305"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0306","reference_id":"RHSA-2022:0306","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0306"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0307","reference_id":"RHSA-2022:0307","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0307"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0312","reference_id":"RHSA-2022:0312","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0312"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0317","reference_id":"RHSA-2022:0317","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0317"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0321","reference_id":"RHSA-2022:0321","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0321"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0968","reference_id":"RHSA-2022:0968","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0968"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0969","reference_id":"RHSA-2022:0969","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0969"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0970","reference_id":"RHSA-2022:0970","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0970"},{"reference_url":"https://usn.ubuntu.com/5313-1/","reference_id":"USN-5313-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5313-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/933610?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.2%2B8-1~deb11u1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.2%252B8-1~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933609?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.2%2B8-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.2%252B8-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933604?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.12%2B7-2~deb11u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1gha-995s-7qdg"},{"vulnerability":"VCID-57sd-8y93-qqhu"},{"vulnerability":"VCID-6r1k-8y1c-q7fm"},{"vulnerability":"VCID-jxgd-j4wr-tyb7"},{"vulnerability":"VCID-sz6r-65q1-q3bh"},{"vulnerability":"VCID-xte1-h9nn-4bbk"},{"vulnerability":"VCID-zsun-4q6p-8fek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.12%252B7-2~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933602?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1gha-995s-7qdg"},{"vulnerability":"VCID-57sd-8y93-qqhu"},{"vulnerability":"VCID-6r1k-8y1c-q7fm"},{"vulnerability":"VCID-jxgd-j4wr-tyb7"},{"vulnerability":"VCID-sz6r-65q1-q3bh"},{"vulnerability":"VCID-xte1-h9nn-4bbk"},{"vulnerability":"VCID-zsun-4q6p-8fek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.17%252B10-1~deb12u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933605?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~6ea-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~6ea-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1062446?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~9ea-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1067592?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~9ea-2?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-2%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1077466?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19%2B10-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19%252B10-1%3Fdistro=sid"}],"aliases":["CVE-2022-21360"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4thy-7844-xuc9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/353650?format=json","vulnerability_id":"VCID-57sd-8y93-qqhu","summary":"Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Networking). Supported versions that are affected are Oracle Java SE: 8u481-perf, 11.0.30, 17.0.18, 21.0.10, 25.0.2, 26; Oracle GraalVM for JDK: 17.0.18 and 21.0.10; Oracle GraalVM Enterprise Edition: 21.3.17. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. CVSS 3.1 Base Score 7.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H).","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-34282.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-34282.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-34282","reference_id":"","reference_type":"","scores":[{"value":"0.0004","scoring_system":"epss","scoring_elements":"0.12067","published_at":"2026-04-26T12:55:00Z"},{"value":"0.0004","scoring_system":"epss","scoring_elements":"0.121","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00047","scoring_system":"epss","scoring_elements":"0.14194","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00047","scoring_system":"epss","scoring_elements":"0.14332","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-34282"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-34282","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-34282"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2460044","reference_id":"2460044","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2460044"},{"reference_url":"https://www.oracle.com/security-alerts/cpuapr2026.html","reference_id":"cpuapr2026.html","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-22T15:33:23Z/"}],"url":"https://www.oracle.com/security-alerts/cpuapr2026.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11403","reference_id":"RHSA-2026:11403","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:11403"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11655","reference_id":"RHSA-2026:11655","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:11655"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11822","reference_id":"RHSA-2026:11822","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:11822"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11829","reference_id":"RHSA-2026:11829","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:11829"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11902","reference_id":"RHSA-2026:11902","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:11902"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9254","reference_id":"RHSA-2026:9254","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9254"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9255","reference_id":"RHSA-2026:9255","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9255"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9256","reference_id":"RHSA-2026:9256","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9256"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9686","reference_id":"RHSA-2026:9686","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9686"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9687","reference_id":"RHSA-2026:9687","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9687"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9688","reference_id":"RHSA-2026:9688","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9688"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9689","reference_id":"RHSA-2026:9689","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9689"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9690","reference_id":"RHSA-2026:9690","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9690"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9691","reference_id":"RHSA-2026:9691","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9691"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9693","reference_id":"RHSA-2026:9693","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9693"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9694","reference_id":"RHSA-2026:9694","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9694"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1103025?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19%2B10-1~deb11u1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19%252B10-1~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933604?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.12%2B7-2~deb11u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1gha-995s-7qdg"},{"vulnerability":"VCID-57sd-8y93-qqhu"},{"vulnerability":"VCID-6r1k-8y1c-q7fm"},{"vulnerability":"VCID-jxgd-j4wr-tyb7"},{"vulnerability":"VCID-sz6r-65q1-q3bh"},{"vulnerability":"VCID-xte1-h9nn-4bbk"},{"vulnerability":"VCID-zsun-4q6p-8fek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.12%252B7-2~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933602?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1gha-995s-7qdg"},{"vulnerability":"VCID-57sd-8y93-qqhu"},{"vulnerability":"VCID-6r1k-8y1c-q7fm"},{"vulnerability":"VCID-jxgd-j4wr-tyb7"},{"vulnerability":"VCID-sz6r-65q1-q3bh"},{"vulnerability":"VCID-xte1-h9nn-4bbk"},{"vulnerability":"VCID-zsun-4q6p-8fek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.17%252B10-1~deb12u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1088715?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19%2B10-1~deb12u2?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19%252B10-1~deb12u2%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1077466?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19%2B10-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19%252B10-1%3Fdistro=sid"}],"aliases":["CVE-2026-34282"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-57sd-8y93-qqhu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/74702?format=json","vulnerability_id":"VCID-5et1-ytak-xqh7","summary":"OpenJDK: Excessive symbol length can lead to infinite loop (8319859)","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21138.json","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21138.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-21138","reference_id":"","reference_type":"","scores":[{"value":"0.00333","scoring_system":"epss","scoring_elements":"0.56051","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00333","scoring_system":"epss","scoring_elements":"0.56205","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00333","scoring_system":"epss","scoring_elements":"0.56175","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00333","scoring_system":"epss","scoring_elements":"0.561","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00333","scoring_system":"epss","scoring_elements":"0.56122","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00333","scoring_system":"epss","scoring_elements":"0.56098","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00333","scoring_system":"epss","scoring_elements":"0.56144","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00333","scoring_system":"epss","scoring_elements":"0.56165","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00333","scoring_system":"epss","scoring_elements":"0.56195","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00333","scoring_system":"epss","scoring_elements":"0.56201","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00333","scoring_system":"epss","scoring_elements":"0.5621","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00333","scoring_system":"epss","scoring_elements":"0.56186","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00333","scoring_system":"epss","scoring_elements":"0.5617","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00333","scoring_system":"epss","scoring_elements":"0.56203","published_at":"2026-04-16T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-21138"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21131","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21131"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21138","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21138"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21140","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21140"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21144","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21144"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21145","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21145"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21147","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21147"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2297962","reference_id":"2297962","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2297962"},{"reference_url":"https://www.oracle.com/security-alerts/cpujul2024.html","reference_id":"cpujul2024.html","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-17T13:32:40Z/"}],"url":"https://www.oracle.com/security-alerts/cpujul2024.html"},{"reference_url":"https://security.netapp.com/advisory/ntap-20240719-0008/","reference_id":"ntap-20240719-0008","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-17T13:32:40Z/"}],"url":"https://security.netapp.com/advisory/ntap-20240719-0008/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4560","reference_id":"RHSA-2024:4560","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4560"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4561","reference_id":"RHSA-2024:4561","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4561"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4562","reference_id":"RHSA-2024:4562","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4562"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4563","reference_id":"RHSA-2024:4563","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4563"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4564","reference_id":"RHSA-2024:4564","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4564"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4565","reference_id":"RHSA-2024:4565","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4565"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4566","reference_id":"RHSA-2024:4566","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4566"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4567","reference_id":"RHSA-2024:4567","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4567"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4568","reference_id":"RHSA-2024:4568","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4568"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4569","reference_id":"RHSA-2024:4569","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4569"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4570","reference_id":"RHSA-2024:4570","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4570"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4571","reference_id":"RHSA-2024:4571","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4571"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4572","reference_id":"RHSA-2024:4572","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4572"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4573","reference_id":"RHSA-2024:4573","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4573"},{"reference_url":"https://usn.ubuntu.com/6929-1/","reference_id":"USN-6929-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6929-1/"},{"reference_url":"https://usn.ubuntu.com/6930-1/","reference_id":"USN-6930-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6930-1/"},{"reference_url":"https://usn.ubuntu.com/6931-1/","reference_id":"USN-6931-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6931-1/"},{"reference_url":"https://usn.ubuntu.com/6932-1/","reference_id":"USN-6932-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6932-1/"},{"reference_url":"https://usn.ubuntu.com/7096-1/","reference_id":"USN-7096-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7096-1/"},{"reference_url":"https://usn.ubuntu.com/7097-1/","reference_id":"USN-7097-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7097-1/"},{"reference_url":"https://usn.ubuntu.com/7098-1/","reference_id":"USN-7098-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7098-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/933633?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.12%2B7-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.12%252B7-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933604?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.12%2B7-2~deb11u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1gha-995s-7qdg"},{"vulnerability":"VCID-57sd-8y93-qqhu"},{"vulnerability":"VCID-6r1k-8y1c-q7fm"},{"vulnerability":"VCID-jxgd-j4wr-tyb7"},{"vulnerability":"VCID-sz6r-65q1-q3bh"},{"vulnerability":"VCID-xte1-h9nn-4bbk"},{"vulnerability":"VCID-zsun-4q6p-8fek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.12%252B7-2~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933632?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.12%2B7-2~deb12u1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.12%252B7-2~deb12u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933602?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1gha-995s-7qdg"},{"vulnerability":"VCID-57sd-8y93-qqhu"},{"vulnerability":"VCID-6r1k-8y1c-q7fm"},{"vulnerability":"VCID-jxgd-j4wr-tyb7"},{"vulnerability":"VCID-sz6r-65q1-q3bh"},{"vulnerability":"VCID-xte1-h9nn-4bbk"},{"vulnerability":"VCID-zsun-4q6p-8fek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.17%252B10-1~deb12u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933605?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~6ea-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~6ea-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1062446?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~9ea-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1067592?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~9ea-2?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-2%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1077466?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19%2B10-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19%252B10-1%3Fdistro=sid"}],"aliases":["CVE-2024-21138"],"risk_score":1.6,"exploitability":"0.5","weighted_severity":"3.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5et1-ytak-xqh7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/34360?format=json","vulnerability_id":"VCID-5xg6-kds9-g3hf","summary":"Multiple vulnerabilities have been found in OpenJDK, the worst of which could result in denial of service.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21294.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21294.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-21294","reference_id":"","reference_type":"","scores":[{"value":"0.00112","scoring_system":"epss","scoring_elements":"0.29741","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00112","scoring_system":"epss","scoring_elements":"0.29788","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00112","scoring_system":"epss","scoring_elements":"0.29607","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00112","scoring_system":"epss","scoring_elements":"0.29669","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00112","scoring_system":"epss","scoring_elements":"0.29706","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00112","scoring_system":"epss","scoring_elements":"0.29709","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00112","scoring_system":"epss","scoring_elements":"0.29664","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00112","scoring_system":"epss","scoring_elements":"0.29614","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00112","scoring_system":"epss","scoring_elements":"0.29633","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00112","scoring_system":"epss","scoring_elements":"0.29608","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00112","scoring_system":"epss","scoring_elements":"0.29563","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00112","scoring_system":"epss","scoring_elements":"0.29469","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00112","scoring_system":"epss","scoring_elements":"0.29356","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00112","scoring_system":"epss","scoring_elements":"0.29293","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00112","scoring_system":"epss","scoring_elements":"0.29145","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-21294"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21248","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21248"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21277","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21277"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21282","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21282"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21283","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21283"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21291","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21291"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21293","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21293"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21294","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21294"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21296","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21296"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21299","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21299"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21305","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21305"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21340","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21340"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21341","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21341"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21360","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21360"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21365","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21365"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21366","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21366"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2041427","reference_id":"2041427","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2041427"},{"reference_url":"https://security.gentoo.org/glsa/202209-05","reference_id":"GLSA-202209-05","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202209-05"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0161","reference_id":"RHSA-2022:0161","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0161"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0165","reference_id":"RHSA-2022:0165","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0165"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0166","reference_id":"RHSA-2022:0166","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0166"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0185","reference_id":"RHSA-2022:0185","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0185"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0204","reference_id":"RHSA-2022:0204","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0204"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0209","reference_id":"RHSA-2022:0209","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0209"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0211","reference_id":"RHSA-2022:0211","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0211"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0228","reference_id":"RHSA-2022:0228","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0228"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0229","reference_id":"RHSA-2022:0229","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0229"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0233","reference_id":"RHSA-2022:0233","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0233"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0304","reference_id":"RHSA-2022:0304","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0304"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0305","reference_id":"RHSA-2022:0305","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0305"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0306","reference_id":"RHSA-2022:0306","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0306"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0307","reference_id":"RHSA-2022:0307","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0307"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0312","reference_id":"RHSA-2022:0312","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0312"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0317","reference_id":"RHSA-2022:0317","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0317"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0321","reference_id":"RHSA-2022:0321","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0321"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0968","reference_id":"RHSA-2022:0968","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0968"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0969","reference_id":"RHSA-2022:0969","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0969"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0970","reference_id":"RHSA-2022:0970","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0970"},{"reference_url":"https://usn.ubuntu.com/5313-1/","reference_id":"USN-5313-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5313-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/933610?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.2%2B8-1~deb11u1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.2%252B8-1~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933609?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.2%2B8-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.2%252B8-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933604?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.12%2B7-2~deb11u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1gha-995s-7qdg"},{"vulnerability":"VCID-57sd-8y93-qqhu"},{"vulnerability":"VCID-6r1k-8y1c-q7fm"},{"vulnerability":"VCID-jxgd-j4wr-tyb7"},{"vulnerability":"VCID-sz6r-65q1-q3bh"},{"vulnerability":"VCID-xte1-h9nn-4bbk"},{"vulnerability":"VCID-zsun-4q6p-8fek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.12%252B7-2~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933602?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1gha-995s-7qdg"},{"vulnerability":"VCID-57sd-8y93-qqhu"},{"vulnerability":"VCID-6r1k-8y1c-q7fm"},{"vulnerability":"VCID-jxgd-j4wr-tyb7"},{"vulnerability":"VCID-sz6r-65q1-q3bh"},{"vulnerability":"VCID-xte1-h9nn-4bbk"},{"vulnerability":"VCID-zsun-4q6p-8fek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.17%252B10-1~deb12u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933605?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~6ea-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~6ea-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1062446?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~9ea-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1067592?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~9ea-2?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-2%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1077466?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19%2B10-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19%252B10-1%3Fdistro=sid"}],"aliases":["CVE-2022-21294"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5xg6-kds9-g3hf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/31982?format=json","vulnerability_id":"VCID-6196-gvhx-ruh8","summary":"Multiple vulnerabilities have been discovered in OpenJDK, the worst of which could lead to remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21235.json","reference_id":"","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21235.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-21235","reference_id":"","reference_type":"","scores":[{"value":"0.00171","scoring_system":"epss","scoring_elements":"0.3838","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00171","scoring_system":"epss","scoring_elements":"0.38417","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00171","scoring_system":"epss","scoring_elements":"0.38441","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00171","scoring_system":"epss","scoring_elements":"0.38305","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00171","scoring_system":"epss","scoring_elements":"0.38355","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00171","scoring_system":"epss","scoring_elements":"0.38363","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00216","scoring_system":"epss","scoring_elements":"0.44066","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00216","scoring_system":"epss","scoring_elements":"0.43858","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00216","scoring_system":"epss","scoring_elements":"0.44139","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00216","scoring_system":"epss","scoring_elements":"0.44063","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00216","scoring_system":"epss","scoring_elements":"0.43981","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00216","scoring_system":"epss","scoring_elements":"0.44158","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00216","scoring_system":"epss","scoring_elements":"0.44159","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00216","scoring_system":"epss","scoring_elements":"0.4422","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00216","scoring_system":"epss","scoring_elements":"0.4421","published_at":"2026-04-18T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-21235"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21235","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21235"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1085696","reference_id":"1085696","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1085696"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2318534","reference_id":"2318534","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2318534"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm:20.3.15:*:*:*:enterprise:*:*:*","reference_id":"cpe:2.3:a:oracle:graalvm:20.3.15:*:*:*:enterprise:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm:20.3.15:*:*:*:enterprise:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm:21.3.11:*:*:*:enterprise:*:*:*","reference_id":"cpe:2.3:a:oracle:graalvm:21.3.11:*:*:*:enterprise:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm:21.3.11:*:*:*:enterprise:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:17.0.12:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:graalvm_for_jdk:17.0.12:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:17.0.12:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:21.0.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:graalvm_for_jdk:21.0.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:21.0.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:23:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:graalvm_for_jdk:23:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:23:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:11.0.24:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:java_se:11.0.24:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:11.0.24:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:17.0.12:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:java_se:17.0.12:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:17.0.12:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:21.0.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:java_se:21.0.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:21.0.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:23:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:java_se:23:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:23:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:8u421:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:java_se:8u421:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:8u421:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:8u421:*:*:*:enterprise_performance:*:*:*","reference_id":"cpe:2.3:a:oracle:java_se:8u421:*:*:*:enterprise_performance:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:8u421:*:*:*:enterprise_performance:*:*:*"},{"reference_url":"https://security.gentoo.org/glsa/202412-07","reference_id":"GLSA-202412-07","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-07"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10926","reference_id":"RHSA-2024:10926","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10926"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8116","reference_id":"RHSA-2024:8116","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8116"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8117","reference_id":"RHSA-2024:8117","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8117"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8118","reference_id":"RHSA-2024:8118","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8118"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8119","reference_id":"RHSA-2024:8119","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8119"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8120","reference_id":"RHSA-2024:8120","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8120"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8121","reference_id":"RHSA-2024:8121","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8121"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8122","reference_id":"RHSA-2024:8122","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8122"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8123","reference_id":"RHSA-2024:8123","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8123"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8124","reference_id":"RHSA-2024:8124","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8124"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8125","reference_id":"RHSA-2024:8125","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8125"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8126","reference_id":"RHSA-2024:8126","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8126"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8127","reference_id":"RHSA-2024:8127","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8127"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8128","reference_id":"RHSA-2024:8128","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8128"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8129","reference_id":"RHSA-2024:8129","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8129"},{"reference_url":"https://usn.ubuntu.com/7096-1/","reference_id":"USN-7096-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7096-1/"},{"reference_url":"https://usn.ubuntu.com/7097-1/","reference_id":"USN-7097-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7097-1/"},{"reference_url":"https://usn.ubuntu.com/7098-1/","reference_id":"USN-7098-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7098-1/"},{"reference_url":"https://usn.ubuntu.com/7099-1/","reference_id":"USN-7099-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7099-1/"},{"reference_url":"https://usn.ubuntu.com/7124-1/","reference_id":"USN-7124-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7124-1/"},{"reference_url":"https://usn.ubuntu.com/7338-1/","reference_id":"USN-7338-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7338-1/"},{"reference_url":"https://usn.ubuntu.com/7339-1/","reference_id":"USN-7339-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7339-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/933604?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.12%2B7-2~deb11u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1gha-995s-7qdg"},{"vulnerability":"VCID-57sd-8y93-qqhu"},{"vulnerability":"VCID-6r1k-8y1c-q7fm"},{"vulnerability":"VCID-jxgd-j4wr-tyb7"},{"vulnerability":"VCID-sz6r-65q1-q3bh"},{"vulnerability":"VCID-xte1-h9nn-4bbk"},{"vulnerability":"VCID-zsun-4q6p-8fek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.12%252B7-2~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933635?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.13%2B11-1~deb11u1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.13%252B11-1~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933636?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.13%2B11-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.13%252B11-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933634?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.13%2B11-2~deb12u1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.13%252B11-2~deb12u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933602?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1gha-995s-7qdg"},{"vulnerability":"VCID-57sd-8y93-qqhu"},{"vulnerability":"VCID-6r1k-8y1c-q7fm"},{"vulnerability":"VCID-jxgd-j4wr-tyb7"},{"vulnerability":"VCID-sz6r-65q1-q3bh"},{"vulnerability":"VCID-xte1-h9nn-4bbk"},{"vulnerability":"VCID-zsun-4q6p-8fek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.17%252B10-1~deb12u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933605?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~6ea-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~6ea-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1062446?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~9ea-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1067592?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~9ea-2?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-2%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1077466?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19%2B10-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19%252B10-1%3Fdistro=sid"}],"aliases":["CVE-2024-21235"],"risk_score":2.1,"exploitability":"0.5","weighted_severity":"4.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6196-gvhx-ruh8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/354154?format=json","vulnerability_id":"VCID-6fce-bys3-kkgm","summary":"openjdk: OpenJDK: Update LibPNG (Oracle CPU 2026-04)","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-22020.json","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-22020.json"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2460045","reference_id":"2460045","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2460045"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/933603?format=json","purl":"pkg:deb/debian/openjdk-17@0?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@0%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933604?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.12%2B7-2~deb11u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1gha-995s-7qdg"},{"vulnerability":"VCID-57sd-8y93-qqhu"},{"vulnerability":"VCID-6r1k-8y1c-q7fm"},{"vulnerability":"VCID-jxgd-j4wr-tyb7"},{"vulnerability":"VCID-sz6r-65q1-q3bh"},{"vulnerability":"VCID-xte1-h9nn-4bbk"},{"vulnerability":"VCID-zsun-4q6p-8fek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.12%252B7-2~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933602?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1gha-995s-7qdg"},{"vulnerability":"VCID-57sd-8y93-qqhu"},{"vulnerability":"VCID-6r1k-8y1c-q7fm"},{"vulnerability":"VCID-jxgd-j4wr-tyb7"},{"vulnerability":"VCID-sz6r-65q1-q3bh"},{"vulnerability":"VCID-xte1-h9nn-4bbk"},{"vulnerability":"VCID-zsun-4q6p-8fek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.17%252B10-1~deb12u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1077466?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19%2B10-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19%252B10-1%3Fdistro=sid"}],"aliases":["CVE-2026-22020"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6fce-bys3-kkgm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/353834?format=json","vulnerability_id":"VCID-6r1k-8y1c-q7fm","summary":"Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Security). Supported versions that are affected are Oracle Java SE: 8u481, 8u481-b50, 8u481-perf, 11.0.30, 17.0.18, 21.0.10, 25.0.2, 26; Oracle GraalVM for JDK: 17.0.18 and 21.0.10; Oracle GraalVM Enterprise Edition: 21.3.17. Difficult to exploit vulnerability allows unauthenticated attacker with logon to the infrastructure where Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition executes to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. CVSS 3.1 Base Score 2.9 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N).","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-22007.json","reference_id":"","reference_type":"","scores":[{"value":"2.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-22007.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-22007","reference_id":"","reference_type":"","scores":[{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01698","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01704","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05774","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05765","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-22007"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-22007","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-22007"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"2.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1134894","reference_id":"1134894","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1134894"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2460038","reference_id":"2460038","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2460038"},{"reference_url":"https://www.oracle.com/security-alerts/cpuapr2026.html","reference_id":"cpuapr2026.html","reference_type":"","scores":[{"value":"2.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-22T14:05:16Z/"}],"url":"https://www.oracle.com/security-alerts/cpuapr2026.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11403","reference_id":"RHSA-2026:11403","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:11403"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11655","reference_id":"RHSA-2026:11655","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:11655"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11822","reference_id":"RHSA-2026:11822","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:11822"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11829","reference_id":"RHSA-2026:11829","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:11829"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11902","reference_id":"RHSA-2026:11902","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:11902"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9254","reference_id":"RHSA-2026:9254","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9254"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9255","reference_id":"RHSA-2026:9255","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9255"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9256","reference_id":"RHSA-2026:9256","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9256"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9682","reference_id":"RHSA-2026:9682","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9682"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9683","reference_id":"RHSA-2026:9683","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9683"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9684","reference_id":"RHSA-2026:9684","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9684"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9685","reference_id":"RHSA-2026:9685","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9685"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9686","reference_id":"RHSA-2026:9686","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9686"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9687","reference_id":"RHSA-2026:9687","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9687"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9688","reference_id":"RHSA-2026:9688","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9688"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9689","reference_id":"RHSA-2026:9689","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9689"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9690","reference_id":"RHSA-2026:9690","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9690"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9691","reference_id":"RHSA-2026:9691","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9691"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9693","reference_id":"RHSA-2026:9693","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9693"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9694","reference_id":"RHSA-2026:9694","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9694"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1103025?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19%2B10-1~deb11u1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19%252B10-1~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933604?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.12%2B7-2~deb11u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1gha-995s-7qdg"},{"vulnerability":"VCID-57sd-8y93-qqhu"},{"vulnerability":"VCID-6r1k-8y1c-q7fm"},{"vulnerability":"VCID-jxgd-j4wr-tyb7"},{"vulnerability":"VCID-sz6r-65q1-q3bh"},{"vulnerability":"VCID-xte1-h9nn-4bbk"},{"vulnerability":"VCID-zsun-4q6p-8fek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.12%252B7-2~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933602?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1gha-995s-7qdg"},{"vulnerability":"VCID-57sd-8y93-qqhu"},{"vulnerability":"VCID-6r1k-8y1c-q7fm"},{"vulnerability":"VCID-jxgd-j4wr-tyb7"},{"vulnerability":"VCID-sz6r-65q1-q3bh"},{"vulnerability":"VCID-xte1-h9nn-4bbk"},{"vulnerability":"VCID-zsun-4q6p-8fek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.17%252B10-1~deb12u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1088715?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19%2B10-1~deb12u2?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19%252B10-1~deb12u2%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1077466?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19%2B10-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19%252B10-1%3Fdistro=sid"}],"aliases":["CVE-2026-22007"],"risk_score":1.3,"exploitability":"0.5","weighted_severity":"2.6","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6r1k-8y1c-q7fm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/34340?format=json","vulnerability_id":"VCID-6wtu-f43b-1ue9","summary":"Multiple vulnerabilities have been found in OpenJDK, the worst of which could result in denial of service.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-35559.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-35559.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-35559","reference_id":"","reference_type":"","scores":[{"value":"0.00117","scoring_system":"epss","scoring_elements":"0.30596","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00117","scoring_system":"epss","scoring_elements":"0.30061","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00117","scoring_system":"epss","scoring_elements":"0.30202","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00117","scoring_system":"epss","scoring_elements":"0.30282","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00117","scoring_system":"epss","scoring_elements":"0.30781","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00117","scoring_system":"epss","scoring_elements":"0.30732","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00117","scoring_system":"epss","scoring_elements":"0.30396","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00117","scoring_system":"epss","scoring_elements":"0.30575","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00117","scoring_system":"epss","scoring_elements":"0.30609","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00117","scoring_system":"epss","scoring_elements":"0.30627","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00117","scoring_system":"epss","scoring_elements":"0.30602","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00117","scoring_system":"epss","scoring_elements":"0.30647","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00117","scoring_system":"epss","scoring_elements":"0.30692","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00117","scoring_system":"epss","scoring_elements":"0.30687","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00117","scoring_system":"epss","scoring_elements":"0.30654","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-35559"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35550","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35550"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35556","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35556"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35559","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35559"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35561","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35561"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35564","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35564"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35565","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35565"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35567","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35567"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35578","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35578"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35586","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35586"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35603","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35603"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2014518","reference_id":"2014518","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2014518"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6EUURAQOIJYFZHQ7DFZCO6IKDPIAWTNK/","reference_id":"6EUURAQOIJYFZHQ7DFZCO6IKDPIAWTNK","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-06-25T16:02:35Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6EUURAQOIJYFZHQ7DFZCO6IKDPIAWTNK/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7WTVCIVHTX3XONYOEGUMLKCM4QEC6INT/","reference_id":"7WTVCIVHTX3XONYOEGUMLKCM4QEC6INT","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-06-25T16:02:35Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7WTVCIVHTX3XONYOEGUMLKCM4QEC6INT/"},{"reference_url":"https://security.archlinux.org/AVG-2477","reference_id":"AVG-2477","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2477"},{"reference_url":"https://security.archlinux.org/AVG-2478","reference_id":"AVG-2478","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2478"},{"reference_url":"https://security.archlinux.org/AVG-2479","reference_id":"AVG-2479","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2479"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DJILEHYV2U37HKMGFEQ7CAVOV4DUWW2O/","reference_id":"DJILEHYV2U37HKMGFEQ7CAVOV4DUWW2O","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-06-25T16:02:35Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DJILEHYV2U37HKMGFEQ7CAVOV4DUWW2O/"},{"reference_url":"https://www.debian.org/security/2021/dsa-5000","reference_id":"dsa-5000","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-06-25T16:02:35Z/"}],"url":"https://www.debian.org/security/2021/dsa-5000"},{"reference_url":"https://www.debian.org/security/2021/dsa-5012","reference_id":"dsa-5012","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-06-25T16:02:35Z/"}],"url":"https://www.debian.org/security/2021/dsa-5012"},{"reference_url":"https://security.gentoo.org/glsa/202209-05","reference_id":"GLSA-202209-05","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-06-25T16:02:35Z/"}],"url":"https://security.gentoo.org/glsa/202209-05"},{"reference_url":"https://security.gentoo.org/glsa/202409-26","reference_id":"GLSA-202409-26","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202409-26"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GTYZWIXDFUV2H57YQZJWPOD3BC3I3EIQ/","reference_id":"GTYZWIXDFUV2H57YQZJWPOD3BC3I3EIQ","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-06-25T16:02:35Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GTYZWIXDFUV2H57YQZJWPOD3BC3I3EIQ/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GXTUWAWXVU37GRNIG4TPMA47THO6VAE6/","reference_id":"GXTUWAWXVU37GRNIG4TPMA47THO6VAE6","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-06-25T16:02:35Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GXTUWAWXVU37GRNIG4TPMA47THO6VAE6/"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2021/11/msg00008.html","reference_id":"msg00008.html","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-06-25T16:02:35Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2021/11/msg00008.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3884","reference_id":"RHSA-2021:3884","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3884"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3885","reference_id":"RHSA-2021:3885","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3885"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3886","reference_id":"RHSA-2021:3886","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3886"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3887","reference_id":"RHSA-2021:3887","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3887"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3889","reference_id":"RHSA-2021:3889","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3889"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3891","reference_id":"RHSA-2021:3891","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3891"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3892","reference_id":"RHSA-2021:3892","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3892"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3893","reference_id":"RHSA-2021:3893","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3893"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3960","reference_id":"RHSA-2021:3960","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3960"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3961","reference_id":"RHSA-2021:3961","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3961"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3967","reference_id":"RHSA-2021:3967","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3967"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3968","reference_id":"RHSA-2021:3968","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3968"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:4135","reference_id":"RHSA-2021:4135","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:4135"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:4531","reference_id":"RHSA-2021:4531","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:4531"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:4532","reference_id":"RHSA-2021:4532","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:4532"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:5030","reference_id":"RHSA-2021:5030","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:5030"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0310","reference_id":"RHSA-2022:0310","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0310"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0345","reference_id":"RHSA-2022:0345","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0345"},{"reference_url":"https://usn.ubuntu.com/5202-1/","reference_id":"USN-5202-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5202-1/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/V362B2BWTH5IJDL45QPQGMBKIQOG7JX5/","reference_id":"V362B2BWTH5IJDL45QPQGMBKIQOG7JX5","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-06-25T16:02:35Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/V362B2BWTH5IJDL45QPQGMBKIQOG7JX5/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/933607?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.1%2B12-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.1%252B12-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933608?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.1%2B12-1%2Bdeb11u2?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.1%252B12-1%252Bdeb11u2%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933604?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.12%2B7-2~deb11u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1gha-995s-7qdg"},{"vulnerability":"VCID-57sd-8y93-qqhu"},{"vulnerability":"VCID-6r1k-8y1c-q7fm"},{"vulnerability":"VCID-jxgd-j4wr-tyb7"},{"vulnerability":"VCID-sz6r-65q1-q3bh"},{"vulnerability":"VCID-xte1-h9nn-4bbk"},{"vulnerability":"VCID-zsun-4q6p-8fek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.12%252B7-2~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933602?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1gha-995s-7qdg"},{"vulnerability":"VCID-57sd-8y93-qqhu"},{"vulnerability":"VCID-6r1k-8y1c-q7fm"},{"vulnerability":"VCID-jxgd-j4wr-tyb7"},{"vulnerability":"VCID-sz6r-65q1-q3bh"},{"vulnerability":"VCID-xte1-h9nn-4bbk"},{"vulnerability":"VCID-zsun-4q6p-8fek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.17%252B10-1~deb12u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933605?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~6ea-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~6ea-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1062446?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~9ea-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1067592?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~9ea-2?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-2%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1077466?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19%2B10-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19%252B10-1%3Fdistro=sid"}],"aliases":["CVE-2021-35559"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6wtu-f43b-1ue9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/34348?format=json","vulnerability_id":"VCID-6zn4-b8k4-3bcn","summary":"Multiple vulnerabilities have been found in OpenJDK, the worst of which could result in denial of service.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-35586.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-35586.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-35586","reference_id":"","reference_type":"","scores":[{"value":"0.00167","scoring_system":"epss","scoring_elements":"0.37711","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00167","scoring_system":"epss","scoring_elements":"0.37313","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00167","scoring_system":"epss","scoring_elements":"0.37427","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00167","scoring_system":"epss","scoring_elements":"0.37517","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00167","scoring_system":"epss","scoring_elements":"0.37917","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00167","scoring_system":"epss","scoring_elements":"0.37846","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00167","scoring_system":"epss","scoring_elements":"0.37796","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00167","scoring_system":"epss","scoring_elements":"0.37892","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00167","scoring_system":"epss","scoring_elements":"0.37539","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00167","scoring_system":"epss","scoring_elements":"0.37776","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00167","scoring_system":"epss","scoring_elements":"0.37839","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00167","scoring_system":"epss","scoring_elements":"0.37812","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00167","scoring_system":"epss","scoring_elements":"0.37837","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00167","scoring_system":"epss","scoring_elements":"0.37874","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00167","scoring_system":"epss","scoring_elements":"0.37859","published_at":"2026-04-16T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-35586"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35550","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35550"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35556","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35556"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35559","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35559"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35561","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35561"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35564","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35564"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35565","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35565"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35567","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35567"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35578","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35578"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35586","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35586"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35603","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35603"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2015308","reference_id":"2015308","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2015308"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6EUURAQOIJYFZHQ7DFZCO6IKDPIAWTNK/","reference_id":"6EUURAQOIJYFZHQ7DFZCO6IKDPIAWTNK","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-25T19:32:02Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6EUURAQOIJYFZHQ7DFZCO6IKDPIAWTNK/"},{"reference_url":"https://security.archlinux.org/AVG-2477","reference_id":"AVG-2477","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2477"},{"reference_url":"https://security.archlinux.org/AVG-2478","reference_id":"AVG-2478","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2478"},{"reference_url":"https://security.archlinux.org/AVG-2479","reference_id":"AVG-2479","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2479"},{"reference_url":"https://www.debian.org/security/2021/dsa-5000","reference_id":"dsa-5000","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-25T19:32:02Z/"}],"url":"https://www.debian.org/security/2021/dsa-5000"},{"reference_url":"https://www.debian.org/security/2021/dsa-5012","reference_id":"dsa-5012","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-25T19:32:02Z/"}],"url":"https://www.debian.org/security/2021/dsa-5012"},{"reference_url":"https://security.gentoo.org/glsa/202209-05","reference_id":"GLSA-202209-05","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-25T19:32:02Z/"}],"url":"https://security.gentoo.org/glsa/202209-05"},{"reference_url":"https://security.gentoo.org/glsa/202409-26","reference_id":"GLSA-202409-26","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202409-26"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GTYZWIXDFUV2H57YQZJWPOD3BC3I3EIQ/","reference_id":"GTYZWIXDFUV2H57YQZJWPOD3BC3I3EIQ","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-25T19:32:02Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GTYZWIXDFUV2H57YQZJWPOD3BC3I3EIQ/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GXTUWAWXVU37GRNIG4TPMA47THO6VAE6/","reference_id":"GXTUWAWXVU37GRNIG4TPMA47THO6VAE6","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-25T19:32:02Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GXTUWAWXVU37GRNIG4TPMA47THO6VAE6/"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2021/11/msg00008.html","reference_id":"msg00008.html","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-25T19:32:02Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2021/11/msg00008.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3884","reference_id":"RHSA-2021:3884","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3884"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3885","reference_id":"RHSA-2021:3885","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3885"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3886","reference_id":"RHSA-2021:3886","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3886"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3887","reference_id":"RHSA-2021:3887","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3887"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3889","reference_id":"RHSA-2021:3889","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3889"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3891","reference_id":"RHSA-2021:3891","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3891"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3892","reference_id":"RHSA-2021:3892","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3892"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3893","reference_id":"RHSA-2021:3893","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3893"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3960","reference_id":"RHSA-2021:3960","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3960"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3961","reference_id":"RHSA-2021:3961","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3961"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3967","reference_id":"RHSA-2021:3967","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3967"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3968","reference_id":"RHSA-2021:3968","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3968"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:4135","reference_id":"RHSA-2021:4135","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:4135"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:4531","reference_id":"RHSA-2021:4531","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:4531"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:4532","reference_id":"RHSA-2021:4532","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:4532"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:5030","reference_id":"RHSA-2021:5030","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:5030"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0310","reference_id":"RHSA-2022:0310","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0310"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0345","reference_id":"RHSA-2022:0345","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0345"},{"reference_url":"https://usn.ubuntu.com/5202-1/","reference_id":"USN-5202-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5202-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/933607?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.1%2B12-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.1%252B12-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933608?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.1%2B12-1%2Bdeb11u2?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.1%252B12-1%252Bdeb11u2%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933604?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.12%2B7-2~deb11u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1gha-995s-7qdg"},{"vulnerability":"VCID-57sd-8y93-qqhu"},{"vulnerability":"VCID-6r1k-8y1c-q7fm"},{"vulnerability":"VCID-jxgd-j4wr-tyb7"},{"vulnerability":"VCID-sz6r-65q1-q3bh"},{"vulnerability":"VCID-xte1-h9nn-4bbk"},{"vulnerability":"VCID-zsun-4q6p-8fek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.12%252B7-2~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933602?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1gha-995s-7qdg"},{"vulnerability":"VCID-57sd-8y93-qqhu"},{"vulnerability":"VCID-6r1k-8y1c-q7fm"},{"vulnerability":"VCID-jxgd-j4wr-tyb7"},{"vulnerability":"VCID-sz6r-65q1-q3bh"},{"vulnerability":"VCID-xte1-h9nn-4bbk"},{"vulnerability":"VCID-zsun-4q6p-8fek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.17%252B10-1~deb12u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933605?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~6ea-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~6ea-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1062446?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~9ea-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1067592?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~9ea-2?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-2%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1077466?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19%2B10-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19%252B10-1%3Fdistro=sid"}],"aliases":["CVE-2021-35586"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6zn4-b8k4-3bcn"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/74699?format=json","vulnerability_id":"VCID-76rb-sg3r-bqce","summary":"OpenJDK: potential UTF8 size overflow (8314794)","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21131.json","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21131.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-21131","reference_id":"","reference_type":"","scores":[{"value":"0.00442","scoring_system":"epss","scoring_elements":"0.63311","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00442","scoring_system":"epss","scoring_elements":"0.6333","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00442","scoring_system":"epss","scoring_elements":"0.63309","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00442","scoring_system":"epss","scoring_elements":"0.63328","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00442","scoring_system":"epss","scoring_elements":"0.63341","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00442","scoring_system":"epss","scoring_elements":"0.6334","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00442","scoring_system":"epss","scoring_elements":"0.63258","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00442","scoring_system":"epss","scoring_elements":"0.63287","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00442","scoring_system":"epss","scoring_elements":"0.63252","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00442","scoring_system":"epss","scoring_elements":"0.63303","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00442","scoring_system":"epss","scoring_elements":"0.63321","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00442","scoring_system":"epss","scoring_elements":"0.63338","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00442","scoring_system":"epss","scoring_elements":"0.63322","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00442","scoring_system":"epss","scoring_elements":"0.63286","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-21131"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21131","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21131"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21138","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21138"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21140","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21140"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21144","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21144"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21145","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21145"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21147","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21147"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2297961","reference_id":"2297961","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2297961"},{"reference_url":"https://www.oracle.com/security-alerts/cpujul2024.html","reference_id":"cpujul2024.html","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-17T13:34:16Z/"}],"url":"https://www.oracle.com/security-alerts/cpujul2024.html"},{"reference_url":"https://security.netapp.com/advisory/ntap-20240719-0008/","reference_id":"ntap-20240719-0008","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-17T13:34:16Z/"}],"url":"https://security.netapp.com/advisory/ntap-20240719-0008/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4560","reference_id":"RHSA-2024:4560","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4560"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4561","reference_id":"RHSA-2024:4561","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4561"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4562","reference_id":"RHSA-2024:4562","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4562"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4563","reference_id":"RHSA-2024:4563","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4563"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4564","reference_id":"RHSA-2024:4564","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4564"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4565","reference_id":"RHSA-2024:4565","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4565"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4566","reference_id":"RHSA-2024:4566","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4566"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4567","reference_id":"RHSA-2024:4567","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4567"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4568","reference_id":"RHSA-2024:4568","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4568"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4569","reference_id":"RHSA-2024:4569","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4569"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4570","reference_id":"RHSA-2024:4570","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4570"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4571","reference_id":"RHSA-2024:4571","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4571"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4572","reference_id":"RHSA-2024:4572","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4572"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4573","reference_id":"RHSA-2024:4573","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4573"},{"reference_url":"https://usn.ubuntu.com/6929-1/","reference_id":"USN-6929-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6929-1/"},{"reference_url":"https://usn.ubuntu.com/6930-1/","reference_id":"USN-6930-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6930-1/"},{"reference_url":"https://usn.ubuntu.com/6931-1/","reference_id":"USN-6931-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6931-1/"},{"reference_url":"https://usn.ubuntu.com/6932-1/","reference_id":"USN-6932-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6932-1/"},{"reference_url":"https://usn.ubuntu.com/7096-1/","reference_id":"USN-7096-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7096-1/"},{"reference_url":"https://usn.ubuntu.com/7097-1/","reference_id":"USN-7097-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7097-1/"},{"reference_url":"https://usn.ubuntu.com/7098-1/","reference_id":"USN-7098-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7098-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/933633?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.12%2B7-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.12%252B7-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933604?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.12%2B7-2~deb11u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1gha-995s-7qdg"},{"vulnerability":"VCID-57sd-8y93-qqhu"},{"vulnerability":"VCID-6r1k-8y1c-q7fm"},{"vulnerability":"VCID-jxgd-j4wr-tyb7"},{"vulnerability":"VCID-sz6r-65q1-q3bh"},{"vulnerability":"VCID-xte1-h9nn-4bbk"},{"vulnerability":"VCID-zsun-4q6p-8fek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.12%252B7-2~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933632?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.12%2B7-2~deb12u1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.12%252B7-2~deb12u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933602?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1gha-995s-7qdg"},{"vulnerability":"VCID-57sd-8y93-qqhu"},{"vulnerability":"VCID-6r1k-8y1c-q7fm"},{"vulnerability":"VCID-jxgd-j4wr-tyb7"},{"vulnerability":"VCID-sz6r-65q1-q3bh"},{"vulnerability":"VCID-xte1-h9nn-4bbk"},{"vulnerability":"VCID-zsun-4q6p-8fek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.17%252B10-1~deb12u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933605?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~6ea-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~6ea-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1062446?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~9ea-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1067592?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~9ea-2?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-2%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1077466?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19%2B10-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19%252B10-1%3Fdistro=sid"}],"aliases":["CVE-2024-21131"],"risk_score":1.6,"exploitability":"0.5","weighted_severity":"3.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-76rb-sg3r-bqce"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/31977?format=json","vulnerability_id":"VCID-8cup-qnc8-wudx","summary":"Multiple vulnerabilities have been discovered in OpenJDK, the worst of which could lead to remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-20952.json","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-20952.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-20952","reference_id":"","reference_type":"","scores":[{"value":"0.00324","scoring_system":"epss","scoring_elements":"0.55352","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00324","scoring_system":"epss","scoring_elements":"0.55466","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00324","scoring_system":"epss","scoring_elements":"0.55503","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00324","scoring_system":"epss","scoring_elements":"0.55506","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00324","scoring_system":"epss","scoring_elements":"0.55485","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00324","scoring_system":"epss","scoring_elements":"0.55409","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00324","scoring_system":"epss","scoring_elements":"0.55429","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00324","scoring_system":"epss","scoring_elements":"0.55402","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00324","scoring_system":"epss","scoring_elements":"0.55441","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00324","scoring_system":"epss","scoring_elements":"0.55465","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00324","scoring_system":"epss","scoring_elements":"0.55444","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00324","scoring_system":"epss","scoring_elements":"0.55495","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00324","scoring_system":"epss","scoring_elements":"0.55505","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00324","scoring_system":"epss","scoring_elements":"0.55483","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-20952"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20918","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20918"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20919","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20919"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20921","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20921"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20926","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20926"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20932","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20932"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20945","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20945"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20952","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20952"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2257837","reference_id":"2257837","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2257837"},{"reference_url":"https://security.gentoo.org/glsa/202412-07","reference_id":"GLSA-202412-07","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-07"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2024/01/msg00023.html","reference_id":"msg00023.html","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-01-25T05:01:04Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2024/01/msg00023.html"},{"reference_url":"https://security.netapp.com/advisory/ntap-20240201-0002/","reference_id":"ntap-20240201-0002","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-01-25T05:01:04Z/"}],"url":"https://security.netapp.com/advisory/ntap-20240201-0002/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0222","reference_id":"RHSA-2024:0222","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0222"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0223","reference_id":"RHSA-2024:0223","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0223"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0224","reference_id":"RHSA-2024:0224","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0224"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0225","reference_id":"RHSA-2024:0225","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0225"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0226","reference_id":"RHSA-2024:0226","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0226"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0228","reference_id":"RHSA-2024:0228","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0228"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0230","reference_id":"RHSA-2024:0230","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0230"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0231","reference_id":"RHSA-2024:0231","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0231"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0232","reference_id":"RHSA-2024:0232","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0232"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0233","reference_id":"RHSA-2024:0233","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0233"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0234","reference_id":"RHSA-2024:0234","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0234"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0235","reference_id":"RHSA-2024:0235","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0235"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0237","reference_id":"RHSA-2024:0237","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0237"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0239","reference_id":"RHSA-2024:0239","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0239"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0240","reference_id":"RHSA-2024:0240","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0240"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0241","reference_id":"RHSA-2024:0241","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0241"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0242","reference_id":"RHSA-2024:0242","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0242"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0244","reference_id":"RHSA-2024:0244","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0244"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0246","reference_id":"RHSA-2024:0246","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0246"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0247","reference_id":"RHSA-2024:0247","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0247"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0248","reference_id":"RHSA-2024:0248","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0248"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0249","reference_id":"RHSA-2024:0249","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0249"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0250","reference_id":"RHSA-2024:0250","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0250"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0265","reference_id":"RHSA-2024:0265","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0265"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0266","reference_id":"RHSA-2024:0266","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0266"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0267","reference_id":"RHSA-2024:0267","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0267"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1481","reference_id":"RHSA-2024:1481","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1481"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1482","reference_id":"RHSA-2024:1482","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1482"},{"reference_url":"https://usn.ubuntu.com/6660-1/","reference_id":"USN-6660-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6660-1/"},{"reference_url":"https://usn.ubuntu.com/6661-1/","reference_id":"USN-6661-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6661-1/"},{"reference_url":"https://usn.ubuntu.com/6662-1/","reference_id":"USN-6662-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6662-1/"},{"reference_url":"https://usn.ubuntu.com/6696-1/","reference_id":"USN-6696-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6696-1/"},{"reference_url":"https://usn.ubuntu.com/7096-1/","reference_id":"USN-7096-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7096-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/933627?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.10%2B7-1~deb11u1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.10%252B7-1~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933626?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.10%2B7-1~deb12u1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.10%252B7-1~deb12u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933628?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.10%2B7-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.10%252B7-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933604?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.12%2B7-2~deb11u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1gha-995s-7qdg"},{"vulnerability":"VCID-57sd-8y93-qqhu"},{"vulnerability":"VCID-6r1k-8y1c-q7fm"},{"vulnerability":"VCID-jxgd-j4wr-tyb7"},{"vulnerability":"VCID-sz6r-65q1-q3bh"},{"vulnerability":"VCID-xte1-h9nn-4bbk"},{"vulnerability":"VCID-zsun-4q6p-8fek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.12%252B7-2~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933602?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1gha-995s-7qdg"},{"vulnerability":"VCID-57sd-8y93-qqhu"},{"vulnerability":"VCID-6r1k-8y1c-q7fm"},{"vulnerability":"VCID-jxgd-j4wr-tyb7"},{"vulnerability":"VCID-sz6r-65q1-q3bh"},{"vulnerability":"VCID-xte1-h9nn-4bbk"},{"vulnerability":"VCID-zsun-4q6p-8fek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.17%252B10-1~deb12u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933605?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~6ea-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~6ea-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1062446?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~9ea-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1067592?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~9ea-2?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-2%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1077466?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19%2B10-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19%252B10-1%3Fdistro=sid"}],"aliases":["CVE-2024-20952"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8cup-qnc8-wudx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/78480?format=json","vulnerability_id":"VCID-8wud-7t2q-xfa3","summary":"OpenJDK: missing check for slash characters in URI-to-path conversion (8298667)","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-21968.json","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-21968.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-21968","reference_id":"","reference_type":"","scores":[{"value":"0.00077","scoring_system":"epss","scoring_elements":"0.2268","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00077","scoring_system":"epss","scoring_elements":"0.22959","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00077","scoring_system":"epss","scoring_elements":"0.22792","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00077","scoring_system":"epss","scoring_elements":"0.22786","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00077","scoring_system":"epss","scoring_elements":"0.2278","published_at":"2026-04-29T12:55:00Z"},{"value":"0.0008","scoring_system":"epss","scoring_elements":"0.23735","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0008","scoring_system":"epss","scoring_elements":"0.23693","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00088","scoring_system":"epss","scoring_elements":"0.2515","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00088","scoring_system":"epss","scoring_elements":"0.25098","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00088","scoring_system":"epss","scoring_elements":"0.25108","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00088","scoring_system":"epss","scoring_elements":"0.25099","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00088","scoring_system":"epss","scoring_elements":"0.25134","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00088","scoring_system":"epss","scoring_elements":"0.25193","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00088","scoring_system":"epss","scoring_elements":"0.25179","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00088","scoring_system":"epss","scoring_elements":"0.25064","published_at":"2026-04-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-21968"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21930","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21930"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21937","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21937"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21938","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21938"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21939","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21939"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21954","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21954"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21967","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21967"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21968","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21968"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22006","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22006"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22036","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22036"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22041","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22041"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22045","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22045"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22049","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22049"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1035957","reference_id":"1035957","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1035957"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036280","reference_id":"1036280","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036280"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2187802","reference_id":"2187802","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2187802"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1875","reference_id":"RHSA-2023:1875","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1875"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1877","reference_id":"RHSA-2023:1877","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1877"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1878","reference_id":"RHSA-2023:1878","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1878"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1879","reference_id":"RHSA-2023:1879","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1879"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1880","reference_id":"RHSA-2023:1880","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1880"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1882","reference_id":"RHSA-2023:1882","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1882"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1883","reference_id":"RHSA-2023:1883","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1883"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1884","reference_id":"RHSA-2023:1884","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1884"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1885","reference_id":"RHSA-2023:1885","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1885"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1889","reference_id":"RHSA-2023:1889","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1889"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1890","reference_id":"RHSA-2023:1890","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1890"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1891","reference_id":"RHSA-2023:1891","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1891"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1892","reference_id":"RHSA-2023:1892","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1892"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1895","reference_id":"RHSA-2023:1895","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1895"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1898","reference_id":"RHSA-2023:1898","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1898"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1899","reference_id":"RHSA-2023:1899","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1899"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1900","reference_id":"RHSA-2023:1900","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1900"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1903","reference_id":"RHSA-2023:1903","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1903"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1904","reference_id":"RHSA-2023:1904","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1904"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1905","reference_id":"RHSA-2023:1905","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1905"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1906","reference_id":"RHSA-2023:1906","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1906"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1907","reference_id":"RHSA-2023:1907","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1907"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1908","reference_id":"RHSA-2023:1908","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1908"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1909","reference_id":"RHSA-2023:1909","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1909"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1910","reference_id":"RHSA-2023:1910","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1910"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1911","reference_id":"RHSA-2023:1911","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1911"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1912","reference_id":"RHSA-2023:1912","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1912"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4103","reference_id":"RHSA-2023:4103","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4103"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4160","reference_id":"RHSA-2023:4160","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4160"},{"reference_url":"https://usn.ubuntu.com/6077-1/","reference_id":"USN-6077-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6077-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/933619?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.7%2B7-1~deb11u1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.7%252B7-1~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933618?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.7%2B7-1~deb12u1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.7%252B7-1~deb12u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933620?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.7%2B7-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.7%252B7-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933604?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.12%2B7-2~deb11u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1gha-995s-7qdg"},{"vulnerability":"VCID-57sd-8y93-qqhu"},{"vulnerability":"VCID-6r1k-8y1c-q7fm"},{"vulnerability":"VCID-jxgd-j4wr-tyb7"},{"vulnerability":"VCID-sz6r-65q1-q3bh"},{"vulnerability":"VCID-xte1-h9nn-4bbk"},{"vulnerability":"VCID-zsun-4q6p-8fek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.12%252B7-2~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933602?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1gha-995s-7qdg"},{"vulnerability":"VCID-57sd-8y93-qqhu"},{"vulnerability":"VCID-6r1k-8y1c-q7fm"},{"vulnerability":"VCID-jxgd-j4wr-tyb7"},{"vulnerability":"VCID-sz6r-65q1-q3bh"},{"vulnerability":"VCID-xte1-h9nn-4bbk"},{"vulnerability":"VCID-zsun-4q6p-8fek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.17%252B10-1~deb12u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933605?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~6ea-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~6ea-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1062446?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~9ea-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1067592?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~9ea-2?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-2%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1077466?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19%2B10-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19%252B10-1%3Fdistro=sid"}],"aliases":["CVE-2023-21968"],"risk_score":1.6,"exploitability":"0.5","weighted_severity":"3.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8wud-7t2q-xfa3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/34346?format=json","vulnerability_id":"VCID-97bv-kegv-uyd9","summary":"Multiple vulnerabilities have been found in OpenJDK, the worst of which could result in denial of service.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-35567.json","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-35567.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-35567","reference_id":"","reference_type":"","scores":[{"value":"0.00162","scoring_system":"epss","scoring_elements":"0.36559","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00162","scoring_system":"epss","scoring_elements":"0.37028","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00162","scoring_system":"epss","scoring_elements":"0.36795","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00162","scoring_system":"epss","scoring_elements":"0.36763","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00162","scoring_system":"epss","scoring_elements":"0.36676","published_at":"2026-04-29T12:55:00Z"},{"value":"0.0022","scoring_system":"epss","scoring_elements":"0.44638","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0022","scoring_system":"epss","scoring_elements":"0.44617","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0022","scoring_system":"epss","scoring_elements":"0.44539","published_at":"2026-04-01T12:55:00Z"},{"value":"0.0022","scoring_system":"epss","scoring_elements":"0.44666","published_at":"2026-04-18T12:55:00Z"},{"value":"0.0022","scoring_system":"epss","scoring_elements":"0.44673","published_at":"2026-04-16T12:55:00Z"},{"value":"0.0022","scoring_system":"epss","scoring_elements":"0.44618","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0022","scoring_system":"epss","scoring_elements":"0.44647","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0022","scoring_system":"epss","scoring_elements":"0.4463","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0022","scoring_system":"epss","scoring_elements":"0.44628","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0022","scoring_system":"epss","scoring_elements":"0.44576","published_at":"2026-04-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-35567"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35550","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35550"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35556","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35556"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35559","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35559"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35561","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35561"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35564","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35564"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35565","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35565"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35567","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35567"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35578","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35578"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35586","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35586"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35603","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35603"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2015658","reference_id":"2015658","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2015658"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6EUURAQOIJYFZHQ7DFZCO6IKDPIAWTNK/","reference_id":"6EUURAQOIJYFZHQ7DFZCO6IKDPIAWTNK","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-25T19:14:55Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6EUURAQOIJYFZHQ7DFZCO6IKDPIAWTNK/"},{"reference_url":"https://security.archlinux.org/AVG-2477","reference_id":"AVG-2477","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2477"},{"reference_url":"https://security.archlinux.org/AVG-2478","reference_id":"AVG-2478","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2478"},{"reference_url":"https://security.archlinux.org/AVG-2479","reference_id":"AVG-2479","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2479"},{"reference_url":"https://www.debian.org/security/2021/dsa-5000","reference_id":"dsa-5000","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-25T19:14:55Z/"}],"url":"https://www.debian.org/security/2021/dsa-5000"},{"reference_url":"https://www.debian.org/security/2021/dsa-5012","reference_id":"dsa-5012","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-25T19:14:55Z/"}],"url":"https://www.debian.org/security/2021/dsa-5012"},{"reference_url":"https://security.gentoo.org/glsa/202209-05","reference_id":"GLSA-202209-05","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-25T19:14:55Z/"}],"url":"https://security.gentoo.org/glsa/202209-05"},{"reference_url":"https://security.gentoo.org/glsa/202409-26","reference_id":"GLSA-202409-26","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202409-26"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GTYZWIXDFUV2H57YQZJWPOD3BC3I3EIQ/","reference_id":"GTYZWIXDFUV2H57YQZJWPOD3BC3I3EIQ","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-25T19:14:55Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GTYZWIXDFUV2H57YQZJWPOD3BC3I3EIQ/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GXTUWAWXVU37GRNIG4TPMA47THO6VAE6/","reference_id":"GXTUWAWXVU37GRNIG4TPMA47THO6VAE6","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-25T19:14:55Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GXTUWAWXVU37GRNIG4TPMA47THO6VAE6/"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2021/11/msg00008.html","reference_id":"msg00008.html","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-25T19:14:55Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2021/11/msg00008.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3884","reference_id":"RHSA-2021:3884","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3884"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3885","reference_id":"RHSA-2021:3885","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3885"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3886","reference_id":"RHSA-2021:3886","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3886"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3887","reference_id":"RHSA-2021:3887","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3887"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3889","reference_id":"RHSA-2021:3889","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3889"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3891","reference_id":"RHSA-2021:3891","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3891"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3892","reference_id":"RHSA-2021:3892","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3892"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3893","reference_id":"RHSA-2021:3893","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3893"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3960","reference_id":"RHSA-2021:3960","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3960"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3961","reference_id":"RHSA-2021:3961","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3961"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3967","reference_id":"RHSA-2021:3967","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3967"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3968","reference_id":"RHSA-2021:3968","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3968"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:4135","reference_id":"RHSA-2021:4135","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:4135"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:4531","reference_id":"RHSA-2021:4531","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:4531"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:4532","reference_id":"RHSA-2021:4532","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:4532"},{"reference_url":"https://usn.ubuntu.com/5202-1/","reference_id":"USN-5202-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5202-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/933607?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.1%2B12-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.1%252B12-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933608?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.1%2B12-1%2Bdeb11u2?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.1%252B12-1%252Bdeb11u2%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933604?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.12%2B7-2~deb11u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1gha-995s-7qdg"},{"vulnerability":"VCID-57sd-8y93-qqhu"},{"vulnerability":"VCID-6r1k-8y1c-q7fm"},{"vulnerability":"VCID-jxgd-j4wr-tyb7"},{"vulnerability":"VCID-sz6r-65q1-q3bh"},{"vulnerability":"VCID-xte1-h9nn-4bbk"},{"vulnerability":"VCID-zsun-4q6p-8fek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.12%252B7-2~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933602?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1gha-995s-7qdg"},{"vulnerability":"VCID-57sd-8y93-qqhu"},{"vulnerability":"VCID-6r1k-8y1c-q7fm"},{"vulnerability":"VCID-jxgd-j4wr-tyb7"},{"vulnerability":"VCID-sz6r-65q1-q3bh"},{"vulnerability":"VCID-xte1-h9nn-4bbk"},{"vulnerability":"VCID-zsun-4q6p-8fek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.17%252B10-1~deb12u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933605?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~6ea-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~6ea-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1062446?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~9ea-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1067592?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~9ea-2?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-2%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1077466?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19%2B10-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19%252B10-1%3Fdistro=sid"}],"aliases":["CVE-2021-35567"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-97bv-kegv-uyd9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/34368?format=json","vulnerability_id":"VCID-98bc-5jrc-5kas","summary":"Multiple vulnerabilities have been found in OpenJDK, the worst of which could result in denial of service.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21341.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21341.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-21341","reference_id":"","reference_type":"","scores":[{"value":"0.00112","scoring_system":"epss","scoring_elements":"0.29741","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00112","scoring_system":"epss","scoring_elements":"0.29788","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00112","scoring_system":"epss","scoring_elements":"0.29607","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00112","scoring_system":"epss","scoring_elements":"0.29669","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00112","scoring_system":"epss","scoring_elements":"0.29706","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00112","scoring_system":"epss","scoring_elements":"0.29709","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00112","scoring_system":"epss","scoring_elements":"0.29664","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00112","scoring_system":"epss","scoring_elements":"0.29614","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00112","scoring_system":"epss","scoring_elements":"0.29633","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00112","scoring_system":"epss","scoring_elements":"0.29608","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00112","scoring_system":"epss","scoring_elements":"0.29563","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00112","scoring_system":"epss","scoring_elements":"0.29469","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00112","scoring_system":"epss","scoring_elements":"0.29356","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00112","scoring_system":"epss","scoring_elements":"0.29293","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00112","scoring_system":"epss","scoring_elements":"0.29145","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-21341"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21248","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21248"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21277","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21277"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21282","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21282"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21283","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21283"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21291","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21291"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21293","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21293"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21294","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21294"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21296","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21296"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21299","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21299"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21305","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21305"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21340","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21340"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21341","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21341"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21360","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21360"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21365","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21365"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21366","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21366"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2041897","reference_id":"2041897","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2041897"},{"reference_url":"https://security.gentoo.org/glsa/202209-05","reference_id":"GLSA-202209-05","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202209-05"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0161","reference_id":"RHSA-2022:0161","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0161"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0165","reference_id":"RHSA-2022:0165","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0165"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0166","reference_id":"RHSA-2022:0166","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0166"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0185","reference_id":"RHSA-2022:0185","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0185"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0204","reference_id":"RHSA-2022:0204","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0204"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0209","reference_id":"RHSA-2022:0209","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0209"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0211","reference_id":"RHSA-2022:0211","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0211"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0228","reference_id":"RHSA-2022:0228","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0228"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0229","reference_id":"RHSA-2022:0229","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0229"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0233","reference_id":"RHSA-2022:0233","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0233"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0304","reference_id":"RHSA-2022:0304","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0304"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0305","reference_id":"RHSA-2022:0305","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0305"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0306","reference_id":"RHSA-2022:0306","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0306"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0307","reference_id":"RHSA-2022:0307","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0307"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0312","reference_id":"RHSA-2022:0312","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0312"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0317","reference_id":"RHSA-2022:0317","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0317"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0321","reference_id":"RHSA-2022:0321","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0321"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0968","reference_id":"RHSA-2022:0968","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0968"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0969","reference_id":"RHSA-2022:0969","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0969"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0970","reference_id":"RHSA-2022:0970","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0970"},{"reference_url":"https://usn.ubuntu.com/5313-1/","reference_id":"USN-5313-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5313-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/933610?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.2%2B8-1~deb11u1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.2%252B8-1~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933609?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.2%2B8-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.2%252B8-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933604?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.12%2B7-2~deb11u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1gha-995s-7qdg"},{"vulnerability":"VCID-57sd-8y93-qqhu"},{"vulnerability":"VCID-6r1k-8y1c-q7fm"},{"vulnerability":"VCID-jxgd-j4wr-tyb7"},{"vulnerability":"VCID-sz6r-65q1-q3bh"},{"vulnerability":"VCID-xte1-h9nn-4bbk"},{"vulnerability":"VCID-zsun-4q6p-8fek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.12%252B7-2~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933602?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1gha-995s-7qdg"},{"vulnerability":"VCID-57sd-8y93-qqhu"},{"vulnerability":"VCID-6r1k-8y1c-q7fm"},{"vulnerability":"VCID-jxgd-j4wr-tyb7"},{"vulnerability":"VCID-sz6r-65q1-q3bh"},{"vulnerability":"VCID-xte1-h9nn-4bbk"},{"vulnerability":"VCID-zsun-4q6p-8fek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.17%252B10-1~deb12u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933605?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~6ea-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~6ea-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1062446?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~9ea-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1067592?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~9ea-2?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-2%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1077466?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19%2B10-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19%252B10-1%3Fdistro=sid"}],"aliases":["CVE-2022-21341"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-98bc-5jrc-5kas"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/31980?format=json","vulnerability_id":"VCID-9n5v-4daz-eyc2","summary":"Multiple vulnerabilities have been discovered in OpenJDK, the worst of which could lead to remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21217.json","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21217.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-21217","reference_id":"","reference_type":"","scores":[{"value":"0.00096","scoring_system":"epss","scoring_elements":"0.26296","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00096","scoring_system":"epss","scoring_elements":"0.26493","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00096","scoring_system":"epss","scoring_elements":"0.26487","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00096","scoring_system":"epss","scoring_elements":"0.26428","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00096","scoring_system":"epss","scoring_elements":"0.26767","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00096","scoring_system":"epss","scoring_elements":"0.26807","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00096","scoring_system":"epss","scoring_elements":"0.26591","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00096","scoring_system":"epss","scoring_elements":"0.26658","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00096","scoring_system":"epss","scoring_elements":"0.26708","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00096","scoring_system":"epss","scoring_elements":"0.26713","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00096","scoring_system":"epss","scoring_elements":"0.26668","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00096","scoring_system":"epss","scoring_elements":"0.26611","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00096","scoring_system":"epss","scoring_elements":"0.26618","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00096","scoring_system":"epss","scoring_elements":"0.26589","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00096","scoring_system":"epss","scoring_elements":"0.26551","published_at":"2026-04-21T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-21217"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21217","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21217"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1085696","reference_id":"1085696","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1085696"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2318530","reference_id":"2318530","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2318530"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm:20.3.15:*:*:*:enterprise:*:*:*","reference_id":"cpe:2.3:a:oracle:graalvm:20.3.15:*:*:*:enterprise:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm:20.3.15:*:*:*:enterprise:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm:21.3.11:*:*:*:enterprise:*:*:*","reference_id":"cpe:2.3:a:oracle:graalvm:21.3.11:*:*:*:enterprise:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm:21.3.11:*:*:*:enterprise:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:17.0.12:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:graalvm_for_jdk:17.0.12:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:17.0.12:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:21.0.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:graalvm_for_jdk:21.0.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:21.0.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:23:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:graalvm_for_jdk:23:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:23:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:11.0.24:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:java_se:11.0.24:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:11.0.24:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:17.0.12:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:java_se:17.0.12:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:17.0.12:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:21.0.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:java_se:21.0.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:21.0.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:23:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:java_se:23:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:23:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:8u421:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:java_se:8u421:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:8u421:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:8u421:*:*:*:enterprise_performance:*:*:*","reference_id":"cpe:2.3:a:oracle:java_se:8u421:*:*:*:enterprise_performance:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:8u421:*:*:*:enterprise_performance:*:*:*"},{"reference_url":"https://security.gentoo.org/glsa/202412-07","reference_id":"GLSA-202412-07","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-07"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10926","reference_id":"RHSA-2024:10926","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10926"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8116","reference_id":"RHSA-2024:8116","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8116"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8117","reference_id":"RHSA-2024:8117","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8117"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8118","reference_id":"RHSA-2024:8118","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8118"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8119","reference_id":"RHSA-2024:8119","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8119"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8120","reference_id":"RHSA-2024:8120","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8120"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8121","reference_id":"RHSA-2024:8121","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8121"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8122","reference_id":"RHSA-2024:8122","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8122"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8123","reference_id":"RHSA-2024:8123","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8123"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8124","reference_id":"RHSA-2024:8124","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8124"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8125","reference_id":"RHSA-2024:8125","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8125"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8126","reference_id":"RHSA-2024:8126","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8126"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8127","reference_id":"RHSA-2024:8127","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8127"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8128","reference_id":"RHSA-2024:8128","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8128"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8129","reference_id":"RHSA-2024:8129","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8129"},{"reference_url":"https://usn.ubuntu.com/7096-1/","reference_id":"USN-7096-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7096-1/"},{"reference_url":"https://usn.ubuntu.com/7097-1/","reference_id":"USN-7097-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7097-1/"},{"reference_url":"https://usn.ubuntu.com/7098-1/","reference_id":"USN-7098-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7098-1/"},{"reference_url":"https://usn.ubuntu.com/7099-1/","reference_id":"USN-7099-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7099-1/"},{"reference_url":"https://usn.ubuntu.com/7124-1/","reference_id":"USN-7124-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7124-1/"},{"reference_url":"https://usn.ubuntu.com/7338-1/","reference_id":"USN-7338-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7338-1/"},{"reference_url":"https://usn.ubuntu.com/7339-1/","reference_id":"USN-7339-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7339-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/933604?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.12%2B7-2~deb11u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1gha-995s-7qdg"},{"vulnerability":"VCID-57sd-8y93-qqhu"},{"vulnerability":"VCID-6r1k-8y1c-q7fm"},{"vulnerability":"VCID-jxgd-j4wr-tyb7"},{"vulnerability":"VCID-sz6r-65q1-q3bh"},{"vulnerability":"VCID-xte1-h9nn-4bbk"},{"vulnerability":"VCID-zsun-4q6p-8fek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.12%252B7-2~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933635?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.13%2B11-1~deb11u1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.13%252B11-1~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933636?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.13%2B11-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.13%252B11-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933634?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.13%2B11-2~deb12u1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.13%252B11-2~deb12u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933602?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1gha-995s-7qdg"},{"vulnerability":"VCID-57sd-8y93-qqhu"},{"vulnerability":"VCID-6r1k-8y1c-q7fm"},{"vulnerability":"VCID-jxgd-j4wr-tyb7"},{"vulnerability":"VCID-sz6r-65q1-q3bh"},{"vulnerability":"VCID-xte1-h9nn-4bbk"},{"vulnerability":"VCID-zsun-4q6p-8fek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.17%252B10-1~deb12u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933605?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~6ea-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~6ea-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1062446?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~9ea-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1067592?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~9ea-2?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-2%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1077466?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19%2B10-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19%252B10-1%3Fdistro=sid"}],"aliases":["CVE-2024-21217"],"risk_score":1.6,"exploitability":"0.5","weighted_severity":"3.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9n5v-4daz-eyc2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/76841?format=json","vulnerability_id":"VCID-9urr-3gt2-mfhe","summary":"OpenJDK: long Exception message leading to crash (8319851)","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21011.json","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21011.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-21011","reference_id":"","reference_type":"","scores":[{"value":"0.00339","scoring_system":"epss","scoring_elements":"0.56596","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00339","scoring_system":"epss","scoring_elements":"0.56721","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00339","scoring_system":"epss","scoring_elements":"0.567","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00339","scoring_system":"epss","scoring_elements":"0.56731","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00339","scoring_system":"epss","scoring_elements":"0.56729","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00339","scoring_system":"epss","scoring_elements":"0.56702","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00339","scoring_system":"epss","scoring_elements":"0.56641","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00339","scoring_system":"epss","scoring_elements":"0.56658","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00339","scoring_system":"epss","scoring_elements":"0.5668","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00339","scoring_system":"epss","scoring_elements":"0.56701","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00339","scoring_system":"epss","scoring_elements":"0.56732","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00339","scoring_system":"epss","scoring_elements":"0.56736","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00339","scoring_system":"epss","scoring_elements":"0.56745","published_at":"2026-04-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-21011"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21011","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21011"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21012","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21012"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21068","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21068"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21085","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21085"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21094","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21094"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1069678","reference_id":"1069678","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1069678"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2274977","reference_id":"2274977","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2274977"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm:20.3.13:*:*:*:enterprise:*:*:*","reference_id":"cpe:2.3:a:oracle:graalvm:20.3.13:*:*:*:enterprise:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm:20.3.13:*:*:*:enterprise:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm:21.3.9:*:*:*:enterprise:*:*:*","reference_id":"cpe:2.3:a:oracle:graalvm:21.3.9:*:*:*:enterprise:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm:21.3.9:*:*:*:enterprise:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:17.0.10:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:graalvm_for_jdk:17.0.10:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:17.0.10:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:21.0.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:graalvm_for_jdk:21.0.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:21.0.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:22:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:graalvm_for_jdk:22:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:22:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:11.0.22:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:java_se:11.0.22:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:11.0.22:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:17.0.10:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:java_se:17.0.10:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:17.0.10:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:21.0.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:java_se:21.0.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:21.0.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:22:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:java_se:22:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:22:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:8u401:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:java_se:8u401:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:8u401:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:8u401:*:*:*:enterprise_performance:*:*:*","reference_id":"cpe:2.3:a:oracle:java_se:8u401:*:*:*:enterprise_performance:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:8u401:*:*:*:enterprise_performance:*:*:*"},{"reference_url":"https://www.oracle.com/security-alerts/cpuapr2024.html","reference_id":"cpuapr2024.html","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-26T15:16:14Z/"}],"url":"https://www.oracle.com/security-alerts/cpuapr2024.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2024/04/msg00014.html","reference_id":"msg00014.html","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-26T15:16:14Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2024/04/msg00014.html"},{"reference_url":"https://security.netapp.com/advisory/ntap-20240426-0004/","reference_id":"ntap-20240426-0004","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-26T15:16:14Z/"}],"url":"https://security.netapp.com/advisory/ntap-20240426-0004/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1815","reference_id":"RHSA-2024:1815","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1815"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1816","reference_id":"RHSA-2024:1816","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1816"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1817","reference_id":"RHSA-2024:1817","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1817"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1818","reference_id":"RHSA-2024:1818","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1818"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1819","reference_id":"RHSA-2024:1819","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1819"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1820","reference_id":"RHSA-2024:1820","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1820"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1821","reference_id":"RHSA-2024:1821","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1821"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1822","reference_id":"RHSA-2024:1822","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1822"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1823","reference_id":"RHSA-2024:1823","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1823"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1824","reference_id":"RHSA-2024:1824","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1824"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1825","reference_id":"RHSA-2024:1825","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1825"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1826","reference_id":"RHSA-2024:1826","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1826"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1827","reference_id":"RHSA-2024:1827","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1827"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1828","reference_id":"RHSA-2024:1828","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1828"},{"reference_url":"https://usn.ubuntu.com/6810-1/","reference_id":"USN-6810-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6810-1/"},{"reference_url":"https://usn.ubuntu.com/6811-1/","reference_id":"USN-6811-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6811-1/"},{"reference_url":"https://usn.ubuntu.com/6812-1/","reference_id":"USN-6812-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6812-1/"},{"reference_url":"https://usn.ubuntu.com/6813-1/","reference_id":"USN-6813-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6813-1/"},{"reference_url":"https://usn.ubuntu.com/7096-1/","reference_id":"USN-7096-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7096-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/933630?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.11%2B9-1~deb11u1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.11%252B9-1~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933629?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.11%2B9-1~deb12u1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.11%252B9-1~deb12u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933631?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.11%2B9-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.11%252B9-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933604?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.12%2B7-2~deb11u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1gha-995s-7qdg"},{"vulnerability":"VCID-57sd-8y93-qqhu"},{"vulnerability":"VCID-6r1k-8y1c-q7fm"},{"vulnerability":"VCID-jxgd-j4wr-tyb7"},{"vulnerability":"VCID-sz6r-65q1-q3bh"},{"vulnerability":"VCID-xte1-h9nn-4bbk"},{"vulnerability":"VCID-zsun-4q6p-8fek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.12%252B7-2~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933602?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1gha-995s-7qdg"},{"vulnerability":"VCID-57sd-8y93-qqhu"},{"vulnerability":"VCID-6r1k-8y1c-q7fm"},{"vulnerability":"VCID-jxgd-j4wr-tyb7"},{"vulnerability":"VCID-sz6r-65q1-q3bh"},{"vulnerability":"VCID-xte1-h9nn-4bbk"},{"vulnerability":"VCID-zsun-4q6p-8fek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.17%252B10-1~deb12u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933605?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~6ea-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~6ea-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1062446?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~9ea-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1067592?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~9ea-2?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-2%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1077466?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19%2B10-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19%252B10-1%3Fdistro=sid"}],"aliases":["CVE-2024-21011"],"risk_score":1.6,"exploitability":"0.5","weighted_severity":"3.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9urr-3gt2-mfhe"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/78477?format=json","vulnerability_id":"VCID-9uzg-sja9-hkcy","summary":"OpenJDK: Swing HTML parsing issue (8296832)","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-21939.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-21939.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-21939","reference_id":"","reference_type":"","scores":[{"value":"0.018","scoring_system":"epss","scoring_elements":"0.82881","published_at":"2026-05-05T12:55:00Z"},{"value":"0.018","scoring_system":"epss","scoring_elements":"0.82825","published_at":"2026-04-21T12:55:00Z"},{"value":"0.018","scoring_system":"epss","scoring_elements":"0.82848","published_at":"2026-04-24T12:55:00Z"},{"value":"0.018","scoring_system":"epss","scoring_elements":"0.82857","published_at":"2026-04-26T12:55:00Z"},{"value":"0.018","scoring_system":"epss","scoring_elements":"0.82861","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01861","scoring_system":"epss","scoring_elements":"0.83053","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01861","scoring_system":"epss","scoring_elements":"0.83087","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01861","scoring_system":"epss","scoring_elements":"0.83048","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01861","scoring_system":"epss","scoring_elements":"0.83014","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01861","scoring_system":"epss","scoring_elements":"0.83012","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01861","scoring_system":"epss","scoring_elements":"0.83037","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01861","scoring_system":"epss","scoring_elements":"0.83044","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01861","scoring_system":"epss","scoring_elements":"0.83059","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01861","scoring_system":"epss","scoring_elements":"0.83001","published_at":"2026-04-02T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-21939"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21930","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21930"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21937","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21937"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21938","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21938"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21939","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21939"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21954","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21954"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21967","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21967"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21968","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21968"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22006","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22006"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22036","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22036"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22041","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22041"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22045","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22045"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22049","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22049"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1035957","reference_id":"1035957","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1035957"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036280","reference_id":"1036280","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036280"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2187724","reference_id":"2187724","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2187724"},{"reference_url":"https://www.debian.org/security/2023/dsa-5430","reference_id":"dsa-5430","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-05T19:26:29Z/"}],"url":"https://www.debian.org/security/2023/dsa-5430"},{"reference_url":"https://www.debian.org/security/2023/dsa-5478","reference_id":"dsa-5478","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-05T19:26:29Z/"}],"url":"https://www.debian.org/security/2023/dsa-5478"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2023/09/msg00018.html","reference_id":"msg00018.html","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-05T19:26:29Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2023/09/msg00018.html"},{"reference_url":"https://security.netapp.com/advisory/ntap-20230427-0008/","reference_id":"ntap-20230427-0008","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-05T19:26:29Z/"}],"url":"https://security.netapp.com/advisory/ntap-20230427-0008/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1875","reference_id":"RHSA-2023:1875","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1875"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1877","reference_id":"RHSA-2023:1877","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1877"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1878","reference_id":"RHSA-2023:1878","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1878"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1879","reference_id":"RHSA-2023:1879","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1879"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1880","reference_id":"RHSA-2023:1880","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1880"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1882","reference_id":"RHSA-2023:1882","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1882"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1883","reference_id":"RHSA-2023:1883","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1883"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1884","reference_id":"RHSA-2023:1884","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1884"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1885","reference_id":"RHSA-2023:1885","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1885"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1889","reference_id":"RHSA-2023:1889","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1889"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1890","reference_id":"RHSA-2023:1890","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1890"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1891","reference_id":"RHSA-2023:1891","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1891"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1892","reference_id":"RHSA-2023:1892","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1892"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1895","reference_id":"RHSA-2023:1895","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1895"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1898","reference_id":"RHSA-2023:1898","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1898"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1899","reference_id":"RHSA-2023:1899","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1899"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1900","reference_id":"RHSA-2023:1900","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1900"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1903","reference_id":"RHSA-2023:1903","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1903"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1904","reference_id":"RHSA-2023:1904","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1904"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1905","reference_id":"RHSA-2023:1905","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1905"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1906","reference_id":"RHSA-2023:1906","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1906"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1907","reference_id":"RHSA-2023:1907","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1907"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1908","reference_id":"RHSA-2023:1908","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1908"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1909","reference_id":"RHSA-2023:1909","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1909"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1910","reference_id":"RHSA-2023:1910","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1910"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1911","reference_id":"RHSA-2023:1911","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1911"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1912","reference_id":"RHSA-2023:1912","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1912"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4103","reference_id":"RHSA-2023:4103","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4103"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4160","reference_id":"RHSA-2023:4160","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4160"},{"reference_url":"https://usn.ubuntu.com/6077-1/","reference_id":"USN-6077-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6077-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/933619?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.7%2B7-1~deb11u1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.7%252B7-1~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933618?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.7%2B7-1~deb12u1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.7%252B7-1~deb12u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933620?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.7%2B7-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.7%252B7-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933604?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.12%2B7-2~deb11u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1gha-995s-7qdg"},{"vulnerability":"VCID-57sd-8y93-qqhu"},{"vulnerability":"VCID-6r1k-8y1c-q7fm"},{"vulnerability":"VCID-jxgd-j4wr-tyb7"},{"vulnerability":"VCID-sz6r-65q1-q3bh"},{"vulnerability":"VCID-xte1-h9nn-4bbk"},{"vulnerability":"VCID-zsun-4q6p-8fek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.12%252B7-2~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933602?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1gha-995s-7qdg"},{"vulnerability":"VCID-57sd-8y93-qqhu"},{"vulnerability":"VCID-6r1k-8y1c-q7fm"},{"vulnerability":"VCID-jxgd-j4wr-tyb7"},{"vulnerability":"VCID-sz6r-65q1-q3bh"},{"vulnerability":"VCID-xte1-h9nn-4bbk"},{"vulnerability":"VCID-zsun-4q6p-8fek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.17%252B10-1~deb12u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933605?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~6ea-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~6ea-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1062446?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~9ea-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1067592?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~9ea-2?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-2%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1077466?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19%2B10-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19%252B10-1%3Fdistro=sid"}],"aliases":["CVE-2023-21939"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9uzg-sja9-hkcy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/31968?format=json","vulnerability_id":"VCID-a282-ksr4-j3cu","summary":"Multiple vulnerabilities have been discovered in OpenJDK, the worst of which could lead to remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-22081.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-22081.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-22081","reference_id":"","reference_type":"","scores":[{"value":"0.00097","scoring_system":"epss","scoring_elements":"0.26809","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00097","scoring_system":"epss","scoring_elements":"0.26849","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00097","scoring_system":"epss","scoring_elements":"0.26634","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00097","scoring_system":"epss","scoring_elements":"0.26702","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00097","scoring_system":"epss","scoring_elements":"0.26753","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00097","scoring_system":"epss","scoring_elements":"0.26756","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00097","scoring_system":"epss","scoring_elements":"0.26712","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00097","scoring_system":"epss","scoring_elements":"0.26655","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00097","scoring_system":"epss","scoring_elements":"0.26664","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00097","scoring_system":"epss","scoring_elements":"0.26636","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00097","scoring_system":"epss","scoring_elements":"0.26599","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00097","scoring_system":"epss","scoring_elements":"0.2654","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00097","scoring_system":"epss","scoring_elements":"0.26533","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00097","scoring_system":"epss","scoring_elements":"0.2646","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00097","scoring_system":"epss","scoring_elements":"0.26327","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-22081"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22025","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22025"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22081","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22081"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2243627","reference_id":"2243627","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2243627"},{"reference_url":"https://security.gentoo.org/glsa/202412-07","reference_id":"GLSA-202412-07","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-07"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5725","reference_id":"RHSA-2023:5725","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5725"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5726","reference_id":"RHSA-2023:5726","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5726"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5727","reference_id":"RHSA-2023:5727","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5727"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5728","reference_id":"RHSA-2023:5728","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5728"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5729","reference_id":"RHSA-2023:5729","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5729"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5730","reference_id":"RHSA-2023:5730","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5730"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5731","reference_id":"RHSA-2023:5731","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5731"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5732","reference_id":"RHSA-2023:5732","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5732"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5733","reference_id":"RHSA-2023:5733","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5733"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5734","reference_id":"RHSA-2023:5734","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5734"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5735","reference_id":"RHSA-2023:5735","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5735"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5736","reference_id":"RHSA-2023:5736","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5736"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5737","reference_id":"RHSA-2023:5737","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5737"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5739","reference_id":"RHSA-2023:5739","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5739"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5740","reference_id":"RHSA-2023:5740","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5740"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5741","reference_id":"RHSA-2023:5741","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5741"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5742","reference_id":"RHSA-2023:5742","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5742"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5743","reference_id":"RHSA-2023:5743","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5743"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5744","reference_id":"RHSA-2023:5744","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5744"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5745","reference_id":"RHSA-2023:5745","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5745"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5746","reference_id":"RHSA-2023:5746","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5746"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5747","reference_id":"RHSA-2023:5747","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5747"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5750","reference_id":"RHSA-2023:5750","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5750"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5751","reference_id":"RHSA-2023:5751","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5751"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5752","reference_id":"RHSA-2023:5752","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5752"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5753","reference_id":"RHSA-2023:5753","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5753"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5761","reference_id":"RHSA-2023:5761","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5761"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6738","reference_id":"RHSA-2023:6738","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6738"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6887","reference_id":"RHSA-2023:6887","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6887"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0866","reference_id":"RHSA-2024:0866","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0866"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0879","reference_id":"RHSA-2024:0879","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0879"},{"reference_url":"https://usn.ubuntu.com/6527-1/","reference_id":"USN-6527-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6527-1/"},{"reference_url":"https://usn.ubuntu.com/6528-1/","reference_id":"USN-6528-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6528-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/933624?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.9%2B9-1~deb11u1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.9%252B9-1~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933623?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.9%2B9-1~deb12u1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.9%252B9-1~deb12u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933625?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.9%2B9-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.9%252B9-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933604?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.12%2B7-2~deb11u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1gha-995s-7qdg"},{"vulnerability":"VCID-57sd-8y93-qqhu"},{"vulnerability":"VCID-6r1k-8y1c-q7fm"},{"vulnerability":"VCID-jxgd-j4wr-tyb7"},{"vulnerability":"VCID-sz6r-65q1-q3bh"},{"vulnerability":"VCID-xte1-h9nn-4bbk"},{"vulnerability":"VCID-zsun-4q6p-8fek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.12%252B7-2~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933602?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1gha-995s-7qdg"},{"vulnerability":"VCID-57sd-8y93-qqhu"},{"vulnerability":"VCID-6r1k-8y1c-q7fm"},{"vulnerability":"VCID-jxgd-j4wr-tyb7"},{"vulnerability":"VCID-sz6r-65q1-q3bh"},{"vulnerability":"VCID-xte1-h9nn-4bbk"},{"vulnerability":"VCID-zsun-4q6p-8fek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.17%252B10-1~deb12u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933605?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~6ea-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~6ea-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1062446?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~9ea-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1067592?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~9ea-2?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-2%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1077466?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19%2B10-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19%252B10-1%3Fdistro=sid"}],"aliases":["CVE-2023-22081"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-a282-ksr4-j3cu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/34431?format=json","vulnerability_id":"VCID-a3xk-3wya-s3gm","summary":"Multiple vulnerabilities have been found in IcedTea, the worst of which could result in arbitrary code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-21835.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-21835.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-21835","reference_id":"","reference_type":"","scores":[{"value":"0.0005","scoring_system":"epss","scoring_elements":"0.15153","published_at":"2026-05-05T12:55:00Z"},{"value":"0.0005","scoring_system":"epss","scoring_elements":"0.15304","published_at":"2026-04-21T12:55:00Z"},{"value":"0.0005","scoring_system":"epss","scoring_elements":"0.15345","published_at":"2026-04-24T12:55:00Z"},{"value":"0.0005","scoring_system":"epss","scoring_elements":"0.15341","published_at":"2026-04-26T12:55:00Z"},{"value":"0.0005","scoring_system":"epss","scoring_elements":"0.15286","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00077","scoring_system":"epss","scoring_elements":"0.23112","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00077","scoring_system":"epss","scoring_elements":"0.23185","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00077","scoring_system":"epss","scoring_elements":"0.23147","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00077","scoring_system":"epss","scoring_elements":"0.23089","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00077","scoring_system":"epss","scoring_elements":"0.23104","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00077","scoring_system":"epss","scoring_elements":"0.23096","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00077","scoring_system":"epss","scoring_elements":"0.23165","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00077","scoring_system":"epss","scoring_elements":"0.23206","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00077","scoring_system":"epss","scoring_elements":"0.2325","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00077","scoring_system":"epss","scoring_elements":"0.23039","published_at":"2026-04-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-21835"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21618","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21618"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21619","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21619"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21624","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21624"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21626","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21626"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21628","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21628"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39399","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39399"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21835","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21835"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21843","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21843"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2160421","reference_id":"2160421","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2160421"},{"reference_url":"https://security.gentoo.org/glsa/202409-26","reference_id":"GLSA-202409-26","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202409-26"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0190","reference_id":"RHSA-2023:0190","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0190"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0191","reference_id":"RHSA-2023:0191","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0191"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0192","reference_id":"RHSA-2023:0192","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0192"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0193","reference_id":"RHSA-2023:0193","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0193"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0194","reference_id":"RHSA-2023:0194","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0194"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0195","reference_id":"RHSA-2023:0195","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0195"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0196","reference_id":"RHSA-2023:0196","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0196"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0197","reference_id":"RHSA-2023:0197","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0197"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0198","reference_id":"RHSA-2023:0198","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0198"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0199","reference_id":"RHSA-2023:0199","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0199"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0200","reference_id":"RHSA-2023:0200","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0200"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0201","reference_id":"RHSA-2023:0201","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0201"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0202","reference_id":"RHSA-2023:0202","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0202"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0352","reference_id":"RHSA-2023:0352","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0352"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0353","reference_id":"RHSA-2023:0353","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0353"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0388","reference_id":"RHSA-2023:0388","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0388"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0389","reference_id":"RHSA-2023:0389","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0389"},{"reference_url":"https://usn.ubuntu.com/5897-1/","reference_id":"USN-5897-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5897-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/933616?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.6%2B10-1~deb11u1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.6%252B10-1~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933617?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.6%2B10-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.6%252B10-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933604?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.12%2B7-2~deb11u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1gha-995s-7qdg"},{"vulnerability":"VCID-57sd-8y93-qqhu"},{"vulnerability":"VCID-6r1k-8y1c-q7fm"},{"vulnerability":"VCID-jxgd-j4wr-tyb7"},{"vulnerability":"VCID-sz6r-65q1-q3bh"},{"vulnerability":"VCID-xte1-h9nn-4bbk"},{"vulnerability":"VCID-zsun-4q6p-8fek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.12%252B7-2~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933602?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1gha-995s-7qdg"},{"vulnerability":"VCID-57sd-8y93-qqhu"},{"vulnerability":"VCID-6r1k-8y1c-q7fm"},{"vulnerability":"VCID-jxgd-j4wr-tyb7"},{"vulnerability":"VCID-sz6r-65q1-q3bh"},{"vulnerability":"VCID-xte1-h9nn-4bbk"},{"vulnerability":"VCID-zsun-4q6p-8fek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.17%252B10-1~deb12u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933605?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~6ea-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~6ea-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1062446?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~9ea-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1067592?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~9ea-2?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-2%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1077466?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19%2B10-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19%252B10-1%3Fdistro=sid"}],"aliases":["CVE-2023-21835"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-a3xk-3wya-s3gm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/31962?format=json","vulnerability_id":"VCID-a59u-h67v-yygm","summary":"Multiple vulnerabilities have been discovered in OpenJDK, the worst of which could lead to remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-22041.json","reference_id":"","reference_type":"","scores":[{"value":"5.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-22041.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-22041","reference_id":"","reference_type":"","scores":[{"value":"0.00073","scoring_system":"epss","scoring_elements":"0.22241","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00073","scoring_system":"epss","scoring_elements":"0.22289","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00073","scoring_system":"epss","scoring_elements":"0.22073","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00073","scoring_system":"epss","scoring_elements":"0.22154","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00073","scoring_system":"epss","scoring_elements":"0.22208","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00073","scoring_system":"epss","scoring_elements":"0.22229","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00073","scoring_system":"epss","scoring_elements":"0.22188","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00073","scoring_system":"epss","scoring_elements":"0.22128","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00073","scoring_system":"epss","scoring_elements":"0.22127","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00073","scoring_system":"epss","scoring_elements":"0.22122","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00095","scoring_system":"epss","scoring_elements":"0.261","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00095","scoring_system":"epss","scoring_elements":"0.26356","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00095","scoring_system":"epss","scoring_elements":"0.26286","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00095","scoring_system":"epss","scoring_elements":"0.26278","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00095","scoring_system":"epss","scoring_elements":"0.26228","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-22041"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21930","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21930"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21937","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21937"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21938","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21938"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21939","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21939"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21954","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21954"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21967","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21967"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21968","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21968"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22006","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22006"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22036","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22036"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22041","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22041"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22045","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22045"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22049","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22049"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2223207","reference_id":"2223207","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2223207"},{"reference_url":"https://security.gentoo.org/glsa/202407-24","reference_id":"GLSA-202407-24","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202407-24"},{"reference_url":"https://security.gentoo.org/glsa/202412-07","reference_id":"GLSA-202412-07","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-07"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4157","reference_id":"RHSA-2023:4157","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4157"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4158","reference_id":"RHSA-2023:4158","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4158"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4159","reference_id":"RHSA-2023:4159","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4159"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4161","reference_id":"RHSA-2023:4161","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4161"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4162","reference_id":"RHSA-2023:4162","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4162"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4163","reference_id":"RHSA-2023:4163","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4163"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4164","reference_id":"RHSA-2023:4164","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4164"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4165","reference_id":"RHSA-2023:4165","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4165"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4169","reference_id":"RHSA-2023:4169","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4169"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4170","reference_id":"RHSA-2023:4170","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4170"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4171","reference_id":"RHSA-2023:4171","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4171"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4175","reference_id":"RHSA-2023:4175","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4175"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4177","reference_id":"RHSA-2023:4177","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4177"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4208","reference_id":"RHSA-2023:4208","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4208"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4210","reference_id":"RHSA-2023:4210","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4210"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4211","reference_id":"RHSA-2023:4211","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4211"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4233","reference_id":"RHSA-2023:4233","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4233"},{"reference_url":"https://usn.ubuntu.com/6263-1/","reference_id":"USN-6263-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6263-1/"},{"reference_url":"https://usn.ubuntu.com/6272-1/","reference_id":"USN-6272-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6272-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/933621?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.8%2B7-1~deb12u1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.8%252B7-1~deb12u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933622?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.8%2B7-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.8%252B7-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933604?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.12%2B7-2~deb11u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1gha-995s-7qdg"},{"vulnerability":"VCID-57sd-8y93-qqhu"},{"vulnerability":"VCID-6r1k-8y1c-q7fm"},{"vulnerability":"VCID-jxgd-j4wr-tyb7"},{"vulnerability":"VCID-sz6r-65q1-q3bh"},{"vulnerability":"VCID-xte1-h9nn-4bbk"},{"vulnerability":"VCID-zsun-4q6p-8fek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.12%252B7-2~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933602?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1gha-995s-7qdg"},{"vulnerability":"VCID-57sd-8y93-qqhu"},{"vulnerability":"VCID-6r1k-8y1c-q7fm"},{"vulnerability":"VCID-jxgd-j4wr-tyb7"},{"vulnerability":"VCID-sz6r-65q1-q3bh"},{"vulnerability":"VCID-xte1-h9nn-4bbk"},{"vulnerability":"VCID-zsun-4q6p-8fek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.17%252B10-1~deb12u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933605?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~6ea-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~6ea-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1062446?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~9ea-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1067592?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~9ea-2?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-2%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1077466?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19%2B10-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19%252B10-1%3Fdistro=sid"}],"aliases":["CVE-2023-22041"],"risk_score":2.3,"exploitability":"0.5","weighted_severity":"4.6","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-a59u-h67v-yygm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/79488?format=json","vulnerability_id":"VCID-a95g-84vs-xbav","summary":"OpenJDK: Defective secure validation in Apache Santuario (Libraries, 8278008)","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21476.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21476.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-21476","reference_id":"","reference_type":"","scores":[{"value":"0.00184","scoring_system":"epss","scoring_elements":"0.39711","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00184","scoring_system":"epss","scoring_elements":"0.40224","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00184","scoring_system":"epss","scoring_elements":"0.40186","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00184","scoring_system":"epss","scoring_elements":"0.40168","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00184","scoring_system":"epss","scoring_elements":"0.40218","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00184","scoring_system":"epss","scoring_elements":"0.40188","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00184","scoring_system":"epss","scoring_elements":"0.4011","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00184","scoring_system":"epss","scoring_elements":"0.39935","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00184","scoring_system":"epss","scoring_elements":"0.39921","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00184","scoring_system":"epss","scoring_elements":"0.39841","published_at":"2026-04-29T12:55:00Z"},{"value":"0.0019","scoring_system":"epss","scoring_elements":"0.40815","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0019","scoring_system":"epss","scoring_elements":"0.40767","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0019","scoring_system":"epss","scoring_elements":"0.40817","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0019","scoring_system":"epss","scoring_elements":"0.40824","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0019","scoring_system":"epss","scoring_elements":"0.40842","published_at":"2026-04-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-21476"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21426","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21426"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21434","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21434"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21443","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21443"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21449","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21449"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21476","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21476"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21496","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21496"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1010597","reference_id":"1010597","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1010597"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2075842","reference_id":"2075842","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2075842"},{"reference_url":"https://security.archlinux.org/AVG-2687","reference_id":"AVG-2687","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2687"},{"reference_url":"https://security.archlinux.org/AVG-2688","reference_id":"AVG-2688","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2688"},{"reference_url":"https://security.archlinux.org/AVG-2689","reference_id":"AVG-2689","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2689"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:1435","reference_id":"RHSA-2022:1435","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:1435"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:1436","reference_id":"RHSA-2022:1436","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:1436"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:1437","reference_id":"RHSA-2022:1437","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:1437"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:1438","reference_id":"RHSA-2022:1438","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:1438"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:1439","reference_id":"RHSA-2022:1439","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:1439"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:1440","reference_id":"RHSA-2022:1440","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:1440"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:1441","reference_id":"RHSA-2022:1441","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:1441"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:1442","reference_id":"RHSA-2022:1442","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:1442"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:1443","reference_id":"RHSA-2022:1443","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:1443"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:1444","reference_id":"RHSA-2022:1444","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:1444"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:1445","reference_id":"RHSA-2022:1445","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:1445"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:1487","reference_id":"RHSA-2022:1487","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:1487"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:1488","reference_id":"RHSA-2022:1488","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:1488"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:1489","reference_id":"RHSA-2022:1489","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:1489"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:1490","reference_id":"RHSA-2022:1490","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:1490"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:1491","reference_id":"RHSA-2022:1491","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:1491"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:1492","reference_id":"RHSA-2022:1492","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:1492"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:1728","reference_id":"RHSA-2022:1728","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:1728"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:1729","reference_id":"RHSA-2022:1729","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:1729"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:2137","reference_id":"RHSA-2022:2137","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:2137"},{"reference_url":"https://usn.ubuntu.com/5388-1/","reference_id":"USN-5388-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5388-1/"},{"reference_url":"https://usn.ubuntu.com/5388-2/","reference_id":"USN-5388-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5388-2/"},{"reference_url":"https://usn.ubuntu.com/5546-1/","reference_id":"USN-5546-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5546-1/"},{"reference_url":"https://usn.ubuntu.com/5546-2/","reference_id":"USN-5546-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5546-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/933612?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.3%2B7-1~deb11u1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.3%252B7-1~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933611?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.3%2B7-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.3%252B7-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933604?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.12%2B7-2~deb11u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1gha-995s-7qdg"},{"vulnerability":"VCID-57sd-8y93-qqhu"},{"vulnerability":"VCID-6r1k-8y1c-q7fm"},{"vulnerability":"VCID-jxgd-j4wr-tyb7"},{"vulnerability":"VCID-sz6r-65q1-q3bh"},{"vulnerability":"VCID-xte1-h9nn-4bbk"},{"vulnerability":"VCID-zsun-4q6p-8fek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.12%252B7-2~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933602?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1gha-995s-7qdg"},{"vulnerability":"VCID-57sd-8y93-qqhu"},{"vulnerability":"VCID-6r1k-8y1c-q7fm"},{"vulnerability":"VCID-jxgd-j4wr-tyb7"},{"vulnerability":"VCID-sz6r-65q1-q3bh"},{"vulnerability":"VCID-xte1-h9nn-4bbk"},{"vulnerability":"VCID-zsun-4q6p-8fek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.17%252B10-1~deb12u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933605?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~6ea-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~6ea-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1062446?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~9ea-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1067592?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~9ea-2?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-2%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1077466?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19%2B10-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19%252B10-1%3Fdistro=sid"}],"aliases":["CVE-2022-21476"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-a95g-84vs-xbav"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/64944?format=json","vulnerability_id":"VCID-apsn-z1br-3bdy","summary":"openjdk: Enhance Certificate Checking (Oracle CPU 2026-01)","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-21945.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-21945.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-21945","reference_id":"","reference_type":"","scores":[{"value":"0.00053","scoring_system":"epss","scoring_elements":"0.16874","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00053","scoring_system":"epss","scoring_elements":"0.16435","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00053","scoring_system":"epss","scoring_elements":"0.16615","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00053","scoring_system":"epss","scoring_elements":"0.16604","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00053","scoring_system":"epss","scoring_elements":"0.16569","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00053","scoring_system":"epss","scoring_elements":"0.1693","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00053","scoring_system":"epss","scoring_elements":"0.16714","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00053","scoring_system":"epss","scoring_elements":"0.16799","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00053","scoring_system":"epss","scoring_elements":"0.16854","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00053","scoring_system":"epss","scoring_elements":"0.16832","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00053","scoring_system":"epss","scoring_elements":"0.16786","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00053","scoring_system":"epss","scoring_elements":"0.16728","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00053","scoring_system":"epss","scoring_elements":"0.16664","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00053","scoring_system":"epss","scoring_elements":"0.16672","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00053","scoring_system":"epss","scoring_elements":"0.16709","published_at":"2026-04-21T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-21945"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-21945","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-21945"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1126119","reference_id":"1126119","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1126119"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2429927","reference_id":"2429927","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2429927"},{"reference_url":"https://www.oracle.com/security-alerts/cpujan2026.html","reference_id":"cpujan2026.html","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-01-21T15:04:39Z/"}],"url":"https://www.oracle.com/security-alerts/cpujan2026.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0847","reference_id":"RHSA-2026:0847","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0847"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0848","reference_id":"RHSA-2026:0848","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0848"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0849","reference_id":"RHSA-2026:0849","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0849"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0895","reference_id":"RHSA-2026:0895","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0895"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0896","reference_id":"RHSA-2026:0896","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0896"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0897","reference_id":"RHSA-2026:0897","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0897"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0898","reference_id":"RHSA-2026:0898","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0898"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0899","reference_id":"RHSA-2026:0899","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0899"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0900","reference_id":"RHSA-2026:0900","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0900"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0901","reference_id":"RHSA-2026:0901","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0901"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0927","reference_id":"RHSA-2026:0927","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0927"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0928","reference_id":"RHSA-2026:0928","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0928"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0931","reference_id":"RHSA-2026:0931","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0931"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0932","reference_id":"RHSA-2026:0932","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0932"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0933","reference_id":"RHSA-2026:0933","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0933"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1606","reference_id":"RHSA-2026:1606","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1606"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4832","reference_id":"RHSA-2026:4832","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4832"},{"reference_url":"https://usn.ubuntu.com/7995-1/","reference_id":"USN-7995-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7995-1/"},{"reference_url":"https://usn.ubuntu.com/7996-1/","reference_id":"USN-7996-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7996-1/"},{"reference_url":"https://usn.ubuntu.com/7997-1/","reference_id":"USN-7997-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7997-1/"},{"reference_url":"https://usn.ubuntu.com/7998-1/","reference_id":"USN-7998-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7998-1/"},{"reference_url":"https://usn.ubuntu.com/8000-1/","reference_id":"USN-8000-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8000-1/"},{"reference_url":"https://usn.ubuntu.com/8001-1/","reference_id":"USN-8001-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8001-1/"},{"reference_url":"https://usn.ubuntu.com/8002-1/","reference_id":"USN-8002-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8002-1/"},{"reference_url":"https://usn.ubuntu.com/8003-1/","reference_id":"USN-8003-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8003-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/933604?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.12%2B7-2~deb11u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1gha-995s-7qdg"},{"vulnerability":"VCID-57sd-8y93-qqhu"},{"vulnerability":"VCID-6r1k-8y1c-q7fm"},{"vulnerability":"VCID-jxgd-j4wr-tyb7"},{"vulnerability":"VCID-sz6r-65q1-q3bh"},{"vulnerability":"VCID-xte1-h9nn-4bbk"},{"vulnerability":"VCID-zsun-4q6p-8fek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.12%252B7-2~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933602?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1gha-995s-7qdg"},{"vulnerability":"VCID-57sd-8y93-qqhu"},{"vulnerability":"VCID-6r1k-8y1c-q7fm"},{"vulnerability":"VCID-jxgd-j4wr-tyb7"},{"vulnerability":"VCID-sz6r-65q1-q3bh"},{"vulnerability":"VCID-xte1-h9nn-4bbk"},{"vulnerability":"VCID-zsun-4q6p-8fek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.17%252B10-1~deb12u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933649?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.18%2B8-1~deb11u1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.18%252B8-1~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933648?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.18%2B8-1~deb12u1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.18%252B8-1~deb12u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933650?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.18%2B8-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.18%252B8-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933605?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~6ea-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~6ea-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1062446?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~9ea-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1067592?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~9ea-2?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-2%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1077466?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19%2B10-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19%252B10-1%3Fdistro=sid"}],"aliases":["CVE-2026-21945"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-apsn-z1br-3bdy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/68623?format=json","vulnerability_id":"VCID-b32x-4pu4-jkh4","summary":"openjdk: Better Glyph drawing (Oracle CPU 2025-07)","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-30749.json","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-30749.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-30749","reference_id":"","reference_type":"","scores":[{"value":"0.00508","scoring_system":"epss","scoring_elements":"0.6625","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00508","scoring_system":"epss","scoring_elements":"0.66294","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00508","scoring_system":"epss","scoring_elements":"0.66307","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00508","scoring_system":"epss","scoring_elements":"0.66277","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00508","scoring_system":"epss","scoring_elements":"0.66247","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00521","scoring_system":"epss","scoring_elements":"0.66893","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00672","scoring_system":"epss","scoring_elements":"0.71388","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00672","scoring_system":"epss","scoring_elements":"0.71407","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00672","scoring_system":"epss","scoring_elements":"0.71439","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00672","scoring_system":"epss","scoring_elements":"0.71446","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00672","scoring_system":"epss","scoring_elements":"0.71451","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00672","scoring_system":"epss","scoring_elements":"0.71372","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00672","scoring_system":"epss","scoring_elements":"0.71355","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00672","scoring_system":"epss","scoring_elements":"0.71401","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00728","scoring_system":"epss","scoring_elements":"0.72696","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-30749"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-30749","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-30749"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2376783","reference_id":"2376783","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2376783"},{"reference_url":"https://www.oracle.com/security-alerts/cpujul2025.html","reference_id":"cpujul2025.html","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-07-15T20:23:21Z/"}],"url":"https://www.oracle.com/security-alerts/cpujul2025.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10861","reference_id":"RHSA-2025:10861","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10861"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10862","reference_id":"RHSA-2025:10862","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10862"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10863","reference_id":"RHSA-2025:10863","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10863"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10864","reference_id":"RHSA-2025:10864","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10864"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10865","reference_id":"RHSA-2025:10865","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10865"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10866","reference_id":"RHSA-2025:10866","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10866"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10867","reference_id":"RHSA-2025:10867","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10867"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10868","reference_id":"RHSA-2025:10868","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10868"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10869","reference_id":"RHSA-2025:10869","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10869"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10870","reference_id":"RHSA-2025:10870","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10870"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10873","reference_id":"RHSA-2025:10873","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10873"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10874","reference_id":"RHSA-2025:10874","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10874"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10875","reference_id":"RHSA-2025:10875","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10875"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:13656","reference_id":"RHSA-2025:13656","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:13656"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:13675","reference_id":"RHSA-2025:13675","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:13675"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0934","reference_id":"RHSA-2026:0934","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0934"},{"reference_url":"https://usn.ubuntu.com/7667-1/","reference_id":"USN-7667-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7667-1/"},{"reference_url":"https://usn.ubuntu.com/7668-1/","reference_id":"USN-7668-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7668-1/"},{"reference_url":"https://usn.ubuntu.com/7669-1/","reference_id":"USN-7669-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7669-1/"},{"reference_url":"https://usn.ubuntu.com/7672-1/","reference_id":"USN-7672-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7672-1/"},{"reference_url":"https://usn.ubuntu.com/7673-1/","reference_id":"USN-7673-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7673-1/"},{"reference_url":"https://usn.ubuntu.com/7674-1/","reference_id":"USN-7674-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7674-1/"},{"reference_url":"https://usn.ubuntu.com/7690-1/","reference_id":"USN-7690-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7690-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/933604?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.12%2B7-2~deb11u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1gha-995s-7qdg"},{"vulnerability":"VCID-57sd-8y93-qqhu"},{"vulnerability":"VCID-6r1k-8y1c-q7fm"},{"vulnerability":"VCID-jxgd-j4wr-tyb7"},{"vulnerability":"VCID-sz6r-65q1-q3bh"},{"vulnerability":"VCID-xte1-h9nn-4bbk"},{"vulnerability":"VCID-zsun-4q6p-8fek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.12%252B7-2~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933644?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.16%2B8-1~deb11u1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.16%252B8-1~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933643?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.16%2B8-1~deb12u1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.16%252B8-1~deb12u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933645?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.16%2B8-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.16%252B8-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933602?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1gha-995s-7qdg"},{"vulnerability":"VCID-57sd-8y93-qqhu"},{"vulnerability":"VCID-6r1k-8y1c-q7fm"},{"vulnerability":"VCID-jxgd-j4wr-tyb7"},{"vulnerability":"VCID-sz6r-65q1-q3bh"},{"vulnerability":"VCID-xte1-h9nn-4bbk"},{"vulnerability":"VCID-zsun-4q6p-8fek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.17%252B10-1~deb12u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933605?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~6ea-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~6ea-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1062446?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~9ea-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1067592?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~9ea-2?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-2%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1077466?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19%2B10-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19%252B10-1%3Fdistro=sid"}],"aliases":["CVE-2025-30749"],"risk_score":3.6,"exploitability":"0.5","weighted_severity":"7.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-b32x-4pu4-jkh4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/34330?format=json","vulnerability_id":"VCID-bqav-d2f9-x7d1","summary":"Multiple vulnerabilities have been found in OpenJDK, the worst of which could result in denial of service.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-2161.json","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-2161.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-2161","reference_id":"","reference_type":"","scores":[{"value":"0.01132","scoring_system":"epss","scoring_elements":"0.78431","published_at":"2026-05-05T12:55:00Z"},{"value":"0.01404","scoring_system":"epss","scoring_elements":"0.80531","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01404","scoring_system":"epss","scoring_elements":"0.80514","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01404","scoring_system":"epss","scoring_elements":"0.80404","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01404","scoring_system":"epss","scoring_elements":"0.8051","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01404","scoring_system":"epss","scoring_elements":"0.80484","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01404","scoring_system":"epss","scoring_elements":"0.80481","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01404","scoring_system":"epss","scoring_elements":"0.8048","published_at":"2026-04-16T12:55:00Z"},{"value":"0.01404","scoring_system":"epss","scoring_elements":"0.80452","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01404","scoring_system":"epss","scoring_elements":"0.80458","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01404","scoring_system":"epss","scoring_elements":"0.80473","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01404","scoring_system":"epss","scoring_elements":"0.80454","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01404","scoring_system":"epss","scoring_elements":"0.80444","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01404","scoring_system":"epss","scoring_elements":"0.80425","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01404","scoring_system":"epss","scoring_elements":"0.80414","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01404","scoring_system":"epss","scoring_elements":"0.80398","published_at":"2026-04-01T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-2161"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1951231","reference_id":"1951231","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1951231"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5ACX4JEVYH6H4PSMGMYWTGABPOFPH3TS/","reference_id":"5ACX4JEVYH6H4PSMGMYWTGABPOFPH3TS","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T14:44:10Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5ACX4JEVYH6H4PSMGMYWTGABPOFPH3TS/"},{"reference_url":"https://docs.azul.com/core/zulu-openjdk/release-notes/april-2021.html#fixed-common-vulnerabilities-and-exposures","reference_id":"april-2021.html#fixed-common-vulnerabilities-and-exposures","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T14:44:10Z/"}],"url":"https://docs.azul.com/core/zulu-openjdk/release-notes/april-2021.html#fixed-common-vulnerabilities-and-exposures"},{"reference_url":"https://security.archlinux.org/AVG-1865","reference_id":"AVG-1865","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1865"},{"reference_url":"https://security.archlinux.org/AVG-1866","reference_id":"AVG-1866","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1866"},{"reference_url":"https://security.archlinux.org/AVG-1867","reference_id":"AVG-1867","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1867"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CFXOKM2233JVGYDOWW77BN54X3GZTIBK/","reference_id":"CFXOKM2233JVGYDOWW77BN54X3GZTIBK","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T14:44:10Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CFXOKM2233JVGYDOWW77BN54X3GZTIBK/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CG7EWXSO6JUCVHP7R3SOZQ7WPNBOISJH/","reference_id":"CG7EWXSO6JUCVHP7R3SOZQ7WPNBOISJH","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T14:44:10Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CG7EWXSO6JUCVHP7R3SOZQ7WPNBOISJH/"},{"reference_url":"https://www.debian.org/security/2021/dsa-4899","reference_id":"dsa-4899","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T14:44:10Z/"}],"url":"https://www.debian.org/security/2021/dsa-4899"},{"reference_url":"https://security.gentoo.org/glsa/202209-05","reference_id":"GLSA-202209-05","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T14:44:10Z/"}],"url":"https://security.gentoo.org/glsa/202209-05"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MAULPCQFLAMBJIS27YLNNX6IHRFJMVP4/","reference_id":"MAULPCQFLAMBJIS27YLNNX6IHRFJMVP4","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T14:44:10Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MAULPCQFLAMBJIS27YLNNX6IHRFJMVP4/"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2021/04/msg00021.html","reference_id":"msg00021.html","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T14:44:10Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2021/04/msg00021.html"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MVDY4T5XMSYDQT6RRKPMRCV4MVGS7KXF/","reference_id":"MVDY4T5XMSYDQT6RRKPMRCV4MVGS7KXF","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T14:44:10Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MVDY4T5XMSYDQT6RRKPMRCV4MVGS7KXF/"},{"reference_url":"https://security.netapp.com/advisory/ntap-20210513-0001/","reference_id":"ntap-20210513-0001","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T14:44:10Z/"}],"url":"https://security.netapp.com/advisory/ntap-20210513-0001/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:1445","reference_id":"RHSA-2021:1445","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:1445"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:1447","reference_id":"RHSA-2021:1447","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:1447"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UD3JEP4HPLK7MNZHVUMKIJPBP74M3A2V/","reference_id":"UD3JEP4HPLK7MNZHVUMKIJPBP74M3A2V","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T14:44:10Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UD3JEP4HPLK7MNZHVUMKIJPBP74M3A2V/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/933603?format=json","purl":"pkg:deb/debian/openjdk-17@0?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@0%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933604?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.12%2B7-2~deb11u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1gha-995s-7qdg"},{"vulnerability":"VCID-57sd-8y93-qqhu"},{"vulnerability":"VCID-6r1k-8y1c-q7fm"},{"vulnerability":"VCID-jxgd-j4wr-tyb7"},{"vulnerability":"VCID-sz6r-65q1-q3bh"},{"vulnerability":"VCID-xte1-h9nn-4bbk"},{"vulnerability":"VCID-zsun-4q6p-8fek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.12%252B7-2~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933602?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1gha-995s-7qdg"},{"vulnerability":"VCID-57sd-8y93-qqhu"},{"vulnerability":"VCID-6r1k-8y1c-q7fm"},{"vulnerability":"VCID-jxgd-j4wr-tyb7"},{"vulnerability":"VCID-sz6r-65q1-q3bh"},{"vulnerability":"VCID-xte1-h9nn-4bbk"},{"vulnerability":"VCID-zsun-4q6p-8fek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.17%252B10-1~deb12u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933605?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~6ea-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~6ea-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1062446?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~9ea-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1067592?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~9ea-2?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-2%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1077466?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19%2B10-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19%252B10-1%3Fdistro=sid"}],"aliases":["CVE-2021-2161"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-bqav-d2f9-x7d1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/31975?format=json","vulnerability_id":"VCID-d6gm-thtx-bqb7","summary":"Multiple vulnerabilities have been discovered in OpenJDK, the worst of which could lead to remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-20932.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-20932.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-20932","reference_id":"","reference_type":"","scores":[{"value":"0.00131","scoring_system":"epss","scoring_elements":"0.32153","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00131","scoring_system":"epss","scoring_elements":"0.32291","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00172","scoring_system":"epss","scoring_elements":"0.3842","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00172","scoring_system":"epss","scoring_elements":"0.38237","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00172","scoring_system":"epss","scoring_elements":"0.38262","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00172","scoring_system":"epss","scoring_elements":"0.3856","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00172","scoring_system":"epss","scoring_elements":"0.38584","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00172","scoring_system":"epss","scoring_elements":"0.38447","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00172","scoring_system":"epss","scoring_elements":"0.38498","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00172","scoring_system":"epss","scoring_elements":"0.38507","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00172","scoring_system":"epss","scoring_elements":"0.38522","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00172","scoring_system":"epss","scoring_elements":"0.38484","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00172","scoring_system":"epss","scoring_elements":"0.38459","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00172","scoring_system":"epss","scoring_elements":"0.38506","published_at":"2026-04-16T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-20932"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20918","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20918"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20919","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20919"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20921","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20921"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20926","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20926"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20932","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20932"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20945","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20945"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20952","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20952"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2257720","reference_id":"2257720","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2257720"},{"reference_url":"https://security.gentoo.org/glsa/202412-07","reference_id":"GLSA-202412-07","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-07"},{"reference_url":"https://security.netapp.com/advisory/ntap-20240201-0002/","reference_id":"ntap-20240201-0002","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-30T15:51:25Z/"}],"url":"https://security.netapp.com/advisory/ntap-20240201-0002/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0240","reference_id":"RHSA-2024:0240","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0240"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0241","reference_id":"RHSA-2024:0241","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0241"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0242","reference_id":"RHSA-2024:0242","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0242"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0244","reference_id":"RHSA-2024:0244","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0244"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0246","reference_id":"RHSA-2024:0246","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0246"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0267","reference_id":"RHSA-2024:0267","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0267"},{"reference_url":"https://usn.ubuntu.com/6661-1/","reference_id":"USN-6661-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6661-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/933627?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.10%2B7-1~deb11u1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.10%252B7-1~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933626?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.10%2B7-1~deb12u1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.10%252B7-1~deb12u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933628?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.10%2B7-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.10%252B7-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933604?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.12%2B7-2~deb11u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1gha-995s-7qdg"},{"vulnerability":"VCID-57sd-8y93-qqhu"},{"vulnerability":"VCID-6r1k-8y1c-q7fm"},{"vulnerability":"VCID-jxgd-j4wr-tyb7"},{"vulnerability":"VCID-sz6r-65q1-q3bh"},{"vulnerability":"VCID-xte1-h9nn-4bbk"},{"vulnerability":"VCID-zsun-4q6p-8fek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.12%252B7-2~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933602?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1gha-995s-7qdg"},{"vulnerability":"VCID-57sd-8y93-qqhu"},{"vulnerability":"VCID-6r1k-8y1c-q7fm"},{"vulnerability":"VCID-jxgd-j4wr-tyb7"},{"vulnerability":"VCID-sz6r-65q1-q3bh"},{"vulnerability":"VCID-xte1-h9nn-4bbk"},{"vulnerability":"VCID-zsun-4q6p-8fek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.17%252B10-1~deb12u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933605?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~6ea-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~6ea-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1062446?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~9ea-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1067592?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~9ea-2?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-2%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1077466?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19%2B10-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19%252B10-1%3Fdistro=sid"}],"aliases":["CVE-2024-20932"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-d6gm-thtx-bqb7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/64942?format=json","vulnerability_id":"VCID-duy9-6f1p-vqah","summary":"openjdk: Enhance Handling of URIs (Oracle CPU 2026-01)","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-21932.json","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-21932.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-21932","reference_id":"","reference_type":"","scores":[{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09259","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09235","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09406","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09361","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09323","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.0931","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09227","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09302","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09346","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09356","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09328","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09314","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09205","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09204","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09355","published_at":"2026-04-21T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-21932"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-21932","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-21932"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1126119","reference_id":"1126119","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1126119"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2429925","reference_id":"2429925","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2429925"},{"reference_url":"https://www.oracle.com/security-alerts/cpujan2026.html","reference_id":"cpujan2026.html","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-21T20:55:36Z/"}],"url":"https://www.oracle.com/security-alerts/cpujan2026.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0849","reference_id":"RHSA-2026:0849","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0849"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0896","reference_id":"RHSA-2026:0896","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0896"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0898","reference_id":"RHSA-2026:0898","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0898"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0900","reference_id":"RHSA-2026:0900","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0900"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1606","reference_id":"RHSA-2026:1606","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1606"},{"reference_url":"https://usn.ubuntu.com/7995-1/","reference_id":"USN-7995-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7995-1/"},{"reference_url":"https://usn.ubuntu.com/7996-1/","reference_id":"USN-7996-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7996-1/"},{"reference_url":"https://usn.ubuntu.com/7997-1/","reference_id":"USN-7997-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7997-1/"},{"reference_url":"https://usn.ubuntu.com/7998-1/","reference_id":"USN-7998-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7998-1/"},{"reference_url":"https://usn.ubuntu.com/8000-1/","reference_id":"USN-8000-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8000-1/"},{"reference_url":"https://usn.ubuntu.com/8001-1/","reference_id":"USN-8001-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8001-1/"},{"reference_url":"https://usn.ubuntu.com/8002-1/","reference_id":"USN-8002-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8002-1/"},{"reference_url":"https://usn.ubuntu.com/8003-1/","reference_id":"USN-8003-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8003-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/933604?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.12%2B7-2~deb11u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1gha-995s-7qdg"},{"vulnerability":"VCID-57sd-8y93-qqhu"},{"vulnerability":"VCID-6r1k-8y1c-q7fm"},{"vulnerability":"VCID-jxgd-j4wr-tyb7"},{"vulnerability":"VCID-sz6r-65q1-q3bh"},{"vulnerability":"VCID-xte1-h9nn-4bbk"},{"vulnerability":"VCID-zsun-4q6p-8fek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.12%252B7-2~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933602?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1gha-995s-7qdg"},{"vulnerability":"VCID-57sd-8y93-qqhu"},{"vulnerability":"VCID-6r1k-8y1c-q7fm"},{"vulnerability":"VCID-jxgd-j4wr-tyb7"},{"vulnerability":"VCID-sz6r-65q1-q3bh"},{"vulnerability":"VCID-xte1-h9nn-4bbk"},{"vulnerability":"VCID-zsun-4q6p-8fek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.17%252B10-1~deb12u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933649?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.18%2B8-1~deb11u1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.18%252B8-1~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933648?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.18%2B8-1~deb12u1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.18%252B8-1~deb12u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933650?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.18%2B8-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.18%252B8-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933605?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~6ea-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~6ea-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1062446?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~9ea-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1067592?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~9ea-2?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-2%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1077466?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19%2B10-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19%252B10-1%3Fdistro=sid"}],"aliases":["CVE-2026-21932"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-duy9-6f1p-vqah"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/78479?format=json","vulnerability_id":"VCID-dwh6-xw5k-mqg8","summary":"OpenJDK: missing string checks for NULL characters (8296622)","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-21937.json","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-21937.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-21937","reference_id":"","reference_type":"","scores":[{"value":"0.00084","scoring_system":"epss","scoring_elements":"0.24246","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00084","scoring_system":"epss","scoring_elements":"0.24483","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00084","scoring_system":"epss","scoring_elements":"0.24425","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00084","scoring_system":"epss","scoring_elements":"0.2441","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00084","scoring_system":"epss","scoring_elements":"0.24367","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.2496","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.25149","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.25073","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.25188","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.25029","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.24998","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.25005","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.24993","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.25047","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.25087","published_at":"2026-04-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-21937"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21930","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21930"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21937","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21937"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21938","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21938"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21939","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21939"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21954","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21954"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21967","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21967"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21968","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21968"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22006","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22006"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22036","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22036"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22041","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22041"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22045","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22045"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22049","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22049"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1035957","reference_id":"1035957","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1035957"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036280","reference_id":"1036280","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036280"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2187790","reference_id":"2187790","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2187790"},{"reference_url":"https://www.debian.org/security/2023/dsa-5430","reference_id":"dsa-5430","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-17T13:34:57Z/"}],"url":"https://www.debian.org/security/2023/dsa-5430"},{"reference_url":"https://www.debian.org/security/2023/dsa-5478","reference_id":"dsa-5478","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-17T13:34:57Z/"}],"url":"https://www.debian.org/security/2023/dsa-5478"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2023/09/msg00018.html","reference_id":"msg00018.html","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-17T13:34:57Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2023/09/msg00018.html"},{"reference_url":"https://security.netapp.com/advisory/ntap-20230427-0008/","reference_id":"ntap-20230427-0008","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-17T13:34:57Z/"}],"url":"https://security.netapp.com/advisory/ntap-20230427-0008/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1875","reference_id":"RHSA-2023:1875","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1875"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1877","reference_id":"RHSA-2023:1877","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1877"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1878","reference_id":"RHSA-2023:1878","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1878"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1879","reference_id":"RHSA-2023:1879","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1879"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1880","reference_id":"RHSA-2023:1880","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1880"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1882","reference_id":"RHSA-2023:1882","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1882"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1883","reference_id":"RHSA-2023:1883","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1883"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1884","reference_id":"RHSA-2023:1884","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1884"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1885","reference_id":"RHSA-2023:1885","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1885"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1889","reference_id":"RHSA-2023:1889","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1889"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1890","reference_id":"RHSA-2023:1890","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1890"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1891","reference_id":"RHSA-2023:1891","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1891"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1892","reference_id":"RHSA-2023:1892","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1892"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1895","reference_id":"RHSA-2023:1895","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1895"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1898","reference_id":"RHSA-2023:1898","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1898"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1899","reference_id":"RHSA-2023:1899","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1899"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1900","reference_id":"RHSA-2023:1900","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1900"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1903","reference_id":"RHSA-2023:1903","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1903"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1904","reference_id":"RHSA-2023:1904","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1904"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1905","reference_id":"RHSA-2023:1905","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1905"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1906","reference_id":"RHSA-2023:1906","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1906"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1907","reference_id":"RHSA-2023:1907","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1907"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1908","reference_id":"RHSA-2023:1908","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1908"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1909","reference_id":"RHSA-2023:1909","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1909"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1910","reference_id":"RHSA-2023:1910","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1910"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1911","reference_id":"RHSA-2023:1911","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1911"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1912","reference_id":"RHSA-2023:1912","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1912"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4103","reference_id":"RHSA-2023:4103","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4103"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4160","reference_id":"RHSA-2023:4160","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4160"},{"reference_url":"https://usn.ubuntu.com/6077-1/","reference_id":"USN-6077-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6077-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/933619?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.7%2B7-1~deb11u1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.7%252B7-1~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933618?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.7%2B7-1~deb12u1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.7%252B7-1~deb12u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933620?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.7%2B7-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.7%252B7-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933604?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.12%2B7-2~deb11u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1gha-995s-7qdg"},{"vulnerability":"VCID-57sd-8y93-qqhu"},{"vulnerability":"VCID-6r1k-8y1c-q7fm"},{"vulnerability":"VCID-jxgd-j4wr-tyb7"},{"vulnerability":"VCID-sz6r-65q1-q3bh"},{"vulnerability":"VCID-xte1-h9nn-4bbk"},{"vulnerability":"VCID-zsun-4q6p-8fek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.12%252B7-2~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933602?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1gha-995s-7qdg"},{"vulnerability":"VCID-57sd-8y93-qqhu"},{"vulnerability":"VCID-6r1k-8y1c-q7fm"},{"vulnerability":"VCID-jxgd-j4wr-tyb7"},{"vulnerability":"VCID-sz6r-65q1-q3bh"},{"vulnerability":"VCID-xte1-h9nn-4bbk"},{"vulnerability":"VCID-zsun-4q6p-8fek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.17%252B10-1~deb12u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933605?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~6ea-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~6ea-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1062446?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~9ea-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1067592?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~9ea-2?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-2%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1077466?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19%2B10-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19%252B10-1%3Fdistro=sid"}],"aliases":["CVE-2023-21937"],"risk_score":1.6,"exploitability":"0.5","weighted_severity":"3.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-dwh6-xw5k-mqg8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/31965?format=json","vulnerability_id":"VCID-dyg2-udwy-cud7","summary":"Multiple vulnerabilities have been discovered in OpenJDK, the worst of which could lead to remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-22045.json","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-22045.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-22045","reference_id":"","reference_type":"","scores":[{"value":"0.00132","scoring_system":"epss","scoring_elements":"0.32212","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00132","scoring_system":"epss","scoring_elements":"0.32699","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00132","scoring_system":"epss","scoring_elements":"0.32547","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00132","scoring_system":"epss","scoring_elements":"0.32431","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00132","scoring_system":"epss","scoring_elements":"0.32349","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00153","scoring_system":"epss","scoring_elements":"0.36098","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00153","scoring_system":"epss","scoring_elements":"0.36104","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00153","scoring_system":"epss","scoring_elements":"0.36066","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00153","scoring_system":"epss","scoring_elements":"0.3604","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00153","scoring_system":"epss","scoring_elements":"0.36067","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00153","scoring_system":"epss","scoring_elements":"0.3603","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00153","scoring_system":"epss","scoring_elements":"0.3608","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00201","scoring_system":"epss","scoring_elements":"0.42172","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00201","scoring_system":"epss","scoring_elements":"0.42145","published_at":"2026-04-02T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-22045"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21930","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21930"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21937","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21937"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21938","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21938"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21939","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21939"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21954","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21954"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21967","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21967"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21968","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21968"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22006","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22006"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22036","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22036"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22041","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22041"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22045","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22045"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22049","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22049"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2221645","reference_id":"2221645","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2221645"},{"reference_url":"https://security.gentoo.org/glsa/202407-24","reference_id":"GLSA-202407-24","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202407-24"},{"reference_url":"https://security.gentoo.org/glsa/202412-07","reference_id":"GLSA-202412-07","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-07"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4157","reference_id":"RHSA-2023:4157","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4157"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4158","reference_id":"RHSA-2023:4158","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4158"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4159","reference_id":"RHSA-2023:4159","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4159"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4161","reference_id":"RHSA-2023:4161","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4161"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4162","reference_id":"RHSA-2023:4162","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4162"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4163","reference_id":"RHSA-2023:4163","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4163"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4164","reference_id":"RHSA-2023:4164","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4164"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4165","reference_id":"RHSA-2023:4165","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4165"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4166","reference_id":"RHSA-2023:4166","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4166"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4167","reference_id":"RHSA-2023:4167","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4167"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4168","reference_id":"RHSA-2023:4168","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4168"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4169","reference_id":"RHSA-2023:4169","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4169"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4170","reference_id":"RHSA-2023:4170","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4170"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4171","reference_id":"RHSA-2023:4171","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4171"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4172","reference_id":"RHSA-2023:4172","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4172"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4173","reference_id":"RHSA-2023:4173","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4173"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4174","reference_id":"RHSA-2023:4174","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4174"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4175","reference_id":"RHSA-2023:4175","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4175"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4176","reference_id":"RHSA-2023:4176","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4176"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4177","reference_id":"RHSA-2023:4177","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4177"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4178","reference_id":"RHSA-2023:4178","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4178"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4208","reference_id":"RHSA-2023:4208","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4208"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4209","reference_id":"RHSA-2023:4209","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4209"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4210","reference_id":"RHSA-2023:4210","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4210"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4211","reference_id":"RHSA-2023:4211","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4211"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4212","reference_id":"RHSA-2023:4212","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4212"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4233","reference_id":"RHSA-2023:4233","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4233"},{"reference_url":"https://usn.ubuntu.com/6263-1/","reference_id":"USN-6263-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6263-1/"},{"reference_url":"https://usn.ubuntu.com/6272-1/","reference_id":"USN-6272-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6272-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/933621?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.8%2B7-1~deb12u1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.8%252B7-1~deb12u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933622?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.8%2B7-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.8%252B7-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933604?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.12%2B7-2~deb11u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1gha-995s-7qdg"},{"vulnerability":"VCID-57sd-8y93-qqhu"},{"vulnerability":"VCID-6r1k-8y1c-q7fm"},{"vulnerability":"VCID-jxgd-j4wr-tyb7"},{"vulnerability":"VCID-sz6r-65q1-q3bh"},{"vulnerability":"VCID-xte1-h9nn-4bbk"},{"vulnerability":"VCID-zsun-4q6p-8fek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.12%252B7-2~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933602?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1gha-995s-7qdg"},{"vulnerability":"VCID-57sd-8y93-qqhu"},{"vulnerability":"VCID-6r1k-8y1c-q7fm"},{"vulnerability":"VCID-jxgd-j4wr-tyb7"},{"vulnerability":"VCID-sz6r-65q1-q3bh"},{"vulnerability":"VCID-xte1-h9nn-4bbk"},{"vulnerability":"VCID-zsun-4q6p-8fek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.17%252B10-1~deb12u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933605?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~6ea-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~6ea-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1062446?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~9ea-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1067592?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~9ea-2?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-2%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1077466?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19%2B10-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19%252B10-1%3Fdistro=sid"}],"aliases":["CVE-2023-22045"],"risk_score":1.6,"exploitability":"0.5","weighted_severity":"3.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-dyg2-udwy-cud7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/68625?format=json","vulnerability_id":"VCID-e6dm-6767-9kdk","summary":"openjdk: Improve HTTP client header handling (Oracle CPU 2025-07)","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-50059.json","reference_id":"","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-50059.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-50059","reference_id":"","reference_type":"","scores":[{"value":"0.00128","scoring_system":"epss","scoring_elements":"0.32136","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00128","scoring_system":"epss","scoring_elements":"0.32274","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00128","scoring_system":"epss","scoring_elements":"0.32212","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00128","scoring_system":"epss","scoring_elements":"0.32185","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00128","scoring_system":"epss","scoring_elements":"0.32311","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00131","scoring_system":"epss","scoring_elements":"0.32669","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00131","scoring_system":"epss","scoring_elements":"0.32589","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00131","scoring_system":"epss","scoring_elements":"0.32433","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00131","scoring_system":"epss","scoring_elements":"0.32317","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00131","scoring_system":"epss","scoring_elements":"0.32233","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00131","scoring_system":"epss","scoring_elements":"0.32631","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00131","scoring_system":"epss","scoring_elements":"0.32603","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00131","scoring_system":"epss","scoring_elements":"0.32641","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00131","scoring_system":"epss","scoring_elements":"0.32619","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00142","scoring_system":"epss","scoring_elements":"0.33821","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-50059"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-50059","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-50059"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2376785","reference_id":"2376785","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2376785"},{"reference_url":"https://www.oracle.com/security-alerts/cpujul2025.html","reference_id":"cpujul2025.html","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-07-16T14:42:42Z/"}],"url":"https://www.oracle.com/security-alerts/cpujul2025.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10865","reference_id":"RHSA-2025:10865","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10865"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10866","reference_id":"RHSA-2025:10866","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10866"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10867","reference_id":"RHSA-2025:10867","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10867"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10868","reference_id":"RHSA-2025:10868","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10868"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10869","reference_id":"RHSA-2025:10869","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10869"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10870","reference_id":"RHSA-2025:10870","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10870"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10873","reference_id":"RHSA-2025:10873","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10873"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10874","reference_id":"RHSA-2025:10874","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10874"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10875","reference_id":"RHSA-2025:10875","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10875"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:13656","reference_id":"RHSA-2025:13656","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:13656"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0934","reference_id":"RHSA-2026:0934","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0934"},{"reference_url":"https://usn.ubuntu.com/7668-1/","reference_id":"USN-7668-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7668-1/"},{"reference_url":"https://usn.ubuntu.com/7669-1/","reference_id":"USN-7669-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7669-1/"},{"reference_url":"https://usn.ubuntu.com/7672-1/","reference_id":"USN-7672-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7672-1/"},{"reference_url":"https://usn.ubuntu.com/7673-1/","reference_id":"USN-7673-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7673-1/"},{"reference_url":"https://usn.ubuntu.com/7674-1/","reference_id":"USN-7674-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7674-1/"},{"reference_url":"https://usn.ubuntu.com/7690-1/","reference_id":"USN-7690-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7690-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/933604?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.12%2B7-2~deb11u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1gha-995s-7qdg"},{"vulnerability":"VCID-57sd-8y93-qqhu"},{"vulnerability":"VCID-6r1k-8y1c-q7fm"},{"vulnerability":"VCID-jxgd-j4wr-tyb7"},{"vulnerability":"VCID-sz6r-65q1-q3bh"},{"vulnerability":"VCID-xte1-h9nn-4bbk"},{"vulnerability":"VCID-zsun-4q6p-8fek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.12%252B7-2~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933644?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.16%2B8-1~deb11u1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.16%252B8-1~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933643?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.16%2B8-1~deb12u1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.16%252B8-1~deb12u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933645?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.16%2B8-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.16%252B8-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933602?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1gha-995s-7qdg"},{"vulnerability":"VCID-57sd-8y93-qqhu"},{"vulnerability":"VCID-6r1k-8y1c-q7fm"},{"vulnerability":"VCID-jxgd-j4wr-tyb7"},{"vulnerability":"VCID-sz6r-65q1-q3bh"},{"vulnerability":"VCID-xte1-h9nn-4bbk"},{"vulnerability":"VCID-zsun-4q6p-8fek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.17%252B10-1~deb12u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933605?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~6ea-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~6ea-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1062446?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~9ea-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1067592?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~9ea-2?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-2%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1077466?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19%2B10-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19%252B10-1%3Fdistro=sid"}],"aliases":["CVE-2025-50059"],"risk_score":3.9,"exploitability":"0.5","weighted_severity":"7.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-e6dm-6767-9kdk"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/31971?format=json","vulnerability_id":"VCID-fau4-ajny-nfbd","summary":"Multiple vulnerabilities have been discovered in OpenJDK, the worst of which could lead to remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-20921.json","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-20921.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-20921","reference_id":"","reference_type":"","scores":[{"value":"0.00172","scoring_system":"epss","scoring_elements":"0.38159","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00172","scoring_system":"epss","scoring_elements":"0.3855","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00172","scoring_system":"epss","scoring_elements":"0.38391","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00172","scoring_system":"epss","scoring_elements":"0.38366","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00172","scoring_system":"epss","scoring_elements":"0.38275","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00187","scoring_system":"epss","scoring_elements":"0.40592","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00187","scoring_system":"epss","scoring_elements":"0.40563","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00187","scoring_system":"epss","scoring_elements":"0.40574","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00187","scoring_system":"epss","scoring_elements":"0.40556","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00187","scoring_system":"epss","scoring_elements":"0.40536","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00187","scoring_system":"epss","scoring_elements":"0.40584","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00187","scoring_system":"epss","scoring_elements":"0.40554","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00187","scoring_system":"epss","scoring_elements":"0.40564","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00187","scoring_system":"epss","scoring_elements":"0.40513","published_at":"2026-04-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-20921"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20918","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20918"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20919","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20919"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20921","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20921"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20926","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20926"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20932","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20932"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20945","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20945"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20952","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20952"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2257859","reference_id":"2257859","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2257859"},{"reference_url":"https://security.gentoo.org/glsa/202412-07","reference_id":"GLSA-202412-07","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-07"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0222","reference_id":"RHSA-2024:0222","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0222"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0223","reference_id":"RHSA-2024:0223","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0223"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0224","reference_id":"RHSA-2024:0224","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0224"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0225","reference_id":"RHSA-2024:0225","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0225"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0226","reference_id":"RHSA-2024:0226","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0226"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0228","reference_id":"RHSA-2024:0228","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0228"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0230","reference_id":"RHSA-2024:0230","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0230"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0231","reference_id":"RHSA-2024:0231","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0231"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0232","reference_id":"RHSA-2024:0232","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0232"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0233","reference_id":"RHSA-2024:0233","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0233"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0234","reference_id":"RHSA-2024:0234","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0234"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0235","reference_id":"RHSA-2024:0235","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0235"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0237","reference_id":"RHSA-2024:0237","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0237"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0239","reference_id":"RHSA-2024:0239","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0239"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0240","reference_id":"RHSA-2024:0240","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0240"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0241","reference_id":"RHSA-2024:0241","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0241"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0242","reference_id":"RHSA-2024:0242","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0242"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0244","reference_id":"RHSA-2024:0244","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0244"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0246","reference_id":"RHSA-2024:0246","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0246"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0247","reference_id":"RHSA-2024:0247","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0247"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0248","reference_id":"RHSA-2024:0248","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0248"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0249","reference_id":"RHSA-2024:0249","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0249"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0250","reference_id":"RHSA-2024:0250","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0250"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0265","reference_id":"RHSA-2024:0265","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0265"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0266","reference_id":"RHSA-2024:0266","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0266"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0267","reference_id":"RHSA-2024:0267","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0267"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1481","reference_id":"RHSA-2024:1481","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1481"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1482","reference_id":"RHSA-2024:1482","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1482"},{"reference_url":"https://usn.ubuntu.com/6660-1/","reference_id":"USN-6660-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6660-1/"},{"reference_url":"https://usn.ubuntu.com/6661-1/","reference_id":"USN-6661-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6661-1/"},{"reference_url":"https://usn.ubuntu.com/6662-1/","reference_id":"USN-6662-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6662-1/"},{"reference_url":"https://usn.ubuntu.com/6696-1/","reference_id":"USN-6696-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6696-1/"},{"reference_url":"https://usn.ubuntu.com/7096-1/","reference_id":"USN-7096-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7096-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/933627?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.10%2B7-1~deb11u1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.10%252B7-1~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933626?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.10%2B7-1~deb12u1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.10%252B7-1~deb12u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933628?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.10%2B7-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.10%252B7-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933604?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.12%2B7-2~deb11u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1gha-995s-7qdg"},{"vulnerability":"VCID-57sd-8y93-qqhu"},{"vulnerability":"VCID-6r1k-8y1c-q7fm"},{"vulnerability":"VCID-jxgd-j4wr-tyb7"},{"vulnerability":"VCID-sz6r-65q1-q3bh"},{"vulnerability":"VCID-xte1-h9nn-4bbk"},{"vulnerability":"VCID-zsun-4q6p-8fek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.12%252B7-2~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933602?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1gha-995s-7qdg"},{"vulnerability":"VCID-57sd-8y93-qqhu"},{"vulnerability":"VCID-6r1k-8y1c-q7fm"},{"vulnerability":"VCID-jxgd-j4wr-tyb7"},{"vulnerability":"VCID-sz6r-65q1-q3bh"},{"vulnerability":"VCID-xte1-h9nn-4bbk"},{"vulnerability":"VCID-zsun-4q6p-8fek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.17%252B10-1~deb12u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933605?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~6ea-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~6ea-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1062446?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~9ea-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1067592?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~9ea-2?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-2%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1077466?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19%2B10-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19%252B10-1%3Fdistro=sid"}],"aliases":["CVE-2024-20921"],"risk_score":2.6,"exploitability":"0.5","weighted_severity":"5.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fau4-ajny-nfbd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/78475?format=json","vulnerability_id":"VCID-fhj9-p1gx-c7hp","summary":"OpenJDK: incorrect enqueue of references in garbage collector (8298191)","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-21954.json","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-21954.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-21954","reference_id":"","reference_type":"","scores":[{"value":"0.00047","scoring_system":"epss","scoring_elements":"0.14458","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00047","scoring_system":"epss","scoring_elements":"0.14614","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00047","scoring_system":"epss","scoring_elements":"0.14644","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00047","scoring_system":"epss","scoring_elements":"0.14641","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00047","scoring_system":"epss","scoring_elements":"0.1458","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00049","scoring_system":"epss","scoring_elements":"0.15081","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00049","scoring_system":"epss","scoring_elements":"0.15089","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00049","scoring_system":"epss","scoring_elements":"0.15357","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00049","scoring_system":"epss","scoring_elements":"0.15161","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00049","scoring_system":"epss","scoring_elements":"0.15249","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00049","scoring_system":"epss","scoring_elements":"0.15301","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00049","scoring_system":"epss","scoring_elements":"0.1527","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00049","scoring_system":"epss","scoring_elements":"0.15232","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00049","scoring_system":"epss","scoring_elements":"0.15167","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00049","scoring_system":"epss","scoring_elements":"0.15288","published_at":"2026-04-02T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-21954"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21930","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21930"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21937","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21937"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21938","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21938"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21939","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21939"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21954","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21954"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21967","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21967"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21968","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21968"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22006","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22006"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22036","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22036"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22041","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22041"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22045","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22045"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22049","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22049"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1035957","reference_id":"1035957","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1035957"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036280","reference_id":"1036280","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036280"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2187441","reference_id":"2187441","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2187441"},{"reference_url":"https://www.debian.org/security/2023/dsa-5430","reference_id":"dsa-5430","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-16T14:39:04Z/"}],"url":"https://www.debian.org/security/2023/dsa-5430"},{"reference_url":"https://www.debian.org/security/2023/dsa-5478","reference_id":"dsa-5478","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-16T14:39:04Z/"}],"url":"https://www.debian.org/security/2023/dsa-5478"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2023/09/msg00018.html","reference_id":"msg00018.html","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-16T14:39:04Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2023/09/msg00018.html"},{"reference_url":"https://security.netapp.com/advisory/ntap-20230427-0008/","reference_id":"ntap-20230427-0008","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-16T14:39:04Z/"}],"url":"https://security.netapp.com/advisory/ntap-20230427-0008/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1875","reference_id":"RHSA-2023:1875","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1875"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1877","reference_id":"RHSA-2023:1877","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1877"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1878","reference_id":"RHSA-2023:1878","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1878"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1879","reference_id":"RHSA-2023:1879","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1879"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1880","reference_id":"RHSA-2023:1880","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1880"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1882","reference_id":"RHSA-2023:1882","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1882"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1883","reference_id":"RHSA-2023:1883","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1883"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1884","reference_id":"RHSA-2023:1884","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1884"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1885","reference_id":"RHSA-2023:1885","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1885"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1889","reference_id":"RHSA-2023:1889","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1889"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1890","reference_id":"RHSA-2023:1890","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1890"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1891","reference_id":"RHSA-2023:1891","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1891"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1892","reference_id":"RHSA-2023:1892","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1892"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1895","reference_id":"RHSA-2023:1895","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1895"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1898","reference_id":"RHSA-2023:1898","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1898"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1899","reference_id":"RHSA-2023:1899","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1899"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1900","reference_id":"RHSA-2023:1900","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1900"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1903","reference_id":"RHSA-2023:1903","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1903"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1904","reference_id":"RHSA-2023:1904","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1904"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1905","reference_id":"RHSA-2023:1905","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1905"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1906","reference_id":"RHSA-2023:1906","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1906"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1907","reference_id":"RHSA-2023:1907","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1907"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1908","reference_id":"RHSA-2023:1908","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1908"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1909","reference_id":"RHSA-2023:1909","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1909"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1910","reference_id":"RHSA-2023:1910","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1910"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1911","reference_id":"RHSA-2023:1911","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1911"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1912","reference_id":"RHSA-2023:1912","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1912"},{"reference_url":"https://usn.ubuntu.com/6077-1/","reference_id":"USN-6077-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6077-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/933619?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.7%2B7-1~deb11u1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.7%252B7-1~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933618?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.7%2B7-1~deb12u1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.7%252B7-1~deb12u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933620?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.7%2B7-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.7%252B7-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933604?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.12%2B7-2~deb11u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1gha-995s-7qdg"},{"vulnerability":"VCID-57sd-8y93-qqhu"},{"vulnerability":"VCID-6r1k-8y1c-q7fm"},{"vulnerability":"VCID-jxgd-j4wr-tyb7"},{"vulnerability":"VCID-sz6r-65q1-q3bh"},{"vulnerability":"VCID-xte1-h9nn-4bbk"},{"vulnerability":"VCID-zsun-4q6p-8fek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.12%252B7-2~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933602?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1gha-995s-7qdg"},{"vulnerability":"VCID-57sd-8y93-qqhu"},{"vulnerability":"VCID-6r1k-8y1c-q7fm"},{"vulnerability":"VCID-jxgd-j4wr-tyb7"},{"vulnerability":"VCID-sz6r-65q1-q3bh"},{"vulnerability":"VCID-xte1-h9nn-4bbk"},{"vulnerability":"VCID-zsun-4q6p-8fek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.17%252B10-1~deb12u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933605?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~6ea-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~6ea-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1062446?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~9ea-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1067592?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~9ea-2?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-2%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1077466?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19%2B10-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19%252B10-1%3Fdistro=sid"}],"aliases":["CVE-2023-21954"],"risk_score":2.6,"exploitability":"0.5","weighted_severity":"5.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fhj9-p1gx-c7hp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/31974?format=json","vulnerability_id":"VCID-fwk5-wqvn-4qaz","summary":"Multiple vulnerabilities have been discovered in OpenJDK, the worst of which could lead to remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-20926.json","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-20926.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-20926","reference_id":"","reference_type":"","scores":[{"value":"0.00195","scoring_system":"epss","scoring_elements":"0.41007","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00195","scoring_system":"epss","scoring_elements":"0.41339","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00195","scoring_system":"epss","scoring_elements":"0.4123","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00195","scoring_system":"epss","scoring_elements":"0.41224","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00195","scoring_system":"epss","scoring_elements":"0.41144","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00211","scoring_system":"epss","scoring_elements":"0.43714","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00211","scoring_system":"epss","scoring_elements":"0.43703","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00211","scoring_system":"epss","scoring_elements":"0.43665","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00211","scoring_system":"epss","scoring_elements":"0.4369","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00211","scoring_system":"epss","scoring_elements":"0.43625","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00211","scoring_system":"epss","scoring_elements":"0.43676","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00211","scoring_system":"epss","scoring_elements":"0.4368","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00211","scoring_system":"epss","scoring_elements":"0.437","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00211","scoring_system":"epss","scoring_elements":"0.43668","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00211","scoring_system":"epss","scoring_elements":"0.43651","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-20926"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20918","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20918"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20919","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20919"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20921","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20921"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20926","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20926"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20932","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20932"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20945","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20945"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20952","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20952"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2257850","reference_id":"2257850","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2257850"},{"reference_url":"https://security.gentoo.org/glsa/202412-07","reference_id":"GLSA-202412-07","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-07"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2024/01/msg00023.html","reference_id":"msg00023.html","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-15T16:03:46Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2024/01/msg00023.html"},{"reference_url":"https://security.netapp.com/advisory/ntap-20240201-0002/","reference_id":"ntap-20240201-0002","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-15T16:03:46Z/"}],"url":"https://security.netapp.com/advisory/ntap-20240201-0002/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0222","reference_id":"RHSA-2024:0222","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0222"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0223","reference_id":"RHSA-2024:0223","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0223"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0224","reference_id":"RHSA-2024:0224","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0224"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0225","reference_id":"RHSA-2024:0225","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0225"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0226","reference_id":"RHSA-2024:0226","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0226"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0228","reference_id":"RHSA-2024:0228","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0228"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0230","reference_id":"RHSA-2024:0230","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0230"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0231","reference_id":"RHSA-2024:0231","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0231"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0232","reference_id":"RHSA-2024:0232","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0232"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0233","reference_id":"RHSA-2024:0233","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0233"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0234","reference_id":"RHSA-2024:0234","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0234"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0235","reference_id":"RHSA-2024:0235","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0235"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0237","reference_id":"RHSA-2024:0237","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0237"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0239","reference_id":"RHSA-2024:0239","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0239"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0265","reference_id":"RHSA-2024:0265","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0265"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0266","reference_id":"RHSA-2024:0266","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0266"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1481","reference_id":"RHSA-2024:1481","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1481"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1482","reference_id":"RHSA-2024:1482","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1482"},{"reference_url":"https://usn.ubuntu.com/6660-1/","reference_id":"USN-6660-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6660-1/"},{"reference_url":"https://usn.ubuntu.com/6696-1/","reference_id":"USN-6696-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6696-1/"},{"reference_url":"https://usn.ubuntu.com/7096-1/","reference_id":"USN-7096-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7096-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/933627?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.10%2B7-1~deb11u1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.10%252B7-1~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933626?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.10%2B7-1~deb12u1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.10%252B7-1~deb12u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933628?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.10%2B7-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.10%252B7-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933604?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.12%2B7-2~deb11u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1gha-995s-7qdg"},{"vulnerability":"VCID-57sd-8y93-qqhu"},{"vulnerability":"VCID-6r1k-8y1c-q7fm"},{"vulnerability":"VCID-jxgd-j4wr-tyb7"},{"vulnerability":"VCID-sz6r-65q1-q3bh"},{"vulnerability":"VCID-xte1-h9nn-4bbk"},{"vulnerability":"VCID-zsun-4q6p-8fek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.12%252B7-2~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933602?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1gha-995s-7qdg"},{"vulnerability":"VCID-57sd-8y93-qqhu"},{"vulnerability":"VCID-6r1k-8y1c-q7fm"},{"vulnerability":"VCID-jxgd-j4wr-tyb7"},{"vulnerability":"VCID-sz6r-65q1-q3bh"},{"vulnerability":"VCID-xte1-h9nn-4bbk"},{"vulnerability":"VCID-zsun-4q6p-8fek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.17%252B10-1~deb12u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933605?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~6ea-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~6ea-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1062446?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~9ea-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1067592?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~9ea-2?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-2%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1077466?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19%2B10-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19%252B10-1%3Fdistro=sid"}],"aliases":["CVE-2024-20926"],"risk_score":2.6,"exploitability":"0.5","weighted_severity":"5.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fwk5-wqvn-4qaz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/34425?format=json","vulnerability_id":"VCID-fwv1-sj5y-xygd","summary":"Multiple vulnerabilities have been found in IcedTea, the worst of which could result in arbitrary code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21619.json","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21619.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-21619","reference_id":"","reference_type":"","scores":[{"value":"0.00262","scoring_system":"epss","scoring_elements":"0.49517","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00262","scoring_system":"epss","scoring_elements":"0.49544","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00262","scoring_system":"epss","scoring_elements":"0.49496","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00262","scoring_system":"epss","scoring_elements":"0.49551","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00262","scoring_system":"epss","scoring_elements":"0.49546","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00262","scoring_system":"epss","scoring_elements":"0.49563","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00262","scoring_system":"epss","scoring_elements":"0.49535","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00262","scoring_system":"epss","scoring_elements":"0.49537","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00262","scoring_system":"epss","scoring_elements":"0.49583","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00262","scoring_system":"epss","scoring_elements":"0.4958","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00272","scoring_system":"epss","scoring_elements":"0.50529","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00272","scoring_system":"epss","scoring_elements":"0.50694","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00272","scoring_system":"epss","scoring_elements":"0.50641","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00272","scoring_system":"epss","scoring_elements":"0.50649","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00272","scoring_system":"epss","scoring_elements":"0.50605","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-21619"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21618","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21618"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21619","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21619"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21624","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21624"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21626","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21626"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21628","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21628"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39399","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39399"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21835","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21835"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21843","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21843"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2133745","reference_id":"2133745","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2133745"},{"reference_url":"https://security.gentoo.org/glsa/202409-26","reference_id":"GLSA-202409-26","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202409-26"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:6999","reference_id":"RHSA-2022:6999","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:6999"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7000","reference_id":"RHSA-2022:7000","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7000"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7001","reference_id":"RHSA-2022:7001","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7001"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7002","reference_id":"RHSA-2022:7002","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7002"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7003","reference_id":"RHSA-2022:7003","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7003"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7004","reference_id":"RHSA-2022:7004","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7004"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7005","reference_id":"RHSA-2022:7005","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7005"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7006","reference_id":"RHSA-2022:7006","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7006"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7007","reference_id":"RHSA-2022:7007","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7007"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7008","reference_id":"RHSA-2022:7008","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7008"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7009","reference_id":"RHSA-2022:7009","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7009"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7010","reference_id":"RHSA-2022:7010","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7010"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7011","reference_id":"RHSA-2022:7011","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7011"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7012","reference_id":"RHSA-2022:7012","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7012"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7013","reference_id":"RHSA-2022:7013","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7013"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7049","reference_id":"RHSA-2022:7049","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7049"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7050","reference_id":"RHSA-2022:7050","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7050"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7051","reference_id":"RHSA-2022:7051","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7051"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7052","reference_id":"RHSA-2022:7052","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7052"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7053","reference_id":"RHSA-2022:7053","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7053"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7054","reference_id":"RHSA-2022:7054","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7054"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:8880","reference_id":"RHSA-2022:8880","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:8880"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0128","reference_id":"RHSA-2023:0128","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0128"},{"reference_url":"https://usn.ubuntu.com/5719-1/","reference_id":"USN-5719-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5719-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/933615?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.5%2B8-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.5%252B8-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933616?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.6%2B10-1~deb11u1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.6%252B10-1~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933604?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.12%2B7-2~deb11u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1gha-995s-7qdg"},{"vulnerability":"VCID-57sd-8y93-qqhu"},{"vulnerability":"VCID-6r1k-8y1c-q7fm"},{"vulnerability":"VCID-jxgd-j4wr-tyb7"},{"vulnerability":"VCID-sz6r-65q1-q3bh"},{"vulnerability":"VCID-xte1-h9nn-4bbk"},{"vulnerability":"VCID-zsun-4q6p-8fek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.12%252B7-2~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933602?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1gha-995s-7qdg"},{"vulnerability":"VCID-57sd-8y93-qqhu"},{"vulnerability":"VCID-6r1k-8y1c-q7fm"},{"vulnerability":"VCID-jxgd-j4wr-tyb7"},{"vulnerability":"VCID-sz6r-65q1-q3bh"},{"vulnerability":"VCID-xte1-h9nn-4bbk"},{"vulnerability":"VCID-zsun-4q6p-8fek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.17%252B10-1~deb12u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933605?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~6ea-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~6ea-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1062446?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~9ea-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1067592?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~9ea-2?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-2%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1077466?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19%2B10-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19%252B10-1%3Fdistro=sid"}],"aliases":["CVE-2022-21619"],"risk_score":1.6,"exploitability":"0.5","weighted_severity":"3.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fwv1-sj5y-xygd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/34356?format=json","vulnerability_id":"VCID-g2fj-4mgh-23fs","summary":"Multiple vulnerabilities have been found in OpenJDK, the worst of which could result in denial of service.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21283.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21283.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-21283","reference_id":"","reference_type":"","scores":[{"value":"0.00118","scoring_system":"epss","scoring_elements":"0.30847","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00118","scoring_system":"epss","scoring_elements":"0.30894","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00133","scoring_system":"epss","scoring_elements":"0.32867","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00133","scoring_system":"epss","scoring_elements":"0.32868","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00133","scoring_system":"epss","scoring_elements":"0.32829","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00133","scoring_system":"epss","scoring_elements":"0.32803","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00133","scoring_system":"epss","scoring_elements":"0.32846","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00133","scoring_system":"epss","scoring_elements":"0.32823","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00133","scoring_system":"epss","scoring_elements":"0.32787","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00133","scoring_system":"epss","scoring_elements":"0.32637","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00133","scoring_system":"epss","scoring_elements":"0.32522","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00133","scoring_system":"epss","scoring_elements":"0.32439","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00133","scoring_system":"epss","scoring_elements":"0.32302","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00133","scoring_system":"epss","scoring_elements":"0.3279","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00133","scoring_system":"epss","scoring_elements":"0.32838","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-21283"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21248","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21248"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21277","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21277"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21282","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21282"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21283","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21283"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21291","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21291"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21293","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21293"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21294","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21294"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21296","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21296"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21299","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21299"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21305","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21305"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21340","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21340"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21341","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21341"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21360","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21360"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21365","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21365"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21366","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21366"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2041400","reference_id":"2041400","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2041400"},{"reference_url":"https://security.gentoo.org/glsa/202209-05","reference_id":"GLSA-202209-05","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202209-05"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0161","reference_id":"RHSA-2022:0161","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0161"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0165","reference_id":"RHSA-2022:0165","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0165"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0166","reference_id":"RHSA-2022:0166","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0166"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0185","reference_id":"RHSA-2022:0185","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0185"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0204","reference_id":"RHSA-2022:0204","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0204"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0209","reference_id":"RHSA-2022:0209","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0209"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0211","reference_id":"RHSA-2022:0211","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0211"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0228","reference_id":"RHSA-2022:0228","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0228"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0229","reference_id":"RHSA-2022:0229","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0229"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0233","reference_id":"RHSA-2022:0233","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0233"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0304","reference_id":"RHSA-2022:0304","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0304"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0305","reference_id":"RHSA-2022:0305","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0305"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0306","reference_id":"RHSA-2022:0306","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0306"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0307","reference_id":"RHSA-2022:0307","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0307"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0312","reference_id":"RHSA-2022:0312","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0312"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0317","reference_id":"RHSA-2022:0317","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0317"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0321","reference_id":"RHSA-2022:0321","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0321"},{"reference_url":"https://usn.ubuntu.com/5313-1/","reference_id":"USN-5313-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5313-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/933610?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.2%2B8-1~deb11u1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.2%252B8-1~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933609?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.2%2B8-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.2%252B8-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933604?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.12%2B7-2~deb11u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1gha-995s-7qdg"},{"vulnerability":"VCID-57sd-8y93-qqhu"},{"vulnerability":"VCID-6r1k-8y1c-q7fm"},{"vulnerability":"VCID-jxgd-j4wr-tyb7"},{"vulnerability":"VCID-sz6r-65q1-q3bh"},{"vulnerability":"VCID-xte1-h9nn-4bbk"},{"vulnerability":"VCID-zsun-4q6p-8fek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.12%252B7-2~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933602?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1gha-995s-7qdg"},{"vulnerability":"VCID-57sd-8y93-qqhu"},{"vulnerability":"VCID-6r1k-8y1c-q7fm"},{"vulnerability":"VCID-jxgd-j4wr-tyb7"},{"vulnerability":"VCID-sz6r-65q1-q3bh"},{"vulnerability":"VCID-xte1-h9nn-4bbk"},{"vulnerability":"VCID-zsun-4q6p-8fek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.17%252B10-1~deb12u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933605?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~6ea-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~6ea-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1062446?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~9ea-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1067592?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~9ea-2?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-2%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1077466?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19%2B10-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19%252B10-1%3Fdistro=sid"}],"aliases":["CVE-2022-21283"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-g2fj-4mgh-23fs"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/31966?format=json","vulnerability_id":"VCID-gjgy-dfq7-zfb2","summary":"Multiple vulnerabilities have been discovered in OpenJDK, the worst of which could lead to remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-22049.json","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-22049.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-22049","reference_id":"","reference_type":"","scores":[{"value":"0.00065","scoring_system":"epss","scoring_elements":"0.20347","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00065","scoring_system":"epss","scoring_elements":"0.20223","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00065","scoring_system":"epss","scoring_elements":"0.20303","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00065","scoring_system":"epss","scoring_elements":"0.20363","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00065","scoring_system":"epss","scoring_elements":"0.20392","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00065","scoring_system":"epss","scoring_elements":"0.20289","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00065","scoring_system":"epss","scoring_elements":"0.20277","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00065","scoring_system":"epss","scoring_elements":"0.20281","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00078","scoring_system":"epss","scoring_elements":"0.22915","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00078","scoring_system":"epss","scoring_elements":"0.22808","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00078","scoring_system":"epss","scoring_elements":"0.23097","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00078","scoring_system":"epss","scoring_elements":"0.22921","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00078","scoring_system":"epss","scoring_elements":"0.22912","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00086","scoring_system":"epss","scoring_elements":"0.24864","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00086","scoring_system":"epss","scoring_elements":"0.24903","published_at":"2026-04-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-22049"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21930","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21930"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21937","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21937"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21938","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21938"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21939","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21939"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21954","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21954"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21967","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21967"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21968","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21968"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22006","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22006"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22036","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22036"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22041","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22041"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22045","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22045"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22049","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22049"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2221647","reference_id":"2221647","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2221647"},{"reference_url":"https://security.gentoo.org/glsa/202407-24","reference_id":"GLSA-202407-24","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202407-24"},{"reference_url":"https://security.gentoo.org/glsa/202412-07","reference_id":"GLSA-202412-07","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-07"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4157","reference_id":"RHSA-2023:4157","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4157"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4158","reference_id":"RHSA-2023:4158","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4158"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4159","reference_id":"RHSA-2023:4159","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4159"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4161","reference_id":"RHSA-2023:4161","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4161"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4162","reference_id":"RHSA-2023:4162","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4162"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4163","reference_id":"RHSA-2023:4163","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4163"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4164","reference_id":"RHSA-2023:4164","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4164"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4165","reference_id":"RHSA-2023:4165","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4165"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4166","reference_id":"RHSA-2023:4166","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4166"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4167","reference_id":"RHSA-2023:4167","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4167"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4168","reference_id":"RHSA-2023:4168","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4168"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4169","reference_id":"RHSA-2023:4169","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4169"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4170","reference_id":"RHSA-2023:4170","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4170"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4171","reference_id":"RHSA-2023:4171","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4171"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4172","reference_id":"RHSA-2023:4172","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4172"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4173","reference_id":"RHSA-2023:4173","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4173"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4174","reference_id":"RHSA-2023:4174","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4174"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4175","reference_id":"RHSA-2023:4175","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4175"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4176","reference_id":"RHSA-2023:4176","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4176"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4177","reference_id":"RHSA-2023:4177","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4177"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4178","reference_id":"RHSA-2023:4178","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4178"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4208","reference_id":"RHSA-2023:4208","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4208"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4209","reference_id":"RHSA-2023:4209","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4209"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4210","reference_id":"RHSA-2023:4210","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4210"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4211","reference_id":"RHSA-2023:4211","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4211"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4212","reference_id":"RHSA-2023:4212","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4212"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4233","reference_id":"RHSA-2023:4233","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4233"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4876","reference_id":"RHSA-2023:4876","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4876"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4877","reference_id":"RHSA-2023:4877","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4877"},{"reference_url":"https://usn.ubuntu.com/6263-1/","reference_id":"USN-6263-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6263-1/"},{"reference_url":"https://usn.ubuntu.com/6272-1/","reference_id":"USN-6272-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6272-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/933621?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.8%2B7-1~deb12u1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.8%252B7-1~deb12u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933622?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.8%2B7-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.8%252B7-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933604?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.12%2B7-2~deb11u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1gha-995s-7qdg"},{"vulnerability":"VCID-57sd-8y93-qqhu"},{"vulnerability":"VCID-6r1k-8y1c-q7fm"},{"vulnerability":"VCID-jxgd-j4wr-tyb7"},{"vulnerability":"VCID-sz6r-65q1-q3bh"},{"vulnerability":"VCID-xte1-h9nn-4bbk"},{"vulnerability":"VCID-zsun-4q6p-8fek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.12%252B7-2~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933602?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1gha-995s-7qdg"},{"vulnerability":"VCID-57sd-8y93-qqhu"},{"vulnerability":"VCID-6r1k-8y1c-q7fm"},{"vulnerability":"VCID-jxgd-j4wr-tyb7"},{"vulnerability":"VCID-sz6r-65q1-q3bh"},{"vulnerability":"VCID-xte1-h9nn-4bbk"},{"vulnerability":"VCID-zsun-4q6p-8fek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.17%252B10-1~deb12u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933605?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~6ea-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~6ea-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1062446?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~9ea-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1067592?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~9ea-2?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-2%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1077466?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19%2B10-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19%252B10-1%3Fdistro=sid"}],"aliases":["CVE-2023-22049"],"risk_score":1.6,"exploitability":"0.5","weighted_severity":"3.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-gjgy-dfq7-zfb2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/34339?format=json","vulnerability_id":"VCID-gksn-mb6g-rue5","summary":"Multiple vulnerabilities have been found in OpenJDK, the worst of which could result in denial of service.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-35556.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-35556.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-35556","reference_id":"","reference_type":"","scores":[{"value":"0.00137","scoring_system":"epss","scoring_elements":"0.33383","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00137","scoring_system":"epss","scoring_elements":"0.33025","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00137","scoring_system":"epss","scoring_elements":"0.3339","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00137","scoring_system":"epss","scoring_elements":"0.33237","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00137","scoring_system":"epss","scoring_elements":"0.33219","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00137","scoring_system":"epss","scoring_elements":"0.33139","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00137","scoring_system":"epss","scoring_elements":"0.33519","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00137","scoring_system":"epss","scoring_elements":"0.33552","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00137","scoring_system":"epss","scoring_elements":"0.33392","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00137","scoring_system":"epss","scoring_elements":"0.33437","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00137","scoring_system":"epss","scoring_elements":"0.33471","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00137","scoring_system":"epss","scoring_elements":"0.33474","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00137","scoring_system":"epss","scoring_elements":"0.33433","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00137","scoring_system":"epss","scoring_elements":"0.3341","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00137","scoring_system":"epss","scoring_elements":"0.33446","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00137","scoring_system":"epss","scoring_elements":"0.33421","published_at":"2026-04-18T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-35556"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35550","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35550"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35556","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35556"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35559","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35559"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35561","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35561"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35564","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35564"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35565","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35565"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35567","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35567"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35578","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35578"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35586","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35586"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35603","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35603"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2014515","reference_id":"2014515","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2014515"},{"reference_url":"https://security.archlinux.org/AVG-2477","reference_id":"AVG-2477","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2477"},{"reference_url":"https://security.archlinux.org/AVG-2478","reference_id":"AVG-2478","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2478"},{"reference_url":"https://security.archlinux.org/AVG-2479","reference_id":"AVG-2479","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2479"},{"reference_url":"https://security.gentoo.org/glsa/202209-05","reference_id":"GLSA-202209-05","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202209-05"},{"reference_url":"https://security.gentoo.org/glsa/202409-26","reference_id":"GLSA-202409-26","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202409-26"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3884","reference_id":"RHSA-2021:3884","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3884"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3885","reference_id":"RHSA-2021:3885","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3885"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3886","reference_id":"RHSA-2021:3886","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3886"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3887","reference_id":"RHSA-2021:3887","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3887"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3889","reference_id":"RHSA-2021:3889","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3889"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3891","reference_id":"RHSA-2021:3891","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3891"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3892","reference_id":"RHSA-2021:3892","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3892"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3893","reference_id":"RHSA-2021:3893","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3893"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3960","reference_id":"RHSA-2021:3960","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3960"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3961","reference_id":"RHSA-2021:3961","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3961"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3967","reference_id":"RHSA-2021:3967","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3967"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3968","reference_id":"RHSA-2021:3968","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3968"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:4135","reference_id":"RHSA-2021:4135","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:4135"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:4531","reference_id":"RHSA-2021:4531","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:4531"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:4532","reference_id":"RHSA-2021:4532","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:4532"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:5030","reference_id":"RHSA-2021:5030","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:5030"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0310","reference_id":"RHSA-2022:0310","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0310"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0345","reference_id":"RHSA-2022:0345","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0345"},{"reference_url":"https://usn.ubuntu.com/5202-1/","reference_id":"USN-5202-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5202-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/933607?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.1%2B12-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.1%252B12-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933608?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.1%2B12-1%2Bdeb11u2?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.1%252B12-1%252Bdeb11u2%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933604?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.12%2B7-2~deb11u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1gha-995s-7qdg"},{"vulnerability":"VCID-57sd-8y93-qqhu"},{"vulnerability":"VCID-6r1k-8y1c-q7fm"},{"vulnerability":"VCID-jxgd-j4wr-tyb7"},{"vulnerability":"VCID-sz6r-65q1-q3bh"},{"vulnerability":"VCID-xte1-h9nn-4bbk"},{"vulnerability":"VCID-zsun-4q6p-8fek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.12%252B7-2~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933602?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1gha-995s-7qdg"},{"vulnerability":"VCID-57sd-8y93-qqhu"},{"vulnerability":"VCID-6r1k-8y1c-q7fm"},{"vulnerability":"VCID-jxgd-j4wr-tyb7"},{"vulnerability":"VCID-sz6r-65q1-q3bh"},{"vulnerability":"VCID-xte1-h9nn-4bbk"},{"vulnerability":"VCID-zsun-4q6p-8fek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.17%252B10-1~deb12u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933605?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~6ea-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~6ea-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1062446?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~9ea-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1067592?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~9ea-2?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-2%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1077466?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19%2B10-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19%252B10-1%3Fdistro=sid"}],"aliases":["CVE-2021-35556"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-gksn-mb6g-rue5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/34426?format=json","vulnerability_id":"VCID-h2w2-8e43-j3g6","summary":"Multiple vulnerabilities have been found in IcedTea, the worst of which could result in arbitrary code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21624.json","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21624.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-21624","reference_id":"","reference_type":"","scores":[{"value":"0.00201","scoring_system":"epss","scoring_elements":"0.42206","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00201","scoring_system":"epss","scoring_elements":"0.42234","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00201","scoring_system":"epss","scoring_elements":"0.42175","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00201","scoring_system":"epss","scoring_elements":"0.42226","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00201","scoring_system":"epss","scoring_elements":"0.42257","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00201","scoring_system":"epss","scoring_elements":"0.4222","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00201","scoring_system":"epss","scoring_elements":"0.42192","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00201","scoring_system":"epss","scoring_elements":"0.4187","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00201","scoring_system":"epss","scoring_elements":"0.42096","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00201","scoring_system":"epss","scoring_elements":"0.42093","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00201","scoring_system":"epss","scoring_elements":"0.4201","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00201","scoring_system":"epss","scoring_elements":"0.4215","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00267","scoring_system":"epss","scoring_elements":"0.50242","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00267","scoring_system":"epss","scoring_elements":"0.50243","published_at":"2026-04-18T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-21624"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21618","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21618"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21619","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21619"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21624","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21624"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21626","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21626"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21628","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21628"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39399","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39399"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21835","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21835"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21843","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21843"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2133765","reference_id":"2133765","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2133765"},{"reference_url":"https://security.gentoo.org/glsa/202409-26","reference_id":"GLSA-202409-26","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202409-26"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:6999","reference_id":"RHSA-2022:6999","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:6999"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7000","reference_id":"RHSA-2022:7000","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7000"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7001","reference_id":"RHSA-2022:7001","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7001"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7002","reference_id":"RHSA-2022:7002","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7002"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7003","reference_id":"RHSA-2022:7003","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7003"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7004","reference_id":"RHSA-2022:7004","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7004"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7005","reference_id":"RHSA-2022:7005","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7005"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7006","reference_id":"RHSA-2022:7006","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7006"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7007","reference_id":"RHSA-2022:7007","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7007"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7008","reference_id":"RHSA-2022:7008","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7008"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7009","reference_id":"RHSA-2022:7009","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7009"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7010","reference_id":"RHSA-2022:7010","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7010"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7011","reference_id":"RHSA-2022:7011","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7011"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7012","reference_id":"RHSA-2022:7012","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7012"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7013","reference_id":"RHSA-2022:7013","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7013"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7049","reference_id":"RHSA-2022:7049","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7049"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7050","reference_id":"RHSA-2022:7050","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7050"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7051","reference_id":"RHSA-2022:7051","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7051"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7052","reference_id":"RHSA-2022:7052","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7052"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7053","reference_id":"RHSA-2022:7053","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7053"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7054","reference_id":"RHSA-2022:7054","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7054"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:8880","reference_id":"RHSA-2022:8880","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:8880"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0128","reference_id":"RHSA-2023:0128","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0128"},{"reference_url":"https://usn.ubuntu.com/5719-1/","reference_id":"USN-5719-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5719-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/933615?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.5%2B8-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.5%252B8-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933616?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.6%2B10-1~deb11u1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.6%252B10-1~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933604?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.12%2B7-2~deb11u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1gha-995s-7qdg"},{"vulnerability":"VCID-57sd-8y93-qqhu"},{"vulnerability":"VCID-6r1k-8y1c-q7fm"},{"vulnerability":"VCID-jxgd-j4wr-tyb7"},{"vulnerability":"VCID-sz6r-65q1-q3bh"},{"vulnerability":"VCID-xte1-h9nn-4bbk"},{"vulnerability":"VCID-zsun-4q6p-8fek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.12%252B7-2~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933602?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1gha-995s-7qdg"},{"vulnerability":"VCID-57sd-8y93-qqhu"},{"vulnerability":"VCID-6r1k-8y1c-q7fm"},{"vulnerability":"VCID-jxgd-j4wr-tyb7"},{"vulnerability":"VCID-sz6r-65q1-q3bh"},{"vulnerability":"VCID-xte1-h9nn-4bbk"},{"vulnerability":"VCID-zsun-4q6p-8fek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.17%252B10-1~deb12u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933605?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~6ea-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~6ea-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1062446?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~9ea-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1067592?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~9ea-2?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-2%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1077466?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19%2B10-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19%252B10-1%3Fdistro=sid"}],"aliases":["CVE-2022-21624"],"risk_score":1.6,"exploitability":"0.5","weighted_severity":"3.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-h2w2-8e43-j3g6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/76840?format=json","vulnerability_id":"VCID-h7n1-qfs3-v3fw","summary":"OpenJDK: HTTP/2 client improper reverse DNS lookup (8315708)","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21012.json","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21012.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-21012","reference_id":"","reference_type":"","scores":[{"value":"0.00146","scoring_system":"epss","scoring_elements":"0.34492","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00146","scoring_system":"epss","scoring_elements":"0.3498","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00146","scoring_system":"epss","scoring_elements":"0.3502","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00146","scoring_system":"epss","scoring_elements":"0.35005","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00146","scoring_system":"epss","scoring_elements":"0.3496","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00146","scoring_system":"epss","scoring_elements":"0.34731","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00146","scoring_system":"epss","scoring_elements":"0.34711","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00146","scoring_system":"epss","scoring_elements":"0.34621","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00146","scoring_system":"epss","scoring_elements":"0.35055","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00146","scoring_system":"epss","scoring_elements":"0.35082","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00146","scoring_system":"epss","scoring_elements":"0.34962","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00146","scoring_system":"epss","scoring_elements":"0.35007","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00146","scoring_system":"epss","scoring_elements":"0.35036","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00146","scoring_system":"epss","scoring_elements":"0.3504","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00146","scoring_system":"epss","scoring_elements":"0.35004","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-21012"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21011","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21011"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21012","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21012"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21068","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21068"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21085","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21085"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21094","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21094"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2274975","reference_id":"2274975","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2274975"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm:20.3.13:*:*:*:enterprise:*:*:*","reference_id":"cpe:2.3:a:oracle:graalvm:20.3.13:*:*:*:enterprise:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm:20.3.13:*:*:*:enterprise:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm:21.3.9:*:*:*:enterprise:*:*:*","reference_id":"cpe:2.3:a:oracle:graalvm:21.3.9:*:*:*:enterprise:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm:21.3.9:*:*:*:enterprise:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:17.0.10:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:graalvm_for_jdk:17.0.10:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:17.0.10:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:21.0.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:graalvm_for_jdk:21.0.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:21.0.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:22:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:graalvm_for_jdk:22:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:22:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:11.0.22:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:java_se:11.0.22:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:11.0.22:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:17.0.10:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:java_se:17.0.10:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:17.0.10:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:21.0.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:java_se:21.0.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:21.0.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:22:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:java_se:22:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:22:*:*:*:*:*:*:*"},{"reference_url":"https://www.oracle.com/security-alerts/cpuapr2024.html","reference_id":"cpuapr2024.html","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-26T15:15:43Z/"}],"url":"https://www.oracle.com/security-alerts/cpuapr2024.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2024/04/msg00014.html","reference_id":"msg00014.html","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-26T15:15:43Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2024/04/msg00014.html"},{"reference_url":"https://security.netapp.com/advisory/ntap-20240426-0004/","reference_id":"ntap-20240426-0004","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-26T15:15:43Z/"}],"url":"https://security.netapp.com/advisory/ntap-20240426-0004/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1819","reference_id":"RHSA-2024:1819","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1819"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1820","reference_id":"RHSA-2024:1820","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1820"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1821","reference_id":"RHSA-2024:1821","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1821"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1822","reference_id":"RHSA-2024:1822","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1822"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1823","reference_id":"RHSA-2024:1823","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1823"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1824","reference_id":"RHSA-2024:1824","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1824"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1825","reference_id":"RHSA-2024:1825","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1825"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1826","reference_id":"RHSA-2024:1826","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1826"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1827","reference_id":"RHSA-2024:1827","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1827"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1828","reference_id":"RHSA-2024:1828","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1828"},{"reference_url":"https://usn.ubuntu.com/6811-1/","reference_id":"USN-6811-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6811-1/"},{"reference_url":"https://usn.ubuntu.com/6812-1/","reference_id":"USN-6812-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6812-1/"},{"reference_url":"https://usn.ubuntu.com/6813-1/","reference_id":"USN-6813-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6813-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/933630?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.11%2B9-1~deb11u1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.11%252B9-1~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933629?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.11%2B9-1~deb12u1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.11%252B9-1~deb12u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933631?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.11%2B9-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.11%252B9-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933604?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.12%2B7-2~deb11u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1gha-995s-7qdg"},{"vulnerability":"VCID-57sd-8y93-qqhu"},{"vulnerability":"VCID-6r1k-8y1c-q7fm"},{"vulnerability":"VCID-jxgd-j4wr-tyb7"},{"vulnerability":"VCID-sz6r-65q1-q3bh"},{"vulnerability":"VCID-xte1-h9nn-4bbk"},{"vulnerability":"VCID-zsun-4q6p-8fek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.12%252B7-2~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933602?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1gha-995s-7qdg"},{"vulnerability":"VCID-57sd-8y93-qqhu"},{"vulnerability":"VCID-6r1k-8y1c-q7fm"},{"vulnerability":"VCID-jxgd-j4wr-tyb7"},{"vulnerability":"VCID-sz6r-65q1-q3bh"},{"vulnerability":"VCID-xte1-h9nn-4bbk"},{"vulnerability":"VCID-zsun-4q6p-8fek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.17%252B10-1~deb12u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933605?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~6ea-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~6ea-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1062446?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~9ea-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1067592?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~9ea-2?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-2%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1077466?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19%2B10-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19%252B10-1%3Fdistro=sid"}],"aliases":["CVE-2024-21012"],"risk_score":1.6,"exploitability":"0.5","weighted_severity":"3.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-h7n1-qfs3-v3fw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/34343?format=json","vulnerability_id":"VCID-hdz7-kcy9-juah","summary":"Multiple vulnerabilities have been found in OpenJDK, the worst of which could result in denial of service.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-35564.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-35564.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-35564","reference_id":"","reference_type":"","scores":[{"value":"0.00106","scoring_system":"epss","scoring_elements":"0.28817","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00106","scoring_system":"epss","scoring_elements":"0.2826","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00106","scoring_system":"epss","scoring_elements":"0.28417","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00106","scoring_system":"epss","scoring_elements":"0.28492","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00106","scoring_system":"epss","scoring_elements":"0.28867","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00106","scoring_system":"epss","scoring_elements":"0.28773","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00106","scoring_system":"epss","scoring_elements":"0.28862","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00106","scoring_system":"epss","scoring_elements":"0.28898","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00106","scoring_system":"epss","scoring_elements":"0.28605","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00106","scoring_system":"epss","scoring_elements":"0.2872","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00106","scoring_system":"epss","scoring_elements":"0.2877","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00106","scoring_system":"epss","scoring_elements":"0.28793","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00106","scoring_system":"epss","scoring_elements":"0.28948","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00106","scoring_system":"epss","scoring_elements":"0.28755","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00106","scoring_system":"epss","scoring_elements":"0.28822","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-35564"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35550","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35550"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35556","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35556"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35559","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35559"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35561","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35561"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35564","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35564"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35565","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35565"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35567","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35567"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35578","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35578"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35586","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35586"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35603","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35603"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2015061","reference_id":"2015061","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2015061"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6EUURAQOIJYFZHQ7DFZCO6IKDPIAWTNK/","reference_id":"6EUURAQOIJYFZHQ7DFZCO6IKDPIAWTNK","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-19T18:55:09Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6EUURAQOIJYFZHQ7DFZCO6IKDPIAWTNK/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7WTVCIVHTX3XONYOEGUMLKCM4QEC6INT/","reference_id":"7WTVCIVHTX3XONYOEGUMLKCM4QEC6INT","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-19T18:55:09Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7WTVCIVHTX3XONYOEGUMLKCM4QEC6INT/"},{"reference_url":"https://security.archlinux.org/AVG-2477","reference_id":"AVG-2477","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2477"},{"reference_url":"https://security.archlinux.org/AVG-2478","reference_id":"AVG-2478","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2478"},{"reference_url":"https://security.archlinux.org/AVG-2479","reference_id":"AVG-2479","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2479"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DJILEHYV2U37HKMGFEQ7CAVOV4DUWW2O/","reference_id":"DJILEHYV2U37HKMGFEQ7CAVOV4DUWW2O","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-19T18:55:09Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DJILEHYV2U37HKMGFEQ7CAVOV4DUWW2O/"},{"reference_url":"https://www.debian.org/security/2021/dsa-5000","reference_id":"dsa-5000","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-19T18:55:09Z/"}],"url":"https://www.debian.org/security/2021/dsa-5000"},{"reference_url":"https://www.debian.org/security/2021/dsa-5012","reference_id":"dsa-5012","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-19T18:55:09Z/"}],"url":"https://www.debian.org/security/2021/dsa-5012"},{"reference_url":"https://security.gentoo.org/glsa/202209-05","reference_id":"GLSA-202209-05","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-19T18:55:09Z/"}],"url":"https://security.gentoo.org/glsa/202209-05"},{"reference_url":"https://security.gentoo.org/glsa/202409-26","reference_id":"GLSA-202409-26","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202409-26"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GTYZWIXDFUV2H57YQZJWPOD3BC3I3EIQ/","reference_id":"GTYZWIXDFUV2H57YQZJWPOD3BC3I3EIQ","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-19T18:55:09Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GTYZWIXDFUV2H57YQZJWPOD3BC3I3EIQ/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GXTUWAWXVU37GRNIG4TPMA47THO6VAE6/","reference_id":"GXTUWAWXVU37GRNIG4TPMA47THO6VAE6","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-19T18:55:09Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GXTUWAWXVU37GRNIG4TPMA47THO6VAE6/"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2021/11/msg00008.html","reference_id":"msg00008.html","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-19T18:55:09Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2021/11/msg00008.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3884","reference_id":"RHSA-2021:3884","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3884"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3885","reference_id":"RHSA-2021:3885","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3885"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3886","reference_id":"RHSA-2021:3886","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3886"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3887","reference_id":"RHSA-2021:3887","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3887"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3889","reference_id":"RHSA-2021:3889","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3889"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3891","reference_id":"RHSA-2021:3891","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3891"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3892","reference_id":"RHSA-2021:3892","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3892"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3893","reference_id":"RHSA-2021:3893","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3893"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3960","reference_id":"RHSA-2021:3960","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3960"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3961","reference_id":"RHSA-2021:3961","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3961"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3967","reference_id":"RHSA-2021:3967","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3967"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3968","reference_id":"RHSA-2021:3968","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3968"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:4135","reference_id":"RHSA-2021:4135","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:4135"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:4531","reference_id":"RHSA-2021:4531","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:4531"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:4532","reference_id":"RHSA-2021:4532","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:4532"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:5030","reference_id":"RHSA-2021:5030","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:5030"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0310","reference_id":"RHSA-2022:0310","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0310"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0345","reference_id":"RHSA-2022:0345","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0345"},{"reference_url":"https://usn.ubuntu.com/5202-1/","reference_id":"USN-5202-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5202-1/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/V362B2BWTH5IJDL45QPQGMBKIQOG7JX5/","reference_id":"V362B2BWTH5IJDL45QPQGMBKIQOG7JX5","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-19T18:55:09Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/V362B2BWTH5IJDL45QPQGMBKIQOG7JX5/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/933607?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.1%2B12-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.1%252B12-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933608?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.1%2B12-1%2Bdeb11u2?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.1%252B12-1%252Bdeb11u2%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933604?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.12%2B7-2~deb11u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1gha-995s-7qdg"},{"vulnerability":"VCID-57sd-8y93-qqhu"},{"vulnerability":"VCID-6r1k-8y1c-q7fm"},{"vulnerability":"VCID-jxgd-j4wr-tyb7"},{"vulnerability":"VCID-sz6r-65q1-q3bh"},{"vulnerability":"VCID-xte1-h9nn-4bbk"},{"vulnerability":"VCID-zsun-4q6p-8fek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.12%252B7-2~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933602?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1gha-995s-7qdg"},{"vulnerability":"VCID-57sd-8y93-qqhu"},{"vulnerability":"VCID-6r1k-8y1c-q7fm"},{"vulnerability":"VCID-jxgd-j4wr-tyb7"},{"vulnerability":"VCID-sz6r-65q1-q3bh"},{"vulnerability":"VCID-xte1-h9nn-4bbk"},{"vulnerability":"VCID-zsun-4q6p-8fek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.17%252B10-1~deb12u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933605?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~6ea-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~6ea-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1062446?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~9ea-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1067592?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~9ea-2?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-2%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1077466?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19%2B10-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19%252B10-1%3Fdistro=sid"}],"aliases":["CVE-2021-35564"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hdz7-kcy9-juah"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/34342?format=json","vulnerability_id":"VCID-he8f-erpk-sqh8","summary":"Multiple vulnerabilities have been found in OpenJDK, the worst of which could result in denial of service.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-35561.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-35561.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-35561","reference_id":"","reference_type":"","scores":[{"value":"0.00176","scoring_system":"epss","scoring_elements":"0.38981","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00176","scoring_system":"epss","scoring_elements":"0.38632","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00176","scoring_system":"epss","scoring_elements":"0.38756","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00176","scoring_system":"epss","scoring_elements":"0.38839","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00176","scoring_system":"epss","scoring_elements":"0.39109","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00176","scoring_system":"epss","scoring_elements":"0.39168","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00176","scoring_system":"epss","scoring_elements":"0.38862","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00176","scoring_system":"epss","scoring_elements":"0.39071","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00176","scoring_system":"epss","scoring_elements":"0.3916","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00176","scoring_system":"epss","scoring_elements":"0.3919","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00176","scoring_system":"epss","scoring_elements":"0.39136","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00176","scoring_system":"epss","scoring_elements":"0.39155","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00176","scoring_system":"epss","scoring_elements":"0.39192","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00176","scoring_system":"epss","scoring_elements":"0.3918","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00176","scoring_system":"epss","scoring_elements":"0.39163","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00176","scoring_system":"epss","scoring_elements":"0.39189","published_at":"2026-04-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-35561"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35550","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35550"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35556","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35556"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35559","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35559"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35561","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35561"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35564","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35564"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35565","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35565"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35567","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35567"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35578","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35578"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35586","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35586"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35603","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35603"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2014524","reference_id":"2014524","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2014524"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6EUURAQOIJYFZHQ7DFZCO6IKDPIAWTNK/","reference_id":"6EUURAQOIJYFZHQ7DFZCO6IKDPIAWTNK","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-25T19:32:13Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6EUURAQOIJYFZHQ7DFZCO6IKDPIAWTNK/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7WTVCIVHTX3XONYOEGUMLKCM4QEC6INT/","reference_id":"7WTVCIVHTX3XONYOEGUMLKCM4QEC6INT","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-25T19:32:13Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7WTVCIVHTX3XONYOEGUMLKCM4QEC6INT/"},{"reference_url":"https://security.archlinux.org/AVG-2477","reference_id":"AVG-2477","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2477"},{"reference_url":"https://security.archlinux.org/AVG-2478","reference_id":"AVG-2478","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2478"},{"reference_url":"https://security.archlinux.org/AVG-2479","reference_id":"AVG-2479","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2479"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DJILEHYV2U37HKMGFEQ7CAVOV4DUWW2O/","reference_id":"DJILEHYV2U37HKMGFEQ7CAVOV4DUWW2O","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-25T19:32:13Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DJILEHYV2U37HKMGFEQ7CAVOV4DUWW2O/"},{"reference_url":"https://www.debian.org/security/2021/dsa-5000","reference_id":"dsa-5000","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-25T19:32:13Z/"}],"url":"https://www.debian.org/security/2021/dsa-5000"},{"reference_url":"https://www.debian.org/security/2021/dsa-5012","reference_id":"dsa-5012","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-25T19:32:13Z/"}],"url":"https://www.debian.org/security/2021/dsa-5012"},{"reference_url":"https://security.gentoo.org/glsa/202209-05","reference_id":"GLSA-202209-05","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-25T19:32:13Z/"}],"url":"https://security.gentoo.org/glsa/202209-05"},{"reference_url":"https://security.gentoo.org/glsa/202409-26","reference_id":"GLSA-202409-26","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202409-26"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GTYZWIXDFUV2H57YQZJWPOD3BC3I3EIQ/","reference_id":"GTYZWIXDFUV2H57YQZJWPOD3BC3I3EIQ","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-25T19:32:13Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GTYZWIXDFUV2H57YQZJWPOD3BC3I3EIQ/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GXTUWAWXVU37GRNIG4TPMA47THO6VAE6/","reference_id":"GXTUWAWXVU37GRNIG4TPMA47THO6VAE6","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-25T19:32:13Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GXTUWAWXVU37GRNIG4TPMA47THO6VAE6/"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2021/11/msg00008.html","reference_id":"msg00008.html","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-25T19:32:13Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2021/11/msg00008.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3884","reference_id":"RHSA-2021:3884","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3884"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3885","reference_id":"RHSA-2021:3885","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3885"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3886","reference_id":"RHSA-2021:3886","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3886"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3887","reference_id":"RHSA-2021:3887","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3887"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3889","reference_id":"RHSA-2021:3889","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3889"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3891","reference_id":"RHSA-2021:3891","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3891"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3892","reference_id":"RHSA-2021:3892","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3892"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3893","reference_id":"RHSA-2021:3893","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3893"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3960","reference_id":"RHSA-2021:3960","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3960"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3961","reference_id":"RHSA-2021:3961","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3961"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3967","reference_id":"RHSA-2021:3967","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3967"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3968","reference_id":"RHSA-2021:3968","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3968"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:4135","reference_id":"RHSA-2021:4135","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:4135"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:4531","reference_id":"RHSA-2021:4531","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:4531"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:4532","reference_id":"RHSA-2021:4532","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:4532"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:4957","reference_id":"RHSA-2022:4957","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:4957"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:4959","reference_id":"RHSA-2022:4959","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:4959"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5837","reference_id":"RHSA-2022:5837","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5837"},{"reference_url":"https://usn.ubuntu.com/5202-1/","reference_id":"USN-5202-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5202-1/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/V362B2BWTH5IJDL45QPQGMBKIQOG7JX5/","reference_id":"V362B2BWTH5IJDL45QPQGMBKIQOG7JX5","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-25T19:32:13Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/V362B2BWTH5IJDL45QPQGMBKIQOG7JX5/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/933607?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.1%2B12-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.1%252B12-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933608?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.1%2B12-1%2Bdeb11u2?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.1%252B12-1%252Bdeb11u2%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933604?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.12%2B7-2~deb11u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1gha-995s-7qdg"},{"vulnerability":"VCID-57sd-8y93-qqhu"},{"vulnerability":"VCID-6r1k-8y1c-q7fm"},{"vulnerability":"VCID-jxgd-j4wr-tyb7"},{"vulnerability":"VCID-sz6r-65q1-q3bh"},{"vulnerability":"VCID-xte1-h9nn-4bbk"},{"vulnerability":"VCID-zsun-4q6p-8fek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.12%252B7-2~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933602?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1gha-995s-7qdg"},{"vulnerability":"VCID-57sd-8y93-qqhu"},{"vulnerability":"VCID-6r1k-8y1c-q7fm"},{"vulnerability":"VCID-jxgd-j4wr-tyb7"},{"vulnerability":"VCID-sz6r-65q1-q3bh"},{"vulnerability":"VCID-xte1-h9nn-4bbk"},{"vulnerability":"VCID-zsun-4q6p-8fek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.17%252B10-1~deb12u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933605?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~6ea-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~6ea-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1062446?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~9ea-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1067592?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~9ea-2?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-2%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1077466?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19%2B10-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19%252B10-1%3Fdistro=sid"}],"aliases":["CVE-2021-35561"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-he8f-erpk-sqh8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/79484?format=json","vulnerability_id":"VCID-hx4c-96gx-2fbq","summary":"OpenJDK: Unbounded memory allocation when compiling crafted XPath expressions (JAXP, 8270504)","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21426.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21426.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-21426","reference_id":"","reference_type":"","scores":[{"value":"0.00062","scoring_system":"epss","scoring_elements":"0.18988","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00062","scoring_system":"epss","scoring_elements":"0.19097","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00062","scoring_system":"epss","scoring_elements":"0.19139","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00062","scoring_system":"epss","scoring_elements":"0.19149","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00062","scoring_system":"epss","scoring_elements":"0.1924","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00062","scoring_system":"epss","scoring_elements":"0.19524","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00062","scoring_system":"epss","scoring_elements":"0.19476","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00062","scoring_system":"epss","scoring_elements":"0.19251","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00062","scoring_system":"epss","scoring_elements":"0.19231","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00062","scoring_system":"epss","scoring_elements":"0.19268","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00062","scoring_system":"epss","scoring_elements":"0.19326","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00062","scoring_system":"epss","scoring_elements":"0.19374","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00062","scoring_system":"epss","scoring_elements":"0.19371","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00062","scoring_system":"epss","scoring_elements":"0.19319","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-21426"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21426","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21426"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21434","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21434"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21443","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21443"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21449","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21449"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21476","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21476"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21496","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21496"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2075788","reference_id":"2075788","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2075788"},{"reference_url":"https://security.archlinux.org/AVG-2686","reference_id":"AVG-2686","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2686"},{"reference_url":"https://security.archlinux.org/AVG-2687","reference_id":"AVG-2687","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2687"},{"reference_url":"https://security.archlinux.org/AVG-2688","reference_id":"AVG-2688","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2688"},{"reference_url":"https://security.archlinux.org/AVG-2689","reference_id":"AVG-2689","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2689"},{"reference_url":"https://www.debian.org/security/2022/dsa-5128","reference_id":"dsa-5128","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-24T17:35:39Z/"}],"url":"https://www.debian.org/security/2022/dsa-5128"},{"reference_url":"https://www.debian.org/security/2022/dsa-5131","reference_id":"dsa-5131","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-24T17:35:39Z/"}],"url":"https://www.debian.org/security/2022/dsa-5131"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2022/05/msg00017.html","reference_id":"msg00017.html","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-24T17:35:39Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2022/05/msg00017.html"},{"reference_url":"https://security.netapp.com/advisory/ntap-20220429-0006/","reference_id":"ntap-20220429-0006","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-24T17:35:39Z/"}],"url":"https://security.netapp.com/advisory/ntap-20220429-0006/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:1435","reference_id":"RHSA-2022:1435","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:1435"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:1436","reference_id":"RHSA-2022:1436","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:1436"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:1437","reference_id":"RHSA-2022:1437","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:1437"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:1438","reference_id":"RHSA-2022:1438","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:1438"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:1439","reference_id":"RHSA-2022:1439","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:1439"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:1440","reference_id":"RHSA-2022:1440","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:1440"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:1441","reference_id":"RHSA-2022:1441","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:1441"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:1442","reference_id":"RHSA-2022:1442","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:1442"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:1443","reference_id":"RHSA-2022:1443","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:1443"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:1444","reference_id":"RHSA-2022:1444","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:1444"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:1445","reference_id":"RHSA-2022:1445","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:1445"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:1487","reference_id":"RHSA-2022:1487","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:1487"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:1488","reference_id":"RHSA-2022:1488","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:1488"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:1489","reference_id":"RHSA-2022:1489","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:1489"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:1490","reference_id":"RHSA-2022:1490","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:1490"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:1491","reference_id":"RHSA-2022:1491","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:1491"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:1492","reference_id":"RHSA-2022:1492","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:1492"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:1728","reference_id":"RHSA-2022:1728","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:1728"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:1729","reference_id":"RHSA-2022:1729","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:1729"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:2137","reference_id":"RHSA-2022:2137","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:2137"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3136","reference_id":"RHSA-2023:3136","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3136"},{"reference_url":"https://usn.ubuntu.com/5388-1/","reference_id":"USN-5388-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5388-1/"},{"reference_url":"https://usn.ubuntu.com/5388-2/","reference_id":"USN-5388-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5388-2/"},{"reference_url":"https://usn.ubuntu.com/5546-1/","reference_id":"USN-5546-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5546-1/"},{"reference_url":"https://usn.ubuntu.com/5546-2/","reference_id":"USN-5546-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5546-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/933612?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.3%2B7-1~deb11u1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.3%252B7-1~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933611?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.3%2B7-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.3%252B7-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933604?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.12%2B7-2~deb11u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1gha-995s-7qdg"},{"vulnerability":"VCID-57sd-8y93-qqhu"},{"vulnerability":"VCID-6r1k-8y1c-q7fm"},{"vulnerability":"VCID-jxgd-j4wr-tyb7"},{"vulnerability":"VCID-sz6r-65q1-q3bh"},{"vulnerability":"VCID-xte1-h9nn-4bbk"},{"vulnerability":"VCID-zsun-4q6p-8fek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.12%252B7-2~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933602?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1gha-995s-7qdg"},{"vulnerability":"VCID-57sd-8y93-qqhu"},{"vulnerability":"VCID-6r1k-8y1c-q7fm"},{"vulnerability":"VCID-jxgd-j4wr-tyb7"},{"vulnerability":"VCID-sz6r-65q1-q3bh"},{"vulnerability":"VCID-xte1-h9nn-4bbk"},{"vulnerability":"VCID-zsun-4q6p-8fek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.17%252B10-1~deb12u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933605?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~6ea-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~6ea-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1062446?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~9ea-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1067592?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~9ea-2?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-2%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1077466?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19%2B10-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19%252B10-1%3Fdistro=sid"}],"aliases":["CVE-2022-21426"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hx4c-96gx-2fbq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/34429?format=json","vulnerability_id":"VCID-jm9f-9y4b-qye7","summary":"Multiple vulnerabilities have been found in IcedTea, the worst of which could result in arbitrary code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-39399.json","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-39399.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-39399","reference_id":"","reference_type":"","scores":[{"value":"0.00286","scoring_system":"epss","scoring_elements":"0.52035","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00286","scoring_system":"epss","scoring_elements":"0.52061","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00286","scoring_system":"epss","scoring_elements":"0.52027","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00286","scoring_system":"epss","scoring_elements":"0.52081","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00286","scoring_system":"epss","scoring_elements":"0.52077","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00286","scoring_system":"epss","scoring_elements":"0.52129","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00286","scoring_system":"epss","scoring_elements":"0.52113","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00286","scoring_system":"epss","scoring_elements":"0.52098","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00286","scoring_system":"epss","scoring_elements":"0.52138","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00286","scoring_system":"epss","scoring_elements":"0.52142","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00286","scoring_system":"epss","scoring_elements":"0.52122","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00286","scoring_system":"epss","scoring_elements":"0.52069","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00286","scoring_system":"epss","scoring_elements":"0.52075","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00286","scoring_system":"epss","scoring_elements":"0.52038","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00286","scoring_system":"epss","scoring_elements":"0.51985","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-39399"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21618","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21618"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21619","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21619"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21624","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21624"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21626","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21626"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21628","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21628"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39399","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39399"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21835","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21835"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21843","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21843"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2133776","reference_id":"2133776","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2133776"},{"reference_url":"https://security.gentoo.org/glsa/202409-26","reference_id":"GLSA-202409-26","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202409-26"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:6999","reference_id":"RHSA-2022:6999","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:6999"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7000","reference_id":"RHSA-2022:7000","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7000"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7001","reference_id":"RHSA-2022:7001","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7001"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7008","reference_id":"RHSA-2022:7008","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7008"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7009","reference_id":"RHSA-2022:7009","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7009"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7010","reference_id":"RHSA-2022:7010","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7010"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7011","reference_id":"RHSA-2022:7011","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7011"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7012","reference_id":"RHSA-2022:7012","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7012"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7013","reference_id":"RHSA-2022:7013","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7013"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7051","reference_id":"RHSA-2022:7051","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7051"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7052","reference_id":"RHSA-2022:7052","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7052"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7053","reference_id":"RHSA-2022:7053","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7053"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7054","reference_id":"RHSA-2022:7054","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7054"},{"reference_url":"https://usn.ubuntu.com/5719-1/","reference_id":"USN-5719-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5719-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/933615?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.5%2B8-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.5%252B8-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933616?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.6%2B10-1~deb11u1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.6%252B10-1~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933604?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.12%2B7-2~deb11u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1gha-995s-7qdg"},{"vulnerability":"VCID-57sd-8y93-qqhu"},{"vulnerability":"VCID-6r1k-8y1c-q7fm"},{"vulnerability":"VCID-jxgd-j4wr-tyb7"},{"vulnerability":"VCID-sz6r-65q1-q3bh"},{"vulnerability":"VCID-xte1-h9nn-4bbk"},{"vulnerability":"VCID-zsun-4q6p-8fek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.12%252B7-2~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933602?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1gha-995s-7qdg"},{"vulnerability":"VCID-57sd-8y93-qqhu"},{"vulnerability":"VCID-6r1k-8y1c-q7fm"},{"vulnerability":"VCID-jxgd-j4wr-tyb7"},{"vulnerability":"VCID-sz6r-65q1-q3bh"},{"vulnerability":"VCID-xte1-h9nn-4bbk"},{"vulnerability":"VCID-zsun-4q6p-8fek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.17%252B10-1~deb12u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933605?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~6ea-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~6ea-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1062446?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~9ea-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1067592?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~9ea-2?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-2%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1077466?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19%2B10-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19%252B10-1%3Fdistro=sid"}],"aliases":["CVE-2022-39399"],"risk_score":1.6,"exploitability":"0.5","weighted_severity":"3.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-jm9f-9y4b-qye7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/31960?format=json","vulnerability_id":"VCID-jw6x-cntu-nfht","summary":"Multiple vulnerabilities have been discovered in OpenJDK, the worst of which could lead to remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-22036.json","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-22036.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-22036","reference_id":"","reference_type":"","scores":[{"value":"0.00097","scoring_system":"epss","scoring_elements":"0.26986","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00097","scoring_system":"epss","scoring_elements":"0.27022","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00097","scoring_system":"epss","scoring_elements":"0.26812","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00097","scoring_system":"epss","scoring_elements":"0.26881","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00097","scoring_system":"epss","scoring_elements":"0.26928","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00097","scoring_system":"epss","scoring_elements":"0.26932","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00097","scoring_system":"epss","scoring_elements":"0.26888","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00097","scoring_system":"epss","scoring_elements":"0.26831","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00097","scoring_system":"epss","scoring_elements":"0.26838","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00097","scoring_system":"epss","scoring_elements":"0.26809","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00097","scoring_system":"epss","scoring_elements":"0.26771","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00097","scoring_system":"epss","scoring_elements":"0.26714","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00097","scoring_system":"epss","scoring_elements":"0.26706","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00097","scoring_system":"epss","scoring_elements":"0.26636","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00097","scoring_system":"epss","scoring_elements":"0.26502","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-22036"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21930","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21930"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21937","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21937"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21938","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21938"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21939","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21939"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21954","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21954"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21967","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21967"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21968","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21968"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22006","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22006"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22036","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22036"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22041","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22041"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22045","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22045"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22049","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22049"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2221634","reference_id":"2221634","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2221634"},{"reference_url":"https://security.gentoo.org/glsa/202407-24","reference_id":"GLSA-202407-24","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202407-24"},{"reference_url":"https://security.gentoo.org/glsa/202412-07","reference_id":"GLSA-202412-07","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-07"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4157","reference_id":"RHSA-2023:4157","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4157"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4158","reference_id":"RHSA-2023:4158","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4158"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4159","reference_id":"RHSA-2023:4159","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4159"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4161","reference_id":"RHSA-2023:4161","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4161"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4162","reference_id":"RHSA-2023:4162","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4162"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4163","reference_id":"RHSA-2023:4163","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4163"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4164","reference_id":"RHSA-2023:4164","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4164"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4165","reference_id":"RHSA-2023:4165","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4165"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4169","reference_id":"RHSA-2023:4169","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4169"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4170","reference_id":"RHSA-2023:4170","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4170"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4171","reference_id":"RHSA-2023:4171","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4171"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4175","reference_id":"RHSA-2023:4175","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4175"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4177","reference_id":"RHSA-2023:4177","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4177"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4208","reference_id":"RHSA-2023:4208","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4208"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4210","reference_id":"RHSA-2023:4210","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4210"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4211","reference_id":"RHSA-2023:4211","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4211"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4233","reference_id":"RHSA-2023:4233","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4233"},{"reference_url":"https://usn.ubuntu.com/6263-1/","reference_id":"USN-6263-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6263-1/"},{"reference_url":"https://usn.ubuntu.com/6272-1/","reference_id":"USN-6272-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6272-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/933621?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.8%2B7-1~deb12u1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.8%252B7-1~deb12u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933622?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.8%2B7-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.8%252B7-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933604?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.12%2B7-2~deb11u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1gha-995s-7qdg"},{"vulnerability":"VCID-57sd-8y93-qqhu"},{"vulnerability":"VCID-6r1k-8y1c-q7fm"},{"vulnerability":"VCID-jxgd-j4wr-tyb7"},{"vulnerability":"VCID-sz6r-65q1-q3bh"},{"vulnerability":"VCID-xte1-h9nn-4bbk"},{"vulnerability":"VCID-zsun-4q6p-8fek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.12%252B7-2~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933602?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1gha-995s-7qdg"},{"vulnerability":"VCID-57sd-8y93-qqhu"},{"vulnerability":"VCID-6r1k-8y1c-q7fm"},{"vulnerability":"VCID-jxgd-j4wr-tyb7"},{"vulnerability":"VCID-sz6r-65q1-q3bh"},{"vulnerability":"VCID-xte1-h9nn-4bbk"},{"vulnerability":"VCID-zsun-4q6p-8fek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.17%252B10-1~deb12u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933605?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~6ea-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~6ea-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1062446?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~9ea-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1067592?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~9ea-2?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-2%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1077466?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19%2B10-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19%252B10-1%3Fdistro=sid"}],"aliases":["CVE-2023-22036"],"risk_score":1.6,"exploitability":"0.5","weighted_severity":"3.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-jw6x-cntu-nfht"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/353681?format=json","vulnerability_id":"VCID-jxgd-j4wr-tyb7","summary":"Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Security). Supported versions that are affected are Oracle Java SE: 8u481, 8u481-b50, 8u481-perf, 11.0.30, 17.0.18, 21.0.10, 25.0.2, 26; Oracle GraalVM for JDK: 17.0.18 and 21.0.10; Oracle GraalVM Enterprise Edition: 21.3.17. Difficult to exploit vulnerability allows unauthenticated attacker with logon to the infrastructure where Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition executes to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. CVSS 3.1 Base Score 2.9 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N).","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-34268.json","reference_id":"","reference_type":"","scores":[{"value":"2.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-34268.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-34268","reference_id":"","reference_type":"","scores":[{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01698","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01704","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05774","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05765","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-34268"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-34268","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-34268"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"2.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1134894","reference_id":"1134894","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1134894"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2460043","reference_id":"2460043","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2460043"},{"reference_url":"https://www.oracle.com/security-alerts/cpuapr2026.html","reference_id":"cpuapr2026.html","reference_type":"","scores":[{"value":"2.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-22T13:55:07Z/"}],"url":"https://www.oracle.com/security-alerts/cpuapr2026.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11403","reference_id":"RHSA-2026:11403","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:11403"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11655","reference_id":"RHSA-2026:11655","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:11655"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11822","reference_id":"RHSA-2026:11822","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:11822"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11829","reference_id":"RHSA-2026:11829","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:11829"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11902","reference_id":"RHSA-2026:11902","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:11902"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9254","reference_id":"RHSA-2026:9254","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9254"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9255","reference_id":"RHSA-2026:9255","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9255"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9256","reference_id":"RHSA-2026:9256","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9256"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9682","reference_id":"RHSA-2026:9682","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9682"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9683","reference_id":"RHSA-2026:9683","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9683"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9684","reference_id":"RHSA-2026:9684","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9684"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9685","reference_id":"RHSA-2026:9685","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9685"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9686","reference_id":"RHSA-2026:9686","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9686"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9687","reference_id":"RHSA-2026:9687","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9687"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9688","reference_id":"RHSA-2026:9688","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9688"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9689","reference_id":"RHSA-2026:9689","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9689"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9690","reference_id":"RHSA-2026:9690","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9690"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9691","reference_id":"RHSA-2026:9691","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9691"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9693","reference_id":"RHSA-2026:9693","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9693"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9694","reference_id":"RHSA-2026:9694","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9694"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1103025?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19%2B10-1~deb11u1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19%252B10-1~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933604?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.12%2B7-2~deb11u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1gha-995s-7qdg"},{"vulnerability":"VCID-57sd-8y93-qqhu"},{"vulnerability":"VCID-6r1k-8y1c-q7fm"},{"vulnerability":"VCID-jxgd-j4wr-tyb7"},{"vulnerability":"VCID-sz6r-65q1-q3bh"},{"vulnerability":"VCID-xte1-h9nn-4bbk"},{"vulnerability":"VCID-zsun-4q6p-8fek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.12%252B7-2~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933602?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1gha-995s-7qdg"},{"vulnerability":"VCID-57sd-8y93-qqhu"},{"vulnerability":"VCID-6r1k-8y1c-q7fm"},{"vulnerability":"VCID-jxgd-j4wr-tyb7"},{"vulnerability":"VCID-sz6r-65q1-q3bh"},{"vulnerability":"VCID-xte1-h9nn-4bbk"},{"vulnerability":"VCID-zsun-4q6p-8fek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.17%252B10-1~deb12u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1088715?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19%2B10-1~deb12u2?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19%252B10-1~deb12u2%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1077466?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19%2B10-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19%252B10-1%3Fdistro=sid"}],"aliases":["CVE-2026-34268"],"risk_score":1.3,"exploitability":"0.5","weighted_severity":"2.6","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-jxgd-j4wr-tyb7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/31976?format=json","vulnerability_id":"VCID-jztz-7cuw-t7ep","summary":"Multiple vulnerabilities have been discovered in OpenJDK, the worst of which could lead to remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-20945.json","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-20945.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-20945","reference_id":"","reference_type":"","scores":[{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.10809","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.11022","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.1098","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.10934","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.10867","published_at":"2026-04-29T12:55:00Z"},{"value":"0.0004","scoring_system":"epss","scoring_elements":"0.12331","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0004","scoring_system":"epss","scoring_elements":"0.12211","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0004","scoring_system":"epss","scoring_elements":"0.1226","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0004","scoring_system":"epss","scoring_elements":"0.12267","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0004","scoring_system":"epss","scoring_elements":"0.12229","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0004","scoring_system":"epss","scoring_elements":"0.12193","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0004","scoring_system":"epss","scoring_elements":"0.1208","published_at":"2026-04-16T12:55:00Z"},{"value":"0.0004","scoring_system":"epss","scoring_elements":"0.12082","published_at":"2026-04-18T12:55:00Z"},{"value":"0.0004","scoring_system":"epss","scoring_elements":"0.12285","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0004","scoring_system":"epss","scoring_elements":"0.1213","published_at":"2026-04-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-20945"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20918","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20918"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20919","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20919"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20921","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20921"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20926","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20926"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20932","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20932"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20945","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20945"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20952","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20952"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2257874","reference_id":"2257874","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2257874"},{"reference_url":"https://security.gentoo.org/glsa/202412-07","reference_id":"GLSA-202412-07","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-07"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0222","reference_id":"RHSA-2024:0222","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0222"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0223","reference_id":"RHSA-2024:0223","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0223"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0224","reference_id":"RHSA-2024:0224","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0224"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0225","reference_id":"RHSA-2024:0225","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0225"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0226","reference_id":"RHSA-2024:0226","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0226"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0228","reference_id":"RHSA-2024:0228","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0228"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0230","reference_id":"RHSA-2024:0230","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0230"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0231","reference_id":"RHSA-2024:0231","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0231"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0232","reference_id":"RHSA-2024:0232","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0232"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0233","reference_id":"RHSA-2024:0233","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0233"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0234","reference_id":"RHSA-2024:0234","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0234"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0235","reference_id":"RHSA-2024:0235","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0235"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0237","reference_id":"RHSA-2024:0237","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0237"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0239","reference_id":"RHSA-2024:0239","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0239"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0240","reference_id":"RHSA-2024:0240","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0240"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0241","reference_id":"RHSA-2024:0241","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0241"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0242","reference_id":"RHSA-2024:0242","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0242"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0244","reference_id":"RHSA-2024:0244","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0244"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0246","reference_id":"RHSA-2024:0246","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0246"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0247","reference_id":"RHSA-2024:0247","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0247"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0248","reference_id":"RHSA-2024:0248","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0248"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0249","reference_id":"RHSA-2024:0249","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0249"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0250","reference_id":"RHSA-2024:0250","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0250"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0265","reference_id":"RHSA-2024:0265","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0265"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0266","reference_id":"RHSA-2024:0266","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0266"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0267","reference_id":"RHSA-2024:0267","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0267"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1481","reference_id":"RHSA-2024:1481","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1481"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1482","reference_id":"RHSA-2024:1482","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1482"},{"reference_url":"https://usn.ubuntu.com/6660-1/","reference_id":"USN-6660-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6660-1/"},{"reference_url":"https://usn.ubuntu.com/6661-1/","reference_id":"USN-6661-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6661-1/"},{"reference_url":"https://usn.ubuntu.com/6662-1/","reference_id":"USN-6662-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6662-1/"},{"reference_url":"https://usn.ubuntu.com/6696-1/","reference_id":"USN-6696-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6696-1/"},{"reference_url":"https://usn.ubuntu.com/7096-1/","reference_id":"USN-7096-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7096-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/933627?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.10%2B7-1~deb11u1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.10%252B7-1~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933626?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.10%2B7-1~deb12u1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.10%252B7-1~deb12u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933628?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.10%2B7-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.10%252B7-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933604?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.12%2B7-2~deb11u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1gha-995s-7qdg"},{"vulnerability":"VCID-57sd-8y93-qqhu"},{"vulnerability":"VCID-6r1k-8y1c-q7fm"},{"vulnerability":"VCID-jxgd-j4wr-tyb7"},{"vulnerability":"VCID-sz6r-65q1-q3bh"},{"vulnerability":"VCID-xte1-h9nn-4bbk"},{"vulnerability":"VCID-zsun-4q6p-8fek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.12%252B7-2~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933602?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1gha-995s-7qdg"},{"vulnerability":"VCID-57sd-8y93-qqhu"},{"vulnerability":"VCID-6r1k-8y1c-q7fm"},{"vulnerability":"VCID-jxgd-j4wr-tyb7"},{"vulnerability":"VCID-sz6r-65q1-q3bh"},{"vulnerability":"VCID-xte1-h9nn-4bbk"},{"vulnerability":"VCID-zsun-4q6p-8fek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.17%252B10-1~deb12u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933605?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~6ea-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~6ea-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1062446?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~9ea-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1067592?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~9ea-2?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-2%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1077466?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19%2B10-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19%252B10-1%3Fdistro=sid"}],"aliases":["CVE-2024-20945"],"risk_score":2.1,"exploitability":"0.5","weighted_severity":"4.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-jztz-7cuw-t7ep"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/79486?format=json","vulnerability_id":"VCID-kngz-x6mk-fqer","summary":"OpenJDK: Improper ECDSA signature verification (Libraries, 8277233)","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21449.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21449.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-21449","reference_id":"","reference_type":"","scores":[{"value":"0.34335","scoring_system":"epss","scoring_elements":"0.97","published_at":"2026-04-21T12:55:00Z"},{"value":"0.34335","scoring_system":"epss","scoring_elements":"0.96998","published_at":"2026-04-18T12:55:00Z"},{"value":"0.34335","scoring_system":"epss","scoring_elements":"0.96986","published_at":"2026-04-13T12:55:00Z"},{"value":"0.34335","scoring_system":"epss","scoring_elements":"0.96995","published_at":"2026-04-16T12:55:00Z"},{"value":"0.34335","scoring_system":"epss","scoring_elements":"0.96984","published_at":"2026-04-11T12:55:00Z"},{"value":"0.34335","scoring_system":"epss","scoring_elements":"0.9701","published_at":"2026-05-05T12:55:00Z"},{"value":"0.34335","scoring_system":"epss","scoring_elements":"0.97006","published_at":"2026-04-29T12:55:00Z"},{"value":"0.34335","scoring_system":"epss","scoring_elements":"0.97001","published_at":"2026-04-24T12:55:00Z"},{"value":"0.34335","scoring_system":"epss","scoring_elements":"0.97003","published_at":"2026-04-26T12:55:00Z"},{"value":"0.34898","scoring_system":"epss","scoring_elements":"0.97016","published_at":"2026-04-08T12:55:00Z"},{"value":"0.34898","scoring_system":"epss","scoring_elements":"0.97001","published_at":"2026-04-02T12:55:00Z"},{"value":"0.34898","scoring_system":"epss","scoring_elements":"0.97005","published_at":"2026-04-04T12:55:00Z"},{"value":"0.34898","scoring_system":"epss","scoring_elements":"0.97017","published_at":"2026-04-09T12:55:00Z"},{"value":"0.34898","scoring_system":"epss","scoring_elements":"0.97006","published_at":"2026-04-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-21449"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21426","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21426"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21434","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21434"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21443","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21443"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21449","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21449"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21476","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21476"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21496","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21496"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"http://www.openwall.com/lists/oss-security/2022/04/29/1","reference_id":"1","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-24T13:53:54Z/"}],"url":"http://www.openwall.com/lists/oss-security/2022/04/29/1"},{"reference_url":"http://www.openwall.com/lists/oss-security/2022/04/30/1","reference_id":"1","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-24T13:53:54Z/"}],"url":"http://www.openwall.com/lists/oss-security/2022/04/30/1"},{"reference_url":"http://www.openwall.com/lists/oss-security/2022/05/01/1","reference_id":"1","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-24T13:53:54Z/"}],"url":"http://www.openwall.com/lists/oss-security/2022/05/01/1"},{"reference_url":"http://www.openwall.com/lists/oss-security/2022/05/02/1","reference_id":"1","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-24T13:53:54Z/"}],"url":"http://www.openwall.com/lists/oss-security/2022/05/02/1"},{"reference_url":"http://www.openwall.com/lists/oss-security/2022/04/28/2","reference_id":"2","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-24T13:53:54Z/"}],"url":"http://www.openwall.com/lists/oss-security/2022/04/28/2"},{"reference_url":"http://www.openwall.com/lists/oss-security/2022/04/30/2","reference_id":"2","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-24T13:53:54Z/"}],"url":"http://www.openwall.com/lists/oss-security/2022/04/30/2"},{"reference_url":"http://www.openwall.com/lists/oss-security/2022/05/01/2","reference_id":"2","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-24T13:53:54Z/"}],"url":"http://www.openwall.com/lists/oss-security/2022/05/01/2"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2075821","reference_id":"2075821","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2075821"},{"reference_url":"http://www.openwall.com/lists/oss-security/2022/04/28/3","reference_id":"3","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-24T13:53:54Z/"}],"url":"http://www.openwall.com/lists/oss-security/2022/04/28/3"},{"reference_url":"http://www.openwall.com/lists/oss-security/2022/04/30/3","reference_id":"3","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-24T13:53:54Z/"}],"url":"http://www.openwall.com/lists/oss-security/2022/04/30/3"},{"reference_url":"http://www.openwall.com/lists/oss-security/2022/04/28/4","reference_id":"4","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-24T13:53:54Z/"}],"url":"http://www.openwall.com/lists/oss-security/2022/04/28/4"},{"reference_url":"http://www.openwall.com/lists/oss-security/2022/04/30/4","reference_id":"4","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-24T13:53:54Z/"}],"url":"http://www.openwall.com/lists/oss-security/2022/04/30/4"},{"reference_url":"http://www.openwall.com/lists/oss-security/2022/04/28/5","reference_id":"5","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-24T13:53:54Z/"}],"url":"http://www.openwall.com/lists/oss-security/2022/04/28/5"},{"reference_url":"http://www.openwall.com/lists/oss-security/2022/04/28/6","reference_id":"6","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-24T13:53:54Z/"}],"url":"http://www.openwall.com/lists/oss-security/2022/04/28/6"},{"reference_url":"http://www.openwall.com/lists/oss-security/2022/04/28/7","reference_id":"7","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-24T13:53:54Z/"}],"url":"http://www.openwall.com/lists/oss-security/2022/04/28/7"},{"reference_url":"https://security.archlinux.org/AVG-2686","reference_id":"AVG-2686","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2686"},{"reference_url":"https://security.archlinux.org/AVG-2687","reference_id":"AVG-2687","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2687"},{"reference_url":"https://www.debian.org/security/2022/dsa-5128","reference_id":"dsa-5128","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-24T13:53:54Z/"}],"url":"https://www.debian.org/security/2022/dsa-5128"},{"reference_url":"https://www.debian.org/security/2022/dsa-5131","reference_id":"dsa-5131","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-24T13:53:54Z/"}],"url":"https://www.debian.org/security/2022/dsa-5131"},{"reference_url":"https://security.netapp.com/advisory/ntap-20220429-0006/","reference_id":"ntap-20220429-0006","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-24T13:53:54Z/"}],"url":"https://security.netapp.com/advisory/ntap-20220429-0006/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:1436","reference_id":"RHSA-2022:1436","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:1436"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:1437","reference_id":"RHSA-2022:1437","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:1437"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:1445","reference_id":"RHSA-2022:1445","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:1445"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:1729","reference_id":"RHSA-2022:1729","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:1729"},{"reference_url":"https://usn.ubuntu.com/5388-2/","reference_id":"USN-5388-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5388-2/"},{"reference_url":"https://usn.ubuntu.com/5546-1/","reference_id":"USN-5546-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5546-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/933612?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.3%2B7-1~deb11u1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.3%252B7-1~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933611?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.3%2B7-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.3%252B7-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933604?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.12%2B7-2~deb11u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1gha-995s-7qdg"},{"vulnerability":"VCID-57sd-8y93-qqhu"},{"vulnerability":"VCID-6r1k-8y1c-q7fm"},{"vulnerability":"VCID-jxgd-j4wr-tyb7"},{"vulnerability":"VCID-sz6r-65q1-q3bh"},{"vulnerability":"VCID-xte1-h9nn-4bbk"},{"vulnerability":"VCID-zsun-4q6p-8fek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.12%252B7-2~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933602?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1gha-995s-7qdg"},{"vulnerability":"VCID-57sd-8y93-qqhu"},{"vulnerability":"VCID-6r1k-8y1c-q7fm"},{"vulnerability":"VCID-jxgd-j4wr-tyb7"},{"vulnerability":"VCID-sz6r-65q1-q3bh"},{"vulnerability":"VCID-xte1-h9nn-4bbk"},{"vulnerability":"VCID-zsun-4q6p-8fek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.17%252B10-1~deb12u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933605?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~6ea-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~6ea-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1062446?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~9ea-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1067592?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~9ea-2?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-2%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1077466?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19%2B10-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19%252B10-1%3Fdistro=sid"}],"aliases":["CVE-2022-21449"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-kngz-x6mk-fqer"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/78474?format=json","vulnerability_id":"VCID-kq78-adbv-67a7","summary":"OpenJDK: improper connection handling during TLS handshake (8294474)","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-21930.json","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-21930.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-21930","reference_id":"","reference_type":"","scores":[{"value":"0.0015","scoring_system":"epss","scoring_elements":"0.35021","published_at":"2026-05-05T12:55:00Z"},{"value":"0.0015","scoring_system":"epss","scoring_elements":"0.35479","published_at":"2026-04-21T12:55:00Z"},{"value":"0.0015","scoring_system":"epss","scoring_elements":"0.35243","published_at":"2026-04-24T12:55:00Z"},{"value":"0.0015","scoring_system":"epss","scoring_elements":"0.35221","published_at":"2026-04-26T12:55:00Z"},{"value":"0.0015","scoring_system":"epss","scoring_elements":"0.35142","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00155","scoring_system":"epss","scoring_elements":"0.36214","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00155","scoring_system":"epss","scoring_elements":"0.36242","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00155","scoring_system":"epss","scoring_elements":"0.36258","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00155","scoring_system":"epss","scoring_elements":"0.36276","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00155","scoring_system":"epss","scoring_elements":"0.36239","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00159","scoring_system":"epss","scoring_elements":"0.36824","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00159","scoring_system":"epss","scoring_elements":"0.36839","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00159","scoring_system":"epss","scoring_elements":"0.36941","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00159","scoring_system":"epss","scoring_elements":"0.36774","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00159","scoring_system":"epss","scoring_elements":"0.36908","published_at":"2026-04-02T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-21930"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21930","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21930"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21937","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21937"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21938","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21938"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21939","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21939"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21954","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21954"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21967","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21967"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21968","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21968"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22006","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22006"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22036","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22036"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22041","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22041"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22045","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22045"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22049","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22049"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1035957","reference_id":"1035957","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1035957"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036280","reference_id":"1036280","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036280"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2187435","reference_id":"2187435","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2187435"},{"reference_url":"https://www.debian.org/security/2023/dsa-5430","reference_id":"dsa-5430","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-22T19:44:31Z/"}],"url":"https://www.debian.org/security/2023/dsa-5430"},{"reference_url":"https://www.debian.org/security/2023/dsa-5478","reference_id":"dsa-5478","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-22T19:44:31Z/"}],"url":"https://www.debian.org/security/2023/dsa-5478"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2023/09/msg00018.html","reference_id":"msg00018.html","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-22T19:44:31Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2023/09/msg00018.html"},{"reference_url":"https://security.netapp.com/advisory/ntap-20230427-0008/","reference_id":"ntap-20230427-0008","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-22T19:44:31Z/"}],"url":"https://security.netapp.com/advisory/ntap-20230427-0008/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1875","reference_id":"RHSA-2023:1875","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1875"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1877","reference_id":"RHSA-2023:1877","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1877"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1878","reference_id":"RHSA-2023:1878","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1878"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1879","reference_id":"RHSA-2023:1879","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1879"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1880","reference_id":"RHSA-2023:1880","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1880"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1882","reference_id":"RHSA-2023:1882","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1882"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1883","reference_id":"RHSA-2023:1883","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1883"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1884","reference_id":"RHSA-2023:1884","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1884"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1885","reference_id":"RHSA-2023:1885","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1885"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1889","reference_id":"RHSA-2023:1889","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1889"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1890","reference_id":"RHSA-2023:1890","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1890"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1891","reference_id":"RHSA-2023:1891","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1891"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1892","reference_id":"RHSA-2023:1892","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1892"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1895","reference_id":"RHSA-2023:1895","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1895"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1898","reference_id":"RHSA-2023:1898","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1898"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1899","reference_id":"RHSA-2023:1899","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1899"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1900","reference_id":"RHSA-2023:1900","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1900"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1903","reference_id":"RHSA-2023:1903","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1903"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1904","reference_id":"RHSA-2023:1904","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1904"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1905","reference_id":"RHSA-2023:1905","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1905"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1906","reference_id":"RHSA-2023:1906","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1906"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1907","reference_id":"RHSA-2023:1907","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1907"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1908","reference_id":"RHSA-2023:1908","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1908"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1909","reference_id":"RHSA-2023:1909","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1909"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1910","reference_id":"RHSA-2023:1910","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1910"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1911","reference_id":"RHSA-2023:1911","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1911"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1912","reference_id":"RHSA-2023:1912","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1912"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4103","reference_id":"RHSA-2023:4103","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4103"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4160","reference_id":"RHSA-2023:4160","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4160"},{"reference_url":"https://usn.ubuntu.com/6077-1/","reference_id":"USN-6077-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6077-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/933619?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.7%2B7-1~deb11u1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.7%252B7-1~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933618?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.7%2B7-1~deb12u1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.7%252B7-1~deb12u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933620?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.7%2B7-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.7%252B7-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933604?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.12%2B7-2~deb11u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1gha-995s-7qdg"},{"vulnerability":"VCID-57sd-8y93-qqhu"},{"vulnerability":"VCID-6r1k-8y1c-q7fm"},{"vulnerability":"VCID-jxgd-j4wr-tyb7"},{"vulnerability":"VCID-sz6r-65q1-q3bh"},{"vulnerability":"VCID-xte1-h9nn-4bbk"},{"vulnerability":"VCID-zsun-4q6p-8fek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.12%252B7-2~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933602?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1gha-995s-7qdg"},{"vulnerability":"VCID-57sd-8y93-qqhu"},{"vulnerability":"VCID-6r1k-8y1c-q7fm"},{"vulnerability":"VCID-jxgd-j4wr-tyb7"},{"vulnerability":"VCID-sz6r-65q1-q3bh"},{"vulnerability":"VCID-xte1-h9nn-4bbk"},{"vulnerability":"VCID-zsun-4q6p-8fek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.17%252B10-1~deb12u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933605?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~6ea-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~6ea-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1062446?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~9ea-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1067592?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~9ea-2?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-2%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1077466?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19%2B10-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19%252B10-1%3Fdistro=sid"}],"aliases":["CVE-2023-21930"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-kq78-adbv-67a7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/34424?format=json","vulnerability_id":"VCID-m3e1-5tfw-uyhv","summary":"Multiple vulnerabilities have been found in IcedTea, the worst of which could result in arbitrary code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21618.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21618.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-21618","reference_id":"","reference_type":"","scores":[{"value":"0.0024","scoring_system":"epss","scoring_elements":"0.47143","published_at":"2026-05-05T12:55:00Z"},{"value":"0.0024","scoring_system":"epss","scoring_elements":"0.47281","published_at":"2026-04-21T12:55:00Z"},{"value":"0.0024","scoring_system":"epss","scoring_elements":"0.47267","published_at":"2026-04-24T12:55:00Z"},{"value":"0.0024","scoring_system":"epss","scoring_elements":"0.47277","published_at":"2026-04-26T12:55:00Z"},{"value":"0.0024","scoring_system":"epss","scoring_elements":"0.47226","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00292","scoring_system":"epss","scoring_elements":"0.52595","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00292","scoring_system":"epss","scoring_elements":"0.52639","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00292","scoring_system":"epss","scoring_elements":"0.52623","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00292","scoring_system":"epss","scoring_elements":"0.52609","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00292","scoring_system":"epss","scoring_elements":"0.52648","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00292","scoring_system":"epss","scoring_elements":"0.52655","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00292","scoring_system":"epss","scoring_elements":"0.52589","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00292","scoring_system":"epss","scoring_elements":"0.52551","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00292","scoring_system":"epss","scoring_elements":"0.52577","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00292","scoring_system":"epss","scoring_elements":"0.52544","published_at":"2026-04-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-21618"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21618","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21618"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21619","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21619"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21624","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21624"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21628","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21628"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39399","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39399"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21835","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21835"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21843","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21843"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2133817","reference_id":"2133817","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2133817"},{"reference_url":"https://security.gentoo.org/glsa/202409-26","reference_id":"GLSA-202409-26","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202409-26"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:6999","reference_id":"RHSA-2022:6999","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:6999"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7000","reference_id":"RHSA-2022:7000","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7000"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7001","reference_id":"RHSA-2022:7001","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7001"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7008","reference_id":"RHSA-2022:7008","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7008"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7009","reference_id":"RHSA-2022:7009","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7009"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7010","reference_id":"RHSA-2022:7010","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7010"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7011","reference_id":"RHSA-2022:7011","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7011"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7012","reference_id":"RHSA-2022:7012","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7012"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7013","reference_id":"RHSA-2022:7013","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7013"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7051","reference_id":"RHSA-2022:7051","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7051"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7052","reference_id":"RHSA-2022:7052","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7052"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7053","reference_id":"RHSA-2022:7053","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7053"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7054","reference_id":"RHSA-2022:7054","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7054"},{"reference_url":"https://usn.ubuntu.com/5719-1/","reference_id":"USN-5719-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5719-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/933615?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.5%2B8-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.5%252B8-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933616?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.6%2B10-1~deb11u1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.6%252B10-1~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933604?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.12%2B7-2~deb11u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1gha-995s-7qdg"},{"vulnerability":"VCID-57sd-8y93-qqhu"},{"vulnerability":"VCID-6r1k-8y1c-q7fm"},{"vulnerability":"VCID-jxgd-j4wr-tyb7"},{"vulnerability":"VCID-sz6r-65q1-q3bh"},{"vulnerability":"VCID-xte1-h9nn-4bbk"},{"vulnerability":"VCID-zsun-4q6p-8fek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.12%252B7-2~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933602?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1gha-995s-7qdg"},{"vulnerability":"VCID-57sd-8y93-qqhu"},{"vulnerability":"VCID-6r1k-8y1c-q7fm"},{"vulnerability":"VCID-jxgd-j4wr-tyb7"},{"vulnerability":"VCID-sz6r-65q1-q3bh"},{"vulnerability":"VCID-xte1-h9nn-4bbk"},{"vulnerability":"VCID-zsun-4q6p-8fek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.17%252B10-1~deb12u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933605?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~6ea-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~6ea-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1062446?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~9ea-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1067592?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~9ea-2?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-2%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1077466?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19%2B10-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19%252B10-1%3Fdistro=sid"}],"aliases":["CVE-2022-21618"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-m3e1-5tfw-uyhv"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/64941?format=json","vulnerability_id":"VCID-mt9c-tby1-wqe9","summary":"openjdk: Improve JMX connections (Oracle CPU 2026-01)","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-21925.json","reference_id":"","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-21925.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-21925","reference_id":"","reference_type":"","scores":[{"value":"0.00035","scoring_system":"epss","scoring_elements":"0.10163","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00035","scoring_system":"epss","scoring_elements":"0.10053","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00035","scoring_system":"epss","scoring_elements":"0.10194","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00035","scoring_system":"epss","scoring_elements":"0.10172","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00035","scoring_system":"epss","scoring_elements":"0.10114","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00035","scoring_system":"epss","scoring_elements":"0.10229","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00035","scoring_system":"epss","scoring_elements":"0.10125","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00035","scoring_system":"epss","scoring_elements":"0.102","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00035","scoring_system":"epss","scoring_elements":"0.1026","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00035","scoring_system":"epss","scoring_elements":"0.10292","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00035","scoring_system":"epss","scoring_elements":"0.10251","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00035","scoring_system":"epss","scoring_elements":"0.10232","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00035","scoring_system":"epss","scoring_elements":"0.10104","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00035","scoring_system":"epss","scoring_elements":"0.10082","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00035","scoring_system":"epss","scoring_elements":"0.10215","published_at":"2026-04-21T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-21925"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-21925","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-21925"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1126119","reference_id":"1126119","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1126119"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2429924","reference_id":"2429924","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2429924"},{"reference_url":"https://www.oracle.com/security-alerts/cpujan2026.html","reference_id":"cpujan2026.html","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-21T20:50:27Z/"}],"url":"https://www.oracle.com/security-alerts/cpujan2026.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0847","reference_id":"RHSA-2026:0847","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0847"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0848","reference_id":"RHSA-2026:0848","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0848"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0849","reference_id":"RHSA-2026:0849","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0849"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0895","reference_id":"RHSA-2026:0895","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0895"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0896","reference_id":"RHSA-2026:0896","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0896"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0897","reference_id":"RHSA-2026:0897","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0897"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0898","reference_id":"RHSA-2026:0898","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0898"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0899","reference_id":"RHSA-2026:0899","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0899"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0900","reference_id":"RHSA-2026:0900","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0900"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0901","reference_id":"RHSA-2026:0901","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0901"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0927","reference_id":"RHSA-2026:0927","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0927"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0928","reference_id":"RHSA-2026:0928","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0928"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0931","reference_id":"RHSA-2026:0931","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0931"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0932","reference_id":"RHSA-2026:0932","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0932"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0933","reference_id":"RHSA-2026:0933","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0933"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1606","reference_id":"RHSA-2026:1606","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1606"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4832","reference_id":"RHSA-2026:4832","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4832"},{"reference_url":"https://usn.ubuntu.com/7995-1/","reference_id":"USN-7995-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7995-1/"},{"reference_url":"https://usn.ubuntu.com/7996-1/","reference_id":"USN-7996-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7996-1/"},{"reference_url":"https://usn.ubuntu.com/7997-1/","reference_id":"USN-7997-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7997-1/"},{"reference_url":"https://usn.ubuntu.com/7998-1/","reference_id":"USN-7998-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7998-1/"},{"reference_url":"https://usn.ubuntu.com/8000-1/","reference_id":"USN-8000-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8000-1/"},{"reference_url":"https://usn.ubuntu.com/8001-1/","reference_id":"USN-8001-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8001-1/"},{"reference_url":"https://usn.ubuntu.com/8002-1/","reference_id":"USN-8002-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8002-1/"},{"reference_url":"https://usn.ubuntu.com/8003-1/","reference_id":"USN-8003-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8003-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/933604?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.12%2B7-2~deb11u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1gha-995s-7qdg"},{"vulnerability":"VCID-57sd-8y93-qqhu"},{"vulnerability":"VCID-6r1k-8y1c-q7fm"},{"vulnerability":"VCID-jxgd-j4wr-tyb7"},{"vulnerability":"VCID-sz6r-65q1-q3bh"},{"vulnerability":"VCID-xte1-h9nn-4bbk"},{"vulnerability":"VCID-zsun-4q6p-8fek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.12%252B7-2~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933602?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1gha-995s-7qdg"},{"vulnerability":"VCID-57sd-8y93-qqhu"},{"vulnerability":"VCID-6r1k-8y1c-q7fm"},{"vulnerability":"VCID-jxgd-j4wr-tyb7"},{"vulnerability":"VCID-sz6r-65q1-q3bh"},{"vulnerability":"VCID-xte1-h9nn-4bbk"},{"vulnerability":"VCID-zsun-4q6p-8fek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.17%252B10-1~deb12u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933649?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.18%2B8-1~deb11u1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.18%252B8-1~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933648?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.18%2B8-1~deb12u1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.18%252B8-1~deb12u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933650?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.18%2B8-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.18%252B8-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933605?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~6ea-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~6ea-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1062446?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~9ea-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1067592?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~9ea-2?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-2%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1077466?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19%2B10-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19%252B10-1%3Fdistro=sid"}],"aliases":["CVE-2026-21925"],"risk_score":2.1,"exploitability":"0.5","weighted_severity":"4.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-mt9c-tby1-wqe9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/34373?format=json","vulnerability_id":"VCID-mumk-x95v-bfc8","summary":"Multiple vulnerabilities have been found in OpenJDK, the worst of which could result in denial of service.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21366.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21366.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-21366","reference_id":"","reference_type":"","scores":[{"value":"0.00164","scoring_system":"epss","scoring_elements":"0.37445","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00164","scoring_system":"epss","scoring_elements":"0.3747","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00882","scoring_system":"epss","scoring_elements":"0.75391","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00882","scoring_system":"epss","scoring_elements":"0.75412","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00882","scoring_system":"epss","scoring_elements":"0.7539","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00882","scoring_system":"epss","scoring_elements":"0.75378","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00882","scoring_system":"epss","scoring_elements":"0.7542","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00882","scoring_system":"epss","scoring_elements":"0.75426","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00882","scoring_system":"epss","scoring_elements":"0.75416","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00882","scoring_system":"epss","scoring_elements":"0.7545","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00882","scoring_system":"epss","scoring_elements":"0.75455","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00882","scoring_system":"epss","scoring_elements":"0.75459","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00882","scoring_system":"epss","scoring_elements":"0.75467","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00882","scoring_system":"epss","scoring_elements":"0.75338","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00882","scoring_system":"epss","scoring_elements":"0.75382","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-21366"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21248","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21248"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21277","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21277"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21282","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21282"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21283","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21283"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21291","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21291"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21293","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21293"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21294","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21294"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21296","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21296"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21299","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21299"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21305","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21305"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21340","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21340"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21341","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21341"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21360","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21360"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21365","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21365"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21366","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21366"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2041789","reference_id":"2041789","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2041789"},{"reference_url":"https://security.gentoo.org/glsa/202209-05","reference_id":"GLSA-202209-05","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202209-05"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0161","reference_id":"RHSA-2022:0161","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0161"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0165","reference_id":"RHSA-2022:0165","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0165"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0166","reference_id":"RHSA-2022:0166","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0166"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0185","reference_id":"RHSA-2022:0185","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0185"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0204","reference_id":"RHSA-2022:0204","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0204"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0209","reference_id":"RHSA-2022:0209","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0209"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0211","reference_id":"RHSA-2022:0211","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0211"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0228","reference_id":"RHSA-2022:0228","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0228"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0229","reference_id":"RHSA-2022:0229","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0229"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0233","reference_id":"RHSA-2022:0233","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0233"},{"reference_url":"https://usn.ubuntu.com/5313-1/","reference_id":"USN-5313-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5313-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/933610?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.2%2B8-1~deb11u1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.2%252B8-1~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933609?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.2%2B8-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.2%252B8-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933604?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.12%2B7-2~deb11u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1gha-995s-7qdg"},{"vulnerability":"VCID-57sd-8y93-qqhu"},{"vulnerability":"VCID-6r1k-8y1c-q7fm"},{"vulnerability":"VCID-jxgd-j4wr-tyb7"},{"vulnerability":"VCID-sz6r-65q1-q3bh"},{"vulnerability":"VCID-xte1-h9nn-4bbk"},{"vulnerability":"VCID-zsun-4q6p-8fek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.12%252B7-2~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933602?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1gha-995s-7qdg"},{"vulnerability":"VCID-57sd-8y93-qqhu"},{"vulnerability":"VCID-6r1k-8y1c-q7fm"},{"vulnerability":"VCID-jxgd-j4wr-tyb7"},{"vulnerability":"VCID-sz6r-65q1-q3bh"},{"vulnerability":"VCID-xte1-h9nn-4bbk"},{"vulnerability":"VCID-zsun-4q6p-8fek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.17%252B10-1~deb12u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933605?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~6ea-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~6ea-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1062446?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~9ea-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1067592?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~9ea-2?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-2%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1077466?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19%2B10-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19%252B10-1%3Fdistro=sid"}],"aliases":["CVE-2022-21366"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-mumk-x95v-bfc8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/74710?format=json","vulnerability_id":"VCID-n71d-tx76-vbbd","summary":"OpenJDK: Out-of-bounds access in 2D image handling (8324559)","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21145.json","reference_id":"","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21145.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-21145","reference_id":"","reference_type":"","scores":[{"value":"0.0045","scoring_system":"epss","scoring_elements":"0.63686","published_at":"2026-04-29T12:55:00Z"},{"value":"0.0045","scoring_system":"epss","scoring_elements":"0.6363","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0045","scoring_system":"epss","scoring_elements":"0.63666","published_at":"2026-04-16T12:55:00Z"},{"value":"0.0045","scoring_system":"epss","scoring_elements":"0.63676","published_at":"2026-04-18T12:55:00Z"},{"value":"0.0045","scoring_system":"epss","scoring_elements":"0.63659","published_at":"2026-05-05T12:55:00Z"},{"value":"0.0045","scoring_system":"epss","scoring_elements":"0.63691","published_at":"2026-04-26T12:55:00Z"},{"value":"0.0045","scoring_system":"epss","scoring_elements":"0.63609","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0045","scoring_system":"epss","scoring_elements":"0.63636","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0045","scoring_system":"epss","scoring_elements":"0.63595","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0045","scoring_system":"epss","scoring_elements":"0.63647","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0045","scoring_system":"epss","scoring_elements":"0.63663","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0045","scoring_system":"epss","scoring_elements":"0.63678","published_at":"2026-04-24T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-21145"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21131","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21131"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21138","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21138"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21140","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21140"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21144","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21144"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21145","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21145"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21147","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21147"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2297976","reference_id":"2297976","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2297976"},{"reference_url":"https://www.oracle.com/security-alerts/cpujul2024.html","reference_id":"cpujul2024.html","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-17T13:58:12Z/"}],"url":"https://www.oracle.com/security-alerts/cpujul2024.html"},{"reference_url":"https://security.netapp.com/advisory/ntap-20240719-0008/","reference_id":"ntap-20240719-0008","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-17T13:58:12Z/"}],"url":"https://security.netapp.com/advisory/ntap-20240719-0008/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4560","reference_id":"RHSA-2024:4560","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4560"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4561","reference_id":"RHSA-2024:4561","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4561"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4562","reference_id":"RHSA-2024:4562","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4562"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4563","reference_id":"RHSA-2024:4563","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4563"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4564","reference_id":"RHSA-2024:4564","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4564"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4565","reference_id":"RHSA-2024:4565","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4565"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4566","reference_id":"RHSA-2024:4566","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4566"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4567","reference_id":"RHSA-2024:4567","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4567"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4568","reference_id":"RHSA-2024:4568","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4568"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4569","reference_id":"RHSA-2024:4569","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4569"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4570","reference_id":"RHSA-2024:4570","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4570"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4571","reference_id":"RHSA-2024:4571","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4571"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4572","reference_id":"RHSA-2024:4572","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4572"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4573","reference_id":"RHSA-2024:4573","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4573"},{"reference_url":"https://usn.ubuntu.com/6929-1/","reference_id":"USN-6929-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6929-1/"},{"reference_url":"https://usn.ubuntu.com/6930-1/","reference_id":"USN-6930-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6930-1/"},{"reference_url":"https://usn.ubuntu.com/6931-1/","reference_id":"USN-6931-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6931-1/"},{"reference_url":"https://usn.ubuntu.com/6932-1/","reference_id":"USN-6932-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6932-1/"},{"reference_url":"https://usn.ubuntu.com/7096-1/","reference_id":"USN-7096-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7096-1/"},{"reference_url":"https://usn.ubuntu.com/7097-1/","reference_id":"USN-7097-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7097-1/"},{"reference_url":"https://usn.ubuntu.com/7098-1/","reference_id":"USN-7098-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7098-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/933633?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.12%2B7-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.12%252B7-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933604?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.12%2B7-2~deb11u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1gha-995s-7qdg"},{"vulnerability":"VCID-57sd-8y93-qqhu"},{"vulnerability":"VCID-6r1k-8y1c-q7fm"},{"vulnerability":"VCID-jxgd-j4wr-tyb7"},{"vulnerability":"VCID-sz6r-65q1-q3bh"},{"vulnerability":"VCID-xte1-h9nn-4bbk"},{"vulnerability":"VCID-zsun-4q6p-8fek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.12%252B7-2~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933632?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.12%2B7-2~deb12u1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.12%252B7-2~deb12u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933602?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1gha-995s-7qdg"},{"vulnerability":"VCID-57sd-8y93-qqhu"},{"vulnerability":"VCID-6r1k-8y1c-q7fm"},{"vulnerability":"VCID-jxgd-j4wr-tyb7"},{"vulnerability":"VCID-sz6r-65q1-q3bh"},{"vulnerability":"VCID-xte1-h9nn-4bbk"},{"vulnerability":"VCID-zsun-4q6p-8fek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.17%252B10-1~deb12u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933605?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~6ea-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~6ea-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1062446?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~9ea-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1067592?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~9ea-2?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-2%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1077466?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19%2B10-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19%252B10-1%3Fdistro=sid"}],"aliases":["CVE-2024-21145"],"risk_score":2.1,"exploitability":"0.5","weighted_severity":"4.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-n71d-tx76-vbbd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/34354?format=json","vulnerability_id":"VCID-ne6z-gg9f-qkcy","summary":"Multiple vulnerabilities have been found in OpenJDK, the worst of which could result in denial of service.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21282.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21282.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-21282","reference_id":"","reference_type":"","scores":[{"value":"0.00133","scoring_system":"epss","scoring_elements":"0.33007","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00133","scoring_system":"epss","scoring_elements":"0.33041","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00133","scoring_system":"epss","scoring_elements":"0.32871","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00133","scoring_system":"epss","scoring_elements":"0.32918","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00133","scoring_system":"epss","scoring_elements":"0.32948","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00133","scoring_system":"epss","scoring_elements":"0.3295","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00133","scoring_system":"epss","scoring_elements":"0.32912","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00133","scoring_system":"epss","scoring_elements":"0.32887","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00133","scoring_system":"epss","scoring_elements":"0.32926","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00133","scoring_system":"epss","scoring_elements":"0.32904","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00133","scoring_system":"epss","scoring_elements":"0.32868","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00133","scoring_system":"epss","scoring_elements":"0.32721","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00133","scoring_system":"epss","scoring_elements":"0.32606","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00133","scoring_system":"epss","scoring_elements":"0.32523","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00133","scoring_system":"epss","scoring_elements":"0.32384","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-21282"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21248","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21248"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21277","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21277"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21282","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21282"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21283","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21283"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21291","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21291"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21293","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21293"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21294","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21294"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21296","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21296"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21299","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21299"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21305","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21305"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21340","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21340"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21341","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21341"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21360","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21360"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21365","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21365"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21366","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21366"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2041435","reference_id":"2041435","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2041435"},{"reference_url":"https://security.gentoo.org/glsa/202209-05","reference_id":"GLSA-202209-05","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202209-05"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0161","reference_id":"RHSA-2022:0161","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0161"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0165","reference_id":"RHSA-2022:0165","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0165"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0166","reference_id":"RHSA-2022:0166","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0166"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0185","reference_id":"RHSA-2022:0185","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0185"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0204","reference_id":"RHSA-2022:0204","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0204"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0209","reference_id":"RHSA-2022:0209","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0209"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0211","reference_id":"RHSA-2022:0211","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0211"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0228","reference_id":"RHSA-2022:0228","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0228"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0229","reference_id":"RHSA-2022:0229","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0229"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0233","reference_id":"RHSA-2022:0233","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0233"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0304","reference_id":"RHSA-2022:0304","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0304"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0305","reference_id":"RHSA-2022:0305","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0305"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0306","reference_id":"RHSA-2022:0306","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0306"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0307","reference_id":"RHSA-2022:0307","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0307"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0312","reference_id":"RHSA-2022:0312","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0312"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0317","reference_id":"RHSA-2022:0317","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0317"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0321","reference_id":"RHSA-2022:0321","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0321"},{"reference_url":"https://usn.ubuntu.com/5313-1/","reference_id":"USN-5313-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5313-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/933610?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.2%2B8-1~deb11u1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.2%252B8-1~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933609?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.2%2B8-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.2%252B8-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933604?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.12%2B7-2~deb11u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1gha-995s-7qdg"},{"vulnerability":"VCID-57sd-8y93-qqhu"},{"vulnerability":"VCID-6r1k-8y1c-q7fm"},{"vulnerability":"VCID-jxgd-j4wr-tyb7"},{"vulnerability":"VCID-sz6r-65q1-q3bh"},{"vulnerability":"VCID-xte1-h9nn-4bbk"},{"vulnerability":"VCID-zsun-4q6p-8fek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.12%252B7-2~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933602?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1gha-995s-7qdg"},{"vulnerability":"VCID-57sd-8y93-qqhu"},{"vulnerability":"VCID-6r1k-8y1c-q7fm"},{"vulnerability":"VCID-jxgd-j4wr-tyb7"},{"vulnerability":"VCID-sz6r-65q1-q3bh"},{"vulnerability":"VCID-xte1-h9nn-4bbk"},{"vulnerability":"VCID-zsun-4q6p-8fek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.17%252B10-1~deb12u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933605?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~6ea-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~6ea-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1062446?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~9ea-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1067592?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~9ea-2?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-2%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1077466?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19%2B10-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19%252B10-1%3Fdistro=sid"}],"aliases":["CVE-2022-21282"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ne6z-gg9f-qkcy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/31970?format=json","vulnerability_id":"VCID-nr6u-aysf-7kgk","summary":"Multiple vulnerabilities have been discovered in OpenJDK, the worst of which could lead to remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-20919.json","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-20919.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-20919","reference_id":"","reference_type":"","scores":[{"value":"0.00156","scoring_system":"epss","scoring_elements":"0.35905","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00156","scoring_system":"epss","scoring_elements":"0.36365","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00156","scoring_system":"epss","scoring_elements":"0.36141","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00156","scoring_system":"epss","scoring_elements":"0.36112","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00156","scoring_system":"epss","scoring_elements":"0.36025","published_at":"2026-04-29T12:55:00Z"},{"value":"0.0017","scoring_system":"epss","scoring_elements":"0.38309","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0017","scoring_system":"epss","scoring_elements":"0.38228","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0017","scoring_system":"epss","scoring_elements":"0.38237","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0017","scoring_system":"epss","scoring_elements":"0.38255","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0017","scoring_system":"epss","scoring_elements":"0.3822","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0017","scoring_system":"epss","scoring_elements":"0.38196","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0017","scoring_system":"epss","scoring_elements":"0.38242","published_at":"2026-04-16T12:55:00Z"},{"value":"0.0017","scoring_system":"epss","scoring_elements":"0.38222","published_at":"2026-04-18T12:55:00Z"},{"value":"0.0017","scoring_system":"epss","scoring_elements":"0.38286","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0017","scoring_system":"epss","scoring_elements":"0.38178","published_at":"2026-04-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-20919"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20918","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20918"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20919","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20919"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20921","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20921"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20926","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20926"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20932","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20932"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20945","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20945"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20952","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20952"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2257853","reference_id":"2257853","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2257853"},{"reference_url":"https://security.gentoo.org/glsa/202412-07","reference_id":"GLSA-202412-07","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-07"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0222","reference_id":"RHSA-2024:0222","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0222"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0223","reference_id":"RHSA-2024:0223","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0223"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0224","reference_id":"RHSA-2024:0224","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0224"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0225","reference_id":"RHSA-2024:0225","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0225"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0226","reference_id":"RHSA-2024:0226","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0226"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0228","reference_id":"RHSA-2024:0228","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0228"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0230","reference_id":"RHSA-2024:0230","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0230"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0231","reference_id":"RHSA-2024:0231","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0231"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0232","reference_id":"RHSA-2024:0232","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0232"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0233","reference_id":"RHSA-2024:0233","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0233"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0234","reference_id":"RHSA-2024:0234","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0234"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0235","reference_id":"RHSA-2024:0235","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0235"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0237","reference_id":"RHSA-2024:0237","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0237"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0239","reference_id":"RHSA-2024:0239","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0239"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0240","reference_id":"RHSA-2024:0240","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0240"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0241","reference_id":"RHSA-2024:0241","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0241"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0242","reference_id":"RHSA-2024:0242","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0242"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0244","reference_id":"RHSA-2024:0244","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0244"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0246","reference_id":"RHSA-2024:0246","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0246"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0247","reference_id":"RHSA-2024:0247","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0247"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0248","reference_id":"RHSA-2024:0248","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0248"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0249","reference_id":"RHSA-2024:0249","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0249"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0250","reference_id":"RHSA-2024:0250","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0250"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0265","reference_id":"RHSA-2024:0265","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0265"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0266","reference_id":"RHSA-2024:0266","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0266"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0267","reference_id":"RHSA-2024:0267","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0267"},{"reference_url":"https://usn.ubuntu.com/6660-1/","reference_id":"USN-6660-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6660-1/"},{"reference_url":"https://usn.ubuntu.com/6661-1/","reference_id":"USN-6661-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6661-1/"},{"reference_url":"https://usn.ubuntu.com/6662-1/","reference_id":"USN-6662-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6662-1/"},{"reference_url":"https://usn.ubuntu.com/6696-1/","reference_id":"USN-6696-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6696-1/"},{"reference_url":"https://usn.ubuntu.com/7096-1/","reference_id":"USN-7096-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7096-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/933627?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.10%2B7-1~deb11u1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.10%252B7-1~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933626?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.10%2B7-1~deb12u1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.10%252B7-1~deb12u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933628?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.10%2B7-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.10%252B7-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933604?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.12%2B7-2~deb11u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1gha-995s-7qdg"},{"vulnerability":"VCID-57sd-8y93-qqhu"},{"vulnerability":"VCID-6r1k-8y1c-q7fm"},{"vulnerability":"VCID-jxgd-j4wr-tyb7"},{"vulnerability":"VCID-sz6r-65q1-q3bh"},{"vulnerability":"VCID-xte1-h9nn-4bbk"},{"vulnerability":"VCID-zsun-4q6p-8fek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.12%252B7-2~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933602?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1gha-995s-7qdg"},{"vulnerability":"VCID-57sd-8y93-qqhu"},{"vulnerability":"VCID-6r1k-8y1c-q7fm"},{"vulnerability":"VCID-jxgd-j4wr-tyb7"},{"vulnerability":"VCID-sz6r-65q1-q3bh"},{"vulnerability":"VCID-xte1-h9nn-4bbk"},{"vulnerability":"VCID-zsun-4q6p-8fek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.17%252B10-1~deb12u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933605?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~6ea-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~6ea-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1062446?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~9ea-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1067592?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~9ea-2?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-2%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1077466?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19%2B10-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19%252B10-1%3Fdistro=sid"}],"aliases":["CVE-2024-20919"],"risk_score":2.6,"exploitability":"0.5","weighted_severity":"5.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-nr6u-aysf-7kgk"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/71990?format=json","vulnerability_id":"VCID-ntga-y6cv-a3df","summary":"openjdk: Enhance array handling (Oracle CPU 2025-01)","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-21502.json","reference_id":"","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-21502.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-21502","reference_id":"","reference_type":"","scores":[{"value":"0.002","scoring_system":"epss","scoring_elements":"0.42064","published_at":"2026-04-02T12:55:00Z"},{"value":"0.002","scoring_system":"epss","scoring_elements":"0.41718","published_at":"2026-05-05T12:55:00Z"},{"value":"0.002","scoring_system":"epss","scoring_elements":"0.41948","published_at":"2026-04-24T12:55:00Z"},{"value":"0.002","scoring_system":"epss","scoring_elements":"0.41942","published_at":"2026-04-26T12:55:00Z"},{"value":"0.002","scoring_system":"epss","scoring_elements":"0.41858","published_at":"2026-04-29T12:55:00Z"},{"value":"0.002","scoring_system":"epss","scoring_elements":"0.42092","published_at":"2026-04-04T12:55:00Z"},{"value":"0.002","scoring_system":"epss","scoring_elements":"0.42029","published_at":"2026-04-07T12:55:00Z"},{"value":"0.002","scoring_system":"epss","scoring_elements":"0.42081","published_at":"2026-04-08T12:55:00Z"},{"value":"0.002","scoring_system":"epss","scoring_elements":"0.42094","published_at":"2026-04-09T12:55:00Z"},{"value":"0.002","scoring_system":"epss","scoring_elements":"0.42116","published_at":"2026-04-11T12:55:00Z"},{"value":"0.002","scoring_system":"epss","scoring_elements":"0.42079","published_at":"2026-04-12T12:55:00Z"},{"value":"0.002","scoring_system":"epss","scoring_elements":"0.42054","published_at":"2026-04-13T12:55:00Z"},{"value":"0.002","scoring_system":"epss","scoring_elements":"0.42104","published_at":"2026-04-16T12:55:00Z"},{"value":"0.002","scoring_system":"epss","scoring_elements":"0.42078","published_at":"2026-04-18T12:55:00Z"},{"value":"0.002","scoring_system":"epss","scoring_elements":"0.42008","published_at":"2026-04-21T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-21502"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21502","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21502"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2338992","reference_id":"2338992","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2338992"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm:20.3.16:*:*:*:enterprise:*:*:*","reference_id":"cpe:2.3:a:oracle:graalvm:20.3.16:*:*:*:enterprise:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm:20.3.16:*:*:*:enterprise:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm:21.3.12:*:*:*:enterprise:*:*:*","reference_id":"cpe:2.3:a:oracle:graalvm:21.3.12:*:*:*:enterprise:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm:21.3.12:*:*:*:enterprise:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:17.0.13:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:graalvm_for_jdk:17.0.13:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:17.0.13:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:21.0.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:graalvm_for_jdk:21.0.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:21.0.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:23.0.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:graalvm_for_jdk:23.0.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:23.0.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:11.0.25:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:java_se:11.0.25:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:11.0.25:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:17.0.13:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:java_se:17.0.13:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:17.0.13:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:21.0.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:java_se:21.0.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:21.0.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:23.0.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:java_se:23.0.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:23.0.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:8u431:*:*:*:enterprise_performance:*:*:*","reference_id":"cpe:2.3:a:oracle:java_se:8u431:*:*:*:enterprise_performance:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:8u431:*:*:*:enterprise_performance:*:*:*"},{"reference_url":"https://www.oracle.com/security-alerts/cpujan2025.html","reference_id":"cpujan2025.html","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T16:29:12Z/"}],"url":"https://www.oracle.com/security-alerts/cpujan2025.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0421","reference_id":"RHSA-2025:0421","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0421"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0422","reference_id":"RHSA-2025:0422","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0422"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0423","reference_id":"RHSA-2025:0423","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0423"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0424","reference_id":"RHSA-2025:0424","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0424"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0425","reference_id":"RHSA-2025:0425","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0425"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0426","reference_id":"RHSA-2025:0426","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0426"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0427","reference_id":"RHSA-2025:0427","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0427"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0428","reference_id":"RHSA-2025:0428","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0428"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0429","reference_id":"RHSA-2025:0429","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0429"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1154","reference_id":"RHSA-2025:1154","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1154"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2615","reference_id":"RHSA-2025:2615","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2615"},{"reference_url":"https://usn.ubuntu.com/7252-1/","reference_id":"USN-7252-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7252-1/"},{"reference_url":"https://usn.ubuntu.com/7253-1/","reference_id":"USN-7253-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7253-1/"},{"reference_url":"https://usn.ubuntu.com/7254-1/","reference_id":"USN-7254-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7254-1/"},{"reference_url":"https://usn.ubuntu.com/7255-1/","reference_id":"USN-7255-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7255-1/"},{"reference_url":"https://usn.ubuntu.com/7338-1/","reference_id":"USN-7338-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7338-1/"},{"reference_url":"https://usn.ubuntu.com/7339-1/","reference_id":"USN-7339-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7339-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/933604?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.12%2B7-2~deb11u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1gha-995s-7qdg"},{"vulnerability":"VCID-57sd-8y93-qqhu"},{"vulnerability":"VCID-6r1k-8y1c-q7fm"},{"vulnerability":"VCID-jxgd-j4wr-tyb7"},{"vulnerability":"VCID-sz6r-65q1-q3bh"},{"vulnerability":"VCID-xte1-h9nn-4bbk"},{"vulnerability":"VCID-zsun-4q6p-8fek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.12%252B7-2~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933638?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.14%2B7-1~deb11u1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.14%252B7-1~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933637?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.14%2B7-1~deb12u1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.14%252B7-1~deb12u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933639?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.14%2B7-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.14%252B7-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933602?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1gha-995s-7qdg"},{"vulnerability":"VCID-57sd-8y93-qqhu"},{"vulnerability":"VCID-6r1k-8y1c-q7fm"},{"vulnerability":"VCID-jxgd-j4wr-tyb7"},{"vulnerability":"VCID-sz6r-65q1-q3bh"},{"vulnerability":"VCID-xte1-h9nn-4bbk"},{"vulnerability":"VCID-zsun-4q6p-8fek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.17%252B10-1~deb12u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933605?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~6ea-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~6ea-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1062446?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~9ea-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1067592?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~9ea-2?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-2%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1077466?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19%2B10-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19%252B10-1%3Fdistro=sid"}],"aliases":["CVE-2025-21502"],"risk_score":2.1,"exploitability":"0.5","weighted_severity":"4.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ntga-y6cv-a3df"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/66831?format=json","vulnerability_id":"VCID-nxx8-nehy-qyhg","summary":"openjdk: Enhance Path Factories (Oracle CPU 2025-10)","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-53066.json","reference_id":"","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-53066.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-53066","reference_id":"","reference_type":"","scores":[{"value":"0.00055","scoring_system":"epss","scoring_elements":"0.17286","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00055","scoring_system":"epss","scoring_elements":"0.16809","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00055","scoring_system":"epss","scoring_elements":"0.17019","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00055","scoring_system":"epss","scoring_elements":"0.17002","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00055","scoring_system":"epss","scoring_elements":"0.16946","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00055","scoring_system":"epss","scoring_elements":"0.17335","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00055","scoring_system":"epss","scoring_elements":"0.17115","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00055","scoring_system":"epss","scoring_elements":"0.17207","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00055","scoring_system":"epss","scoring_elements":"0.17263","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00055","scoring_system":"epss","scoring_elements":"0.17241","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00055","scoring_system":"epss","scoring_elements":"0.17193","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00055","scoring_system":"epss","scoring_elements":"0.17132","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00055","scoring_system":"epss","scoring_elements":"0.17073","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00055","scoring_system":"epss","scoring_elements":"0.17078","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00055","scoring_system":"epss","scoring_elements":"0.17113","published_at":"2026-04-21T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-53066"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-53066","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-53066"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1118944","reference_id":"1118944","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1118944"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2403063","reference_id":"2403063","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2403063"},{"reference_url":"https://www.oracle.com/security-alerts/cpuoct2025.html","reference_id":"cpuoct2025.html","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-22T19:44:34Z/"}],"url":"https://www.oracle.com/security-alerts/cpuoct2025.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:18814","reference_id":"RHSA-2025:18814","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:18814"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:18815","reference_id":"RHSA-2025:18815","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:18815"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:18816","reference_id":"RHSA-2025:18816","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:18816"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:18817","reference_id":"RHSA-2025:18817","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:18817"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:18818","reference_id":"RHSA-2025:18818","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:18818"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:18819","reference_id":"RHSA-2025:18819","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:18819"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:18820","reference_id":"RHSA-2025:18820","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:18820"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:18821","reference_id":"RHSA-2025:18821","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:18821"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:18822","reference_id":"RHSA-2025:18822","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:18822"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:18823","reference_id":"RHSA-2025:18823","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:18823"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:18824","reference_id":"RHSA-2025:18824","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:18824"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:18825","reference_id":"RHSA-2025:18825","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:18825"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:18826","reference_id":"RHSA-2025:18826","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:18826"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21485","reference_id":"RHSA-2025:21485","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21485"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22370","reference_id":"RHSA-2025:22370","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:22370"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22672","reference_id":"RHSA-2025:22672","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:22672"},{"reference_url":"https://usn.ubuntu.com/7881-1/","reference_id":"USN-7881-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7881-1/"},{"reference_url":"https://usn.ubuntu.com/7882-1/","reference_id":"USN-7882-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7882-1/"},{"reference_url":"https://usn.ubuntu.com/7883-1/","reference_id":"USN-7883-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7883-1/"},{"reference_url":"https://usn.ubuntu.com/7884-1/","reference_id":"USN-7884-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7884-1/"},{"reference_url":"https://usn.ubuntu.com/7885-1/","reference_id":"USN-7885-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7885-1/"},{"reference_url":"https://usn.ubuntu.com/7900-1/","reference_id":"USN-7900-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7900-1/"},{"reference_url":"https://usn.ubuntu.com/7901-1/","reference_id":"USN-7901-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7901-1/"},{"reference_url":"https://usn.ubuntu.com/7902-1/","reference_id":"USN-7902-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7902-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/933604?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.12%2B7-2~deb11u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1gha-995s-7qdg"},{"vulnerability":"VCID-57sd-8y93-qqhu"},{"vulnerability":"VCID-6r1k-8y1c-q7fm"},{"vulnerability":"VCID-jxgd-j4wr-tyb7"},{"vulnerability":"VCID-sz6r-65q1-q3bh"},{"vulnerability":"VCID-xte1-h9nn-4bbk"},{"vulnerability":"VCID-zsun-4q6p-8fek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.12%252B7-2~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933646?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb11u1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.17%252B10-1~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933602?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1gha-995s-7qdg"},{"vulnerability":"VCID-57sd-8y93-qqhu"},{"vulnerability":"VCID-6r1k-8y1c-q7fm"},{"vulnerability":"VCID-jxgd-j4wr-tyb7"},{"vulnerability":"VCID-sz6r-65q1-q3bh"},{"vulnerability":"VCID-xte1-h9nn-4bbk"},{"vulnerability":"VCID-zsun-4q6p-8fek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.17%252B10-1~deb12u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933647?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.17%2B10-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.17%252B10-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933605?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~6ea-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~6ea-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1062446?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~9ea-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1067592?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~9ea-2?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-2%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1077466?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19%2B10-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19%252B10-1%3Fdistro=sid"}],"aliases":["CVE-2025-53066"],"risk_score":2.6,"exploitability":"0.5","weighted_severity":"5.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-nxx8-nehy-qyhg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/34350?format=json","vulnerability_id":"VCID-p5ye-19wy-ayb8","summary":"Multiple vulnerabilities have been found in OpenJDK, the worst of which could result in denial of service.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-35603.json","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-35603.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-35603","reference_id":"","reference_type":"","scores":[{"value":"0.00123","scoring_system":"epss","scoring_elements":"0.31435","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00123","scoring_system":"epss","scoring_elements":"0.31613","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00123","scoring_system":"epss","scoring_elements":"0.3157","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00123","scoring_system":"epss","scoring_elements":"0.31453","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00123","scoring_system":"epss","scoring_elements":"0.31474","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00123","scoring_system":"epss","scoring_elements":"0.3144","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00123","scoring_system":"epss","scoring_elements":"0.31477","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00123","scoring_system":"epss","scoring_elements":"0.31519","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00123","scoring_system":"epss","scoring_elements":"0.31514","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00123","scoring_system":"epss","scoring_elements":"0.31485","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00123","scoring_system":"epss","scoring_elements":"0.31432","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00136","scoring_system":"epss","scoring_elements":"0.33331","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00136","scoring_system":"epss","scoring_elements":"0.32961","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00136","scoring_system":"epss","scoring_elements":"0.33078","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00136","scoring_system":"epss","scoring_elements":"0.33159","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00136","scoring_system":"epss","scoring_elements":"0.33176","published_at":"2026-04-24T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-35603"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35550","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35550"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35556","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35556"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35559","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35559"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35561","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35561"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35564","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35564"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35565","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35565"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35567","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35567"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35578","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35578"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35586","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35586"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35603","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35603"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2015311","reference_id":"2015311","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2015311"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6EUURAQOIJYFZHQ7DFZCO6IKDPIAWTNK/","reference_id":"6EUURAQOIJYFZHQ7DFZCO6IKDPIAWTNK","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-18T17:52:57Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6EUURAQOIJYFZHQ7DFZCO6IKDPIAWTNK/"},{"reference_url":"https://security.archlinux.org/AVG-2477","reference_id":"AVG-2477","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2477"},{"reference_url":"https://security.archlinux.org/AVG-2478","reference_id":"AVG-2478","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2478"},{"reference_url":"https://security.archlinux.org/AVG-2479","reference_id":"AVG-2479","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2479"},{"reference_url":"https://www.debian.org/security/2021/dsa-5000","reference_id":"dsa-5000","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-18T17:52:57Z/"}],"url":"https://www.debian.org/security/2021/dsa-5000"},{"reference_url":"https://www.debian.org/security/2021/dsa-5012","reference_id":"dsa-5012","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-18T17:52:57Z/"}],"url":"https://www.debian.org/security/2021/dsa-5012"},{"reference_url":"https://security.gentoo.org/glsa/202209-05","reference_id":"GLSA-202209-05","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-18T17:52:57Z/"}],"url":"https://security.gentoo.org/glsa/202209-05"},{"reference_url":"https://security.gentoo.org/glsa/202409-26","reference_id":"GLSA-202409-26","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202409-26"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GTYZWIXDFUV2H57YQZJWPOD3BC3I3EIQ/","reference_id":"GTYZWIXDFUV2H57YQZJWPOD3BC3I3EIQ","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-18T17:52:57Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GTYZWIXDFUV2H57YQZJWPOD3BC3I3EIQ/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GXTUWAWXVU37GRNIG4TPMA47THO6VAE6/","reference_id":"GXTUWAWXVU37GRNIG4TPMA47THO6VAE6","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-18T17:52:57Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GXTUWAWXVU37GRNIG4TPMA47THO6VAE6/"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2021/11/msg00008.html","reference_id":"msg00008.html","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-18T17:52:57Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2021/11/msg00008.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3884","reference_id":"RHSA-2021:3884","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3884"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3885","reference_id":"RHSA-2021:3885","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3885"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3886","reference_id":"RHSA-2021:3886","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3886"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3887","reference_id":"RHSA-2021:3887","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3887"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3889","reference_id":"RHSA-2021:3889","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3889"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3891","reference_id":"RHSA-2021:3891","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3891"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3892","reference_id":"RHSA-2021:3892","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3892"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3893","reference_id":"RHSA-2021:3893","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3893"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3960","reference_id":"RHSA-2021:3960","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3960"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3961","reference_id":"RHSA-2021:3961","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3961"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3967","reference_id":"RHSA-2021:3967","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3967"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3968","reference_id":"RHSA-2021:3968","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3968"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:4135","reference_id":"RHSA-2021:4135","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:4135"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:4531","reference_id":"RHSA-2021:4531","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:4531"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:4532","reference_id":"RHSA-2021:4532","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:4532"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0968","reference_id":"RHSA-2022:0968","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0968"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0969","reference_id":"RHSA-2022:0969","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0969"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0970","reference_id":"RHSA-2022:0970","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0970"},{"reference_url":"https://usn.ubuntu.com/5202-1/","reference_id":"USN-5202-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5202-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/933607?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.1%2B12-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.1%252B12-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933608?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.1%2B12-1%2Bdeb11u2?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.1%252B12-1%252Bdeb11u2%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933604?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.12%2B7-2~deb11u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1gha-995s-7qdg"},{"vulnerability":"VCID-57sd-8y93-qqhu"},{"vulnerability":"VCID-6r1k-8y1c-q7fm"},{"vulnerability":"VCID-jxgd-j4wr-tyb7"},{"vulnerability":"VCID-sz6r-65q1-q3bh"},{"vulnerability":"VCID-xte1-h9nn-4bbk"},{"vulnerability":"VCID-zsun-4q6p-8fek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.12%252B7-2~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933602?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1gha-995s-7qdg"},{"vulnerability":"VCID-57sd-8y93-qqhu"},{"vulnerability":"VCID-6r1k-8y1c-q7fm"},{"vulnerability":"VCID-jxgd-j4wr-tyb7"},{"vulnerability":"VCID-sz6r-65q1-q3bh"},{"vulnerability":"VCID-xte1-h9nn-4bbk"},{"vulnerability":"VCID-zsun-4q6p-8fek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.17%252B10-1~deb12u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933605?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~6ea-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~6ea-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1062446?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~9ea-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1067592?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~9ea-2?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-2%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1077466?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19%2B10-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19%252B10-1%3Fdistro=sid"}],"aliases":["CVE-2021-35603"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-p5ye-19wy-ayb8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/68624?format=json","vulnerability_id":"VCID-p9na-7jta-9yg4","summary":"openjdk: Enhance TLS protocol support (Oracle CPU 2025-07)","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-30754.json","reference_id":"","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-30754.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-30754","reference_id":"","reference_type":"","scores":[{"value":"0.0009","scoring_system":"epss","scoring_elements":"0.25474","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00114","scoring_system":"epss","scoring_elements":"0.3003","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00114","scoring_system":"epss","scoring_elements":"0.29952","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00114","scoring_system":"epss","scoring_elements":"0.29988","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00114","scoring_system":"epss","scoring_elements":"0.30077","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00114","scoring_system":"epss","scoring_elements":"0.29891","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00116","scoring_system":"epss","scoring_elements":"0.30396","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00116","scoring_system":"epss","scoring_elements":"0.30304","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00116","scoring_system":"epss","scoring_elements":"0.30194","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00116","scoring_system":"epss","scoring_elements":"0.30078","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00116","scoring_system":"epss","scoring_elements":"0.30002","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00116","scoring_system":"epss","scoring_elements":"0.30352","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00116","scoring_system":"epss","scoring_elements":"0.30305","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00116","scoring_system":"epss","scoring_elements":"0.30321","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00126","scoring_system":"epss","scoring_elements":"0.31356","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-30754"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-30754","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-30754"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2376784","reference_id":"2376784","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2376784"},{"reference_url":"https://www.oracle.com/security-alerts/cpujul2025.html","reference_id":"cpujul2025.html","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-16T15:31:20Z/"}],"url":"https://www.oracle.com/security-alerts/cpujul2025.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10861","reference_id":"RHSA-2025:10861","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10861"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10862","reference_id":"RHSA-2025:10862","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10862"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10863","reference_id":"RHSA-2025:10863","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10863"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10864","reference_id":"RHSA-2025:10864","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10864"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10865","reference_id":"RHSA-2025:10865","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10865"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10866","reference_id":"RHSA-2025:10866","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10866"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10867","reference_id":"RHSA-2025:10867","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10867"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10868","reference_id":"RHSA-2025:10868","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10868"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10869","reference_id":"RHSA-2025:10869","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10869"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10870","reference_id":"RHSA-2025:10870","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10870"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10873","reference_id":"RHSA-2025:10873","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10873"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10874","reference_id":"RHSA-2025:10874","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10874"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10875","reference_id":"RHSA-2025:10875","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10875"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:13656","reference_id":"RHSA-2025:13656","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:13656"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:13675","reference_id":"RHSA-2025:13675","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:13675"},{"reference_url":"https://usn.ubuntu.com/7667-1/","reference_id":"USN-7667-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7667-1/"},{"reference_url":"https://usn.ubuntu.com/7668-1/","reference_id":"USN-7668-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7668-1/"},{"reference_url":"https://usn.ubuntu.com/7669-1/","reference_id":"USN-7669-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7669-1/"},{"reference_url":"https://usn.ubuntu.com/7672-1/","reference_id":"USN-7672-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7672-1/"},{"reference_url":"https://usn.ubuntu.com/7673-1/","reference_id":"USN-7673-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7673-1/"},{"reference_url":"https://usn.ubuntu.com/7674-1/","reference_id":"USN-7674-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7674-1/"},{"reference_url":"https://usn.ubuntu.com/7690-1/","reference_id":"USN-7690-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7690-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/933604?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.12%2B7-2~deb11u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1gha-995s-7qdg"},{"vulnerability":"VCID-57sd-8y93-qqhu"},{"vulnerability":"VCID-6r1k-8y1c-q7fm"},{"vulnerability":"VCID-jxgd-j4wr-tyb7"},{"vulnerability":"VCID-sz6r-65q1-q3bh"},{"vulnerability":"VCID-xte1-h9nn-4bbk"},{"vulnerability":"VCID-zsun-4q6p-8fek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.12%252B7-2~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933644?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.16%2B8-1~deb11u1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.16%252B8-1~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933643?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.16%2B8-1~deb12u1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.16%252B8-1~deb12u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933645?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.16%2B8-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.16%252B8-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933602?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1gha-995s-7qdg"},{"vulnerability":"VCID-57sd-8y93-qqhu"},{"vulnerability":"VCID-6r1k-8y1c-q7fm"},{"vulnerability":"VCID-jxgd-j4wr-tyb7"},{"vulnerability":"VCID-sz6r-65q1-q3bh"},{"vulnerability":"VCID-xte1-h9nn-4bbk"},{"vulnerability":"VCID-zsun-4q6p-8fek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.17%252B10-1~deb12u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933605?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~6ea-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~6ea-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1062446?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~9ea-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1067592?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~9ea-2?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-2%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1077466?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19%2B10-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19%252B10-1%3Fdistro=sid"}],"aliases":["CVE-2025-30754"],"risk_score":2.1,"exploitability":"0.5","weighted_severity":"4.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-p9na-7jta-9yg4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/78478?format=json","vulnerability_id":"VCID-q5gr-6u92-6ybk","summary":"OpenJDK: incorrect handling of NULL characters in ProcessBuilder (8295304)","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-21938.json","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-21938.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-21938","reference_id":"","reference_type":"","scores":[{"value":"0.00084","scoring_system":"epss","scoring_elements":"0.24246","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00084","scoring_system":"epss","scoring_elements":"0.24483","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00084","scoring_system":"epss","scoring_elements":"0.24425","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00084","scoring_system":"epss","scoring_elements":"0.2441","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00084","scoring_system":"epss","scoring_elements":"0.24367","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.24993","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.25005","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.25188","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.2496","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.25029","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.25073","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.25087","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.25047","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.25149","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.24998","published_at":"2026-04-18T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-21938"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21930","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21930"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21937","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21937"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21938","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21938"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21939","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21939"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21954","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21954"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21967","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21967"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21968","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21968"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22006","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22006"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22036","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22036"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22041","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22041"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22045","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22045"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22049","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22049"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1035957","reference_id":"1035957","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1035957"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036280","reference_id":"1036280","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036280"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2187758","reference_id":"2187758","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2187758"},{"reference_url":"https://www.debian.org/security/2023/dsa-5430","reference_id":"dsa-5430","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-16T14:39:35Z/"}],"url":"https://www.debian.org/security/2023/dsa-5430"},{"reference_url":"https://www.debian.org/security/2023/dsa-5478","reference_id":"dsa-5478","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-16T14:39:35Z/"}],"url":"https://www.debian.org/security/2023/dsa-5478"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2023/09/msg00018.html","reference_id":"msg00018.html","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-16T14:39:35Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2023/09/msg00018.html"},{"reference_url":"https://security.netapp.com/advisory/ntap-20230427-0008/","reference_id":"ntap-20230427-0008","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-16T14:39:35Z/"}],"url":"https://security.netapp.com/advisory/ntap-20230427-0008/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1875","reference_id":"RHSA-2023:1875","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1875"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1877","reference_id":"RHSA-2023:1877","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1877"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1878","reference_id":"RHSA-2023:1878","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1878"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1879","reference_id":"RHSA-2023:1879","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1879"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1880","reference_id":"RHSA-2023:1880","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1880"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1882","reference_id":"RHSA-2023:1882","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1882"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1883","reference_id":"RHSA-2023:1883","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1883"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1884","reference_id":"RHSA-2023:1884","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1884"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1885","reference_id":"RHSA-2023:1885","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1885"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1889","reference_id":"RHSA-2023:1889","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1889"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1890","reference_id":"RHSA-2023:1890","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1890"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1891","reference_id":"RHSA-2023:1891","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1891"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1892","reference_id":"RHSA-2023:1892","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1892"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1895","reference_id":"RHSA-2023:1895","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1895"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1898","reference_id":"RHSA-2023:1898","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1898"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1899","reference_id":"RHSA-2023:1899","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1899"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1900","reference_id":"RHSA-2023:1900","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1900"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1903","reference_id":"RHSA-2023:1903","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1903"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1904","reference_id":"RHSA-2023:1904","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1904"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1905","reference_id":"RHSA-2023:1905","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1905"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1906","reference_id":"RHSA-2023:1906","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1906"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1907","reference_id":"RHSA-2023:1907","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1907"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1908","reference_id":"RHSA-2023:1908","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1908"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1909","reference_id":"RHSA-2023:1909","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1909"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1910","reference_id":"RHSA-2023:1910","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1910"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1911","reference_id":"RHSA-2023:1911","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1911"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1912","reference_id":"RHSA-2023:1912","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1912"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4103","reference_id":"RHSA-2023:4103","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4103"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4160","reference_id":"RHSA-2023:4160","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4160"},{"reference_url":"https://usn.ubuntu.com/6077-1/","reference_id":"USN-6077-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6077-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/933619?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.7%2B7-1~deb11u1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.7%252B7-1~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933618?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.7%2B7-1~deb12u1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.7%252B7-1~deb12u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933620?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.7%2B7-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.7%252B7-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933604?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.12%2B7-2~deb11u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1gha-995s-7qdg"},{"vulnerability":"VCID-57sd-8y93-qqhu"},{"vulnerability":"VCID-6r1k-8y1c-q7fm"},{"vulnerability":"VCID-jxgd-j4wr-tyb7"},{"vulnerability":"VCID-sz6r-65q1-q3bh"},{"vulnerability":"VCID-xte1-h9nn-4bbk"},{"vulnerability":"VCID-zsun-4q6p-8fek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.12%252B7-2~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933602?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1gha-995s-7qdg"},{"vulnerability":"VCID-57sd-8y93-qqhu"},{"vulnerability":"VCID-6r1k-8y1c-q7fm"},{"vulnerability":"VCID-jxgd-j4wr-tyb7"},{"vulnerability":"VCID-sz6r-65q1-q3bh"},{"vulnerability":"VCID-xte1-h9nn-4bbk"},{"vulnerability":"VCID-zsun-4q6p-8fek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.17%252B10-1~deb12u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933605?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~6ea-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~6ea-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1062446?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~9ea-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1067592?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~9ea-2?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-2%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1077466?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19%2B10-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19%252B10-1%3Fdistro=sid"}],"aliases":["CVE-2023-21938"],"risk_score":1.6,"exploitability":"0.5","weighted_severity":"3.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-q5gr-6u92-6ybk"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/53969?format=json","vulnerability_id":"VCID-rfs8-njaq-qkc8","summary":"Apache Xalan Java XSLT library integer truncation issue when processing malicious XSLT stylesheets\nThe Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets. This can be used to corrupt Java class files generated by the internal XSLTC compiler and execute arbitrary Java bytecode.\n\nA fix for this issue was published in September 2022 as part of an anticipated 2.7.3 release.","references":[{"reference_url":"http://packetstormsecurity.com/files/168186/Xalan-J-XSLTC-Integer-Truncation.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://packetstormsecurity.com/files/168186/Xalan-J-XSLTC-Integer-Truncation.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-34169.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-34169.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-34169","reference_id":"","reference_type":"","scores":[{"value":"0.06658","scoring_system":"epss","scoring_elements":"0.91251","published_at":"2026-04-26T12:55:00Z"},{"value":"0.06658","scoring_system":"epss","scoring_elements":"0.9124","published_at":"2026-04-21T12:55:00Z"},{"value":"0.06658","scoring_system":"epss","scoring_elements":"0.91239","published_at":"2026-04-18T12:55:00Z"},{"value":"0.06658","scoring_system":"epss","scoring_elements":"0.91215","published_at":"2026-04-13T12:55:00Z"},{"value":"0.06658","scoring_system":"epss","scoring_elements":"0.91216","published_at":"2026-04-12T12:55:00Z"},{"value":"0.06658","scoring_system":"epss","scoring_elements":"0.91212","published_at":"2026-04-11T12:55:00Z"},{"value":"0.06658","scoring_system":"epss","scoring_elements":"0.91199","published_at":"2026-04-08T12:55:00Z"},{"value":"0.06658","scoring_system":"epss","scoring_elements":"0.91186","published_at":"2026-04-07T12:55:00Z"},{"value":"0.06658","scoring_system":"epss","scoring_elements":"0.91206","published_at":"2026-04-09T12:55:00Z"},{"value":"0.06658","scoring_system":"epss","scoring_elements":"0.91265","published_at":"2026-05-05T12:55:00Z"},{"value":"0.06658","scoring_system":"epss","scoring_elements":"0.9125","published_at":"2026-04-29T12:55:00Z"},{"value":"0.08992","scoring_system":"epss","scoring_elements":"0.92585","published_at":"2026-04-02T12:55:00Z"},{"value":"0.08992","scoring_system":"epss","scoring_elements":"0.92592","published_at":"2026-04-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-34169"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21540","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21540"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21541","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21541"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21549","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21549"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34169","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34169"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://gitbox.apache.org/repos/asf?p=xalan-java.git","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://gitbox.apache.org/repos/asf?p=xalan-java.git"},{"reference_url":"https://gitbox.apache.org/repos/asf?p=xalan-java.git;a=commit;h=2e60d0a9a5b822c4abf9051857973b1c6babfe81","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://gitbox.apache.org/repos/asf?p=xalan-java.git;a=commit;h=2e60d0a9a5b822c4abf9051857973b1c6babfe81"},{"reference_url":"https://gitbox.apache.org/repos/asf?p=xalan-java.git;a=commit;h=ab57211e5d2e97cbed06786f919fa9b749c83573","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://gitbox.apache.org/repos/asf?p=xalan-java.git;a=commit;h=ab57211e5d2e97cbed06786f919fa9b749c83573"},{"reference_url":"https://gitbox.apache.org/repos/asf?p=xalan-java.git;a=commit;h=da3e0d06b467247643ce04e88d3346739d119f21","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://gitbox.apache.org/repos/asf?p=xalan-java.git;a=commit;h=da3e0d06b467247643ce04e88d3346739d119f21"},{"reference_url":"https://lists.apache.org/thread/12pxy4phsry6c34x2ol4fft6xlho4kyw","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread/12pxy4phsry6c34x2ol4fft6xlho4kyw"},{"reference_url":"https://lists.apache.org/thread/2qvl7r43wb4t8p9dd9om1bnkssk07sn8","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread/2qvl7r43wb4t8p9dd9om1bnkssk07sn8"},{"reference_url":"https://lists.apache.org/thread/x3f7xv3p1g32qj2hlg8wd57pwcpld471","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread/x3f7xv3p1g32qj2hlg8wd57pwcpld471"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2022/10/msg00024.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.debian.org/debian-lts-announce/2022/10/msg00024.html"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/H4YNJSJ64NPCNKFPNBYITNZU5H3L4D6L","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/H4YNJSJ64NPCNKFPNBYITNZU5H3L4D6L"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I5OZNAZJ4YHLOKRRRZSWRT5OJ25E4XLM","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I5OZNAZJ4YHLOKRRRZSWRT5OJ25E4XLM"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JN3EVGR7FD3ZLV5SBTJXUIDCMSK4QUE2","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JN3EVGR7FD3ZLV5SBTJXUIDCMSK4QUE2"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KO3DXNKZ4EU3UZBT6AAR4XRKCD73KLMO","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KO3DXNKZ4EU3UZBT6AAR4XRKCD73KLMO"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L3XPOTPPBZIPFBZHQE5E7OW6PDACUMCJ","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L3XPOTPPBZIPFBZHQE5E7OW6PDACUMCJ"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YULPNO3PAWMEQQZV2C54I3H3ZOXFZUTB","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YULPNO3PAWMEQQZV2C54I3H3ZOXFZUTB"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/H4YNJSJ64NPCNKFPNBYITNZU5H3L4D6L","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/H4YNJSJ64NPCNKFPNBYITNZU5H3L4D6L"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I5OZNAZJ4YHLOKRRRZSWRT5OJ25E4XLM","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I5OZNAZJ4YHLOKRRRZSWRT5OJ25E4XLM"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JN3EVGR7FD3ZLV5SBTJXUIDCMSK4QUE2","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JN3EVGR7FD3ZLV5SBTJXUIDCMSK4QUE2"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KO3DXNKZ4EU3UZBT6AAR4XRKCD73KLMO","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KO3DXNKZ4EU3UZBT6AAR4XRKCD73KLMO"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L3XPOTPPBZIPFBZHQE5E7OW6PDACUMCJ","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L3XPOTPPBZIPFBZHQE5E7OW6PDACUMCJ"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YULPNO3PAWMEQQZV2C54I3H3ZOXFZUTB","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YULPNO3PAWMEQQZV2C54I3H3ZOXFZUTB"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-34169","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-34169"},{"reference_url":"https://security.gentoo.org/glsa/202401-25","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.gentoo.org/glsa/202401-25"},{"reference_url":"https://security.netapp.com/advisory/ntap-20220729-0009","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.netapp.com/advisory/ntap-20220729-0009"},{"reference_url":"https://security.netapp.com/advisory/ntap-20240621-0006","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.netapp.com/advisory/ntap-20240621-0006"},{"reference_url":"https://www.debian.org/security/2022/dsa-5188","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.debian.org/security/2022/dsa-5188"},{"reference_url":"https://www.debian.org/security/2022/dsa-5192","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.debian.org/security/2022/dsa-5192"},{"reference_url":"https://www.debian.org/security/2022/dsa-5256","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.debian.org/security/2022/dsa-5256"},{"reference_url":"https://www.oracle.com/security-alerts/cpujul2022.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.oracle.com/security-alerts/cpujul2022.html"},{"reference_url":"https://xalan.apache.org","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://xalan.apache.org"},{"reference_url":"http://www.openwall.com/lists/oss-security/2022/07/19/5","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2022/07/19/5"},{"reference_url":"http://www.openwall.com/lists/oss-security/2022/07/19/6","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2022/07/19/6"},{"reference_url":"http://www.openwall.com/lists/oss-security/2022/07/20/2","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2022/07/20/2"},{"reference_url":"http://www.openwall.com/lists/oss-security/2022/07/20/3","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2022/07/20/3"},{"reference_url":"http://www.openwall.com/lists/oss-security/2022/10/18/2","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2022/10/18/2"},{"reference_url":"http://www.openwall.com/lists/oss-security/2022/11/04/8","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2022/11/04/8"},{"reference_url":"http://www.openwall.com/lists/oss-security/2022/11/07/2","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2022/11/07/2"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1015860","reference_id":"1015860","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1015860"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2108554","reference_id":"2108554","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2108554"},{"reference_url":"https://github.com/advisories/GHSA-9339-86wc-4qgf","reference_id":"GHSA-9339-86wc-4qgf","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-9339-86wc-4qgf"},{"reference_url":"https://security.gentoo.org/glsa/202405-16","reference_id":"GLSA-202405-16","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202405-16"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5681","reference_id":"RHSA-2022:5681","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5681"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5683","reference_id":"RHSA-2022:5683","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5683"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5684","reference_id":"RHSA-2022:5684","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5684"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5685","reference_id":"RHSA-2022:5685","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5685"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5687","reference_id":"RHSA-2022:5687","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5687"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5695","reference_id":"RHSA-2022:5695","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5695"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5696","reference_id":"RHSA-2022:5696","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5696"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5697","reference_id":"RHSA-2022:5697","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5697"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5698","reference_id":"RHSA-2022:5698","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5698"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5700","reference_id":"RHSA-2022:5700","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5700"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5701","reference_id":"RHSA-2022:5701","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5701"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5709","reference_id":"RHSA-2022:5709","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5709"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5726","reference_id":"RHSA-2022:5726","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5726"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5736","reference_id":"RHSA-2022:5736","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5736"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5753","reference_id":"RHSA-2022:5753","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5753"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5754","reference_id":"RHSA-2022:5754","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5754"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5755","reference_id":"RHSA-2022:5755","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5755"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5756","reference_id":"RHSA-2022:5756","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5756"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5757","reference_id":"RHSA-2022:5757","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5757"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5758","reference_id":"RHSA-2022:5758","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5758"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:3708","reference_id":"RHSA-2024:3708","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:3708"},{"reference_url":"https://usn.ubuntu.com/5546-1/","reference_id":"USN-5546-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5546-1/"},{"reference_url":"https://usn.ubuntu.com/5546-2/","reference_id":"USN-5546-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5546-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/933614?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.4%2B8-1~deb11u1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.4%252B8-1~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933613?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.4%2B8-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.4%252B8-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933604?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.12%2B7-2~deb11u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1gha-995s-7qdg"},{"vulnerability":"VCID-57sd-8y93-qqhu"},{"vulnerability":"VCID-6r1k-8y1c-q7fm"},{"vulnerability":"VCID-jxgd-j4wr-tyb7"},{"vulnerability":"VCID-sz6r-65q1-q3bh"},{"vulnerability":"VCID-xte1-h9nn-4bbk"},{"vulnerability":"VCID-zsun-4q6p-8fek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.12%252B7-2~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933602?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1gha-995s-7qdg"},{"vulnerability":"VCID-57sd-8y93-qqhu"},{"vulnerability":"VCID-6r1k-8y1c-q7fm"},{"vulnerability":"VCID-jxgd-j4wr-tyb7"},{"vulnerability":"VCID-sz6r-65q1-q3bh"},{"vulnerability":"VCID-xte1-h9nn-4bbk"},{"vulnerability":"VCID-zsun-4q6p-8fek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.17%252B10-1~deb12u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933605?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~6ea-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~6ea-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1062446?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~9ea-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1067592?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~9ea-2?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-2%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1077466?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19%2B10-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19%252B10-1%3Fdistro=sid"}],"aliases":["CVE-2022-34169","GHSA-9339-86wc-4qgf"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-rfs8-njaq-qkc8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/34362?format=json","vulnerability_id":"VCID-rgbz-akft-f7e6","summary":"Multiple vulnerabilities have been found in OpenJDK, the worst of which could result in denial of service.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21296.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21296.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-21296","reference_id":"","reference_type":"","scores":[{"value":"0.00133","scoring_system":"epss","scoring_elements":"0.33007","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00133","scoring_system":"epss","scoring_elements":"0.33041","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00133","scoring_system":"epss","scoring_elements":"0.32871","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00133","scoring_system":"epss","scoring_elements":"0.32918","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00133","scoring_system":"epss","scoring_elements":"0.32948","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00133","scoring_system":"epss","scoring_elements":"0.3295","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00133","scoring_system":"epss","scoring_elements":"0.32912","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00133","scoring_system":"epss","scoring_elements":"0.32887","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00133","scoring_system":"epss","scoring_elements":"0.32926","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00133","scoring_system":"epss","scoring_elements":"0.32904","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00133","scoring_system":"epss","scoring_elements":"0.32868","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00133","scoring_system":"epss","scoring_elements":"0.32721","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00133","scoring_system":"epss","scoring_elements":"0.32606","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00133","scoring_system":"epss","scoring_elements":"0.32523","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00133","scoring_system":"epss","scoring_elements":"0.32384","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-21296"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21248","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21248"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21277","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21277"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21282","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21282"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21283","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21283"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21291","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21291"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21293","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21293"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21294","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21294"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21296","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21296"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21299","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21299"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21305","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21305"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21340","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21340"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21341","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21341"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21360","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21360"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21365","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21365"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21366","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21366"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2041439","reference_id":"2041439","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2041439"},{"reference_url":"https://security.gentoo.org/glsa/202209-05","reference_id":"GLSA-202209-05","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202209-05"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0161","reference_id":"RHSA-2022:0161","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0161"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0165","reference_id":"RHSA-2022:0165","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0165"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0166","reference_id":"RHSA-2022:0166","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0166"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0185","reference_id":"RHSA-2022:0185","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0185"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0204","reference_id":"RHSA-2022:0204","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0204"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0209","reference_id":"RHSA-2022:0209","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0209"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0211","reference_id":"RHSA-2022:0211","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0211"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0228","reference_id":"RHSA-2022:0228","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0228"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0229","reference_id":"RHSA-2022:0229","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0229"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0233","reference_id":"RHSA-2022:0233","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0233"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0304","reference_id":"RHSA-2022:0304","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0304"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0305","reference_id":"RHSA-2022:0305","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0305"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0306","reference_id":"RHSA-2022:0306","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0306"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0307","reference_id":"RHSA-2022:0307","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0307"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0312","reference_id":"RHSA-2022:0312","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0312"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0317","reference_id":"RHSA-2022:0317","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0317"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0321","reference_id":"RHSA-2022:0321","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0321"},{"reference_url":"https://usn.ubuntu.com/5313-1/","reference_id":"USN-5313-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5313-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/933610?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.2%2B8-1~deb11u1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.2%252B8-1~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933609?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.2%2B8-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.2%252B8-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933604?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.12%2B7-2~deb11u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1gha-995s-7qdg"},{"vulnerability":"VCID-57sd-8y93-qqhu"},{"vulnerability":"VCID-6r1k-8y1c-q7fm"},{"vulnerability":"VCID-jxgd-j4wr-tyb7"},{"vulnerability":"VCID-sz6r-65q1-q3bh"},{"vulnerability":"VCID-xte1-h9nn-4bbk"},{"vulnerability":"VCID-zsun-4q6p-8fek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.12%252B7-2~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933602?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1gha-995s-7qdg"},{"vulnerability":"VCID-57sd-8y93-qqhu"},{"vulnerability":"VCID-6r1k-8y1c-q7fm"},{"vulnerability":"VCID-jxgd-j4wr-tyb7"},{"vulnerability":"VCID-sz6r-65q1-q3bh"},{"vulnerability":"VCID-xte1-h9nn-4bbk"},{"vulnerability":"VCID-zsun-4q6p-8fek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.17%252B10-1~deb12u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933605?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~6ea-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~6ea-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1062446?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~9ea-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1067592?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~9ea-2?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-2%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1077466?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19%2B10-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19%252B10-1%3Fdistro=sid"}],"aliases":["CVE-2022-21296"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-rgbz-akft-f7e6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/74713?format=json","vulnerability_id":"VCID-rggy-f3va-mfay","summary":"OpenJDK: RangeCheckElimination array index overflow (8323231)","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21147.json","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21147.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-21147","reference_id":"","reference_type":"","scores":[{"value":"0.00721","scoring_system":"epss","scoring_elements":"0.72562","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00721","scoring_system":"epss","scoring_elements":"0.72531","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00721","scoring_system":"epss","scoring_elements":"0.72521","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00721","scoring_system":"epss","scoring_elements":"0.72563","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00721","scoring_system":"epss","scoring_elements":"0.72571","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00721","scoring_system":"epss","scoring_elements":"0.72569","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00721","scoring_system":"epss","scoring_elements":"0.7244","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00721","scoring_system":"epss","scoring_elements":"0.72458","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00721","scoring_system":"epss","scoring_elements":"0.72434","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00721","scoring_system":"epss","scoring_elements":"0.72472","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00721","scoring_system":"epss","scoring_elements":"0.72485","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00721","scoring_system":"epss","scoring_elements":"0.72508","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00721","scoring_system":"epss","scoring_elements":"0.7249","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00721","scoring_system":"epss","scoring_elements":"0.7248","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00721","scoring_system":"epss","scoring_elements":"0.72522","published_at":"2026-04-16T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-21147"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21131","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21131"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21138","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21138"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21140","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21140"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21144","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21144"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21145","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21145"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21147","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21147"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2297977","reference_id":"2297977","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2297977"},{"reference_url":"https://www.oracle.com/security-alerts/cpujul2024.html","reference_id":"cpujul2024.html","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-17T13:58:31Z/"}],"url":"https://www.oracle.com/security-alerts/cpujul2024.html"},{"reference_url":"https://security.netapp.com/advisory/ntap-20240719-0008/","reference_id":"ntap-20240719-0008","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-17T13:58:31Z/"}],"url":"https://security.netapp.com/advisory/ntap-20240719-0008/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4560","reference_id":"RHSA-2024:4560","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4560"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4561","reference_id":"RHSA-2024:4561","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4561"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4562","reference_id":"RHSA-2024:4562","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4562"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4563","reference_id":"RHSA-2024:4563","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4563"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4564","reference_id":"RHSA-2024:4564","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4564"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4565","reference_id":"RHSA-2024:4565","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4565"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4566","reference_id":"RHSA-2024:4566","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4566"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4567","reference_id":"RHSA-2024:4567","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4567"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4568","reference_id":"RHSA-2024:4568","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4568"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4569","reference_id":"RHSA-2024:4569","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4569"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4570","reference_id":"RHSA-2024:4570","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4570"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4571","reference_id":"RHSA-2024:4571","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4571"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4572","reference_id":"RHSA-2024:4572","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4572"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4573","reference_id":"RHSA-2024:4573","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4573"},{"reference_url":"https://usn.ubuntu.com/6929-1/","reference_id":"USN-6929-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6929-1/"},{"reference_url":"https://usn.ubuntu.com/6930-1/","reference_id":"USN-6930-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6930-1/"},{"reference_url":"https://usn.ubuntu.com/6931-1/","reference_id":"USN-6931-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6931-1/"},{"reference_url":"https://usn.ubuntu.com/6932-1/","reference_id":"USN-6932-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6932-1/"},{"reference_url":"https://usn.ubuntu.com/7096-1/","reference_id":"USN-7096-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7096-1/"},{"reference_url":"https://usn.ubuntu.com/7097-1/","reference_id":"USN-7097-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7097-1/"},{"reference_url":"https://usn.ubuntu.com/7098-1/","reference_id":"USN-7098-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7098-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/933633?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.12%2B7-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.12%252B7-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933604?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.12%2B7-2~deb11u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1gha-995s-7qdg"},{"vulnerability":"VCID-57sd-8y93-qqhu"},{"vulnerability":"VCID-6r1k-8y1c-q7fm"},{"vulnerability":"VCID-jxgd-j4wr-tyb7"},{"vulnerability":"VCID-sz6r-65q1-q3bh"},{"vulnerability":"VCID-xte1-h9nn-4bbk"},{"vulnerability":"VCID-zsun-4q6p-8fek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.12%252B7-2~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933632?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.12%2B7-2~deb12u1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.12%252B7-2~deb12u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933602?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1gha-995s-7qdg"},{"vulnerability":"VCID-57sd-8y93-qqhu"},{"vulnerability":"VCID-6r1k-8y1c-q7fm"},{"vulnerability":"VCID-jxgd-j4wr-tyb7"},{"vulnerability":"VCID-sz6r-65q1-q3bh"},{"vulnerability":"VCID-xte1-h9nn-4bbk"},{"vulnerability":"VCID-zsun-4q6p-8fek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.17%252B10-1~deb12u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933605?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~6ea-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~6ea-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1062446?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~9ea-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1067592?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~9ea-2?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-2%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1077466?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19%2B10-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19%252B10-1%3Fdistro=sid"}],"aliases":["CVE-2024-21147"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-rggy-f3va-mfay"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/34365?format=json","vulnerability_id":"VCID-shg1-t3nh-67hk","summary":"Multiple vulnerabilities have been found in OpenJDK, the worst of which could result in denial of service.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21305.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21305.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-21305","reference_id":"","reference_type":"","scores":[{"value":"0.00231","scoring_system":"epss","scoring_elements":"0.45854","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00231","scoring_system":"epss","scoring_elements":"0.45875","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00231","scoring_system":"epss","scoring_elements":"0.45825","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00231","scoring_system":"epss","scoring_elements":"0.45881","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00231","scoring_system":"epss","scoring_elements":"0.45878","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00231","scoring_system":"epss","scoring_elements":"0.459","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00231","scoring_system":"epss","scoring_elements":"0.4587","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00231","scoring_system":"epss","scoring_elements":"0.45877","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00231","scoring_system":"epss","scoring_elements":"0.4593","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00231","scoring_system":"epss","scoring_elements":"0.45924","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00231","scoring_system":"epss","scoring_elements":"0.45799","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00231","scoring_system":"epss","scoring_elements":"0.45809","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00231","scoring_system":"epss","scoring_elements":"0.45751","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00231","scoring_system":"epss","scoring_elements":"0.45645","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-21305"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21248","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21248"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21277","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21277"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21282","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21282"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21283","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21283"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21291","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21291"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21293","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21293"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21294","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21294"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21296","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21296"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21299","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21299"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21305","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21305"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21340","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21340"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21341","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21341"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21360","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21360"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21365","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21365"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21366","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21366"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2041878","reference_id":"2041878","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2041878"},{"reference_url":"https://security.gentoo.org/glsa/202209-05","reference_id":"GLSA-202209-05","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202209-05"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0161","reference_id":"RHSA-2022:0161","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0161"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0165","reference_id":"RHSA-2022:0165","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0165"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0166","reference_id":"RHSA-2022:0166","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0166"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0185","reference_id":"RHSA-2022:0185","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0185"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0204","reference_id":"RHSA-2022:0204","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0204"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0209","reference_id":"RHSA-2022:0209","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0209"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0211","reference_id":"RHSA-2022:0211","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0211"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0228","reference_id":"RHSA-2022:0228","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0228"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0229","reference_id":"RHSA-2022:0229","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0229"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0233","reference_id":"RHSA-2022:0233","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0233"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0304","reference_id":"RHSA-2022:0304","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0304"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0305","reference_id":"RHSA-2022:0305","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0305"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0306","reference_id":"RHSA-2022:0306","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0306"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0307","reference_id":"RHSA-2022:0307","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0307"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0312","reference_id":"RHSA-2022:0312","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0312"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0317","reference_id":"RHSA-2022:0317","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0317"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0321","reference_id":"RHSA-2022:0321","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0321"},{"reference_url":"https://usn.ubuntu.com/5313-1/","reference_id":"USN-5313-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5313-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/933610?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.2%2B8-1~deb11u1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.2%252B8-1~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933609?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.2%2B8-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.2%252B8-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933604?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.12%2B7-2~deb11u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1gha-995s-7qdg"},{"vulnerability":"VCID-57sd-8y93-qqhu"},{"vulnerability":"VCID-6r1k-8y1c-q7fm"},{"vulnerability":"VCID-jxgd-j4wr-tyb7"},{"vulnerability":"VCID-sz6r-65q1-q3bh"},{"vulnerability":"VCID-xte1-h9nn-4bbk"},{"vulnerability":"VCID-zsun-4q6p-8fek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.12%252B7-2~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933602?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1gha-995s-7qdg"},{"vulnerability":"VCID-57sd-8y93-qqhu"},{"vulnerability":"VCID-6r1k-8y1c-q7fm"},{"vulnerability":"VCID-jxgd-j4wr-tyb7"},{"vulnerability":"VCID-sz6r-65q1-q3bh"},{"vulnerability":"VCID-xte1-h9nn-4bbk"},{"vulnerability":"VCID-zsun-4q6p-8fek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.17%252B10-1~deb12u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933605?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~6ea-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~6ea-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1062446?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~9ea-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1067592?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~9ea-2?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-2%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1077466?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19%2B10-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19%252B10-1%3Fdistro=sid"}],"aliases":["CVE-2022-21305"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-shg1-t3nh-67hk"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/353829?format=json","vulnerability_id":"VCID-sz6r-65q1-q3bh","summary":"Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE). Supported versions that are affected are Oracle Java SE: 8u481, 8u481-b50, 8u481-perf, 11.0.30, 17.0.18, 21.0.10, 25.0.2, 26; Oracle GraalVM for JDK: 17.0.18 and 21.0.10; Oracle GraalVM Enterprise Edition: 21.3.17. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. CVSS 3.1 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-22021.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-22021.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-22021","reference_id":"","reference_type":"","scores":[{"value":"0.00039","scoring_system":"epss","scoring_elements":"0.11627","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00039","scoring_system":"epss","scoring_elements":"0.11666","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00047","scoring_system":"epss","scoring_elements":"0.14194","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00047","scoring_system":"epss","scoring_elements":"0.14332","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-22021"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-22021","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-22021"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1134894","reference_id":"1134894","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1134894"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2460042","reference_id":"2460042","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2460042"},{"reference_url":"https://www.oracle.com/security-alerts/cpuapr2026.html","reference_id":"cpuapr2026.html","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-22T13:58:16Z/"}],"url":"https://www.oracle.com/security-alerts/cpuapr2026.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11403","reference_id":"RHSA-2026:11403","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:11403"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11655","reference_id":"RHSA-2026:11655","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:11655"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11822","reference_id":"RHSA-2026:11822","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:11822"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11829","reference_id":"RHSA-2026:11829","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:11829"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11902","reference_id":"RHSA-2026:11902","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:11902"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9254","reference_id":"RHSA-2026:9254","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9254"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9255","reference_id":"RHSA-2026:9255","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9255"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9256","reference_id":"RHSA-2026:9256","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9256"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9682","reference_id":"RHSA-2026:9682","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9682"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9683","reference_id":"RHSA-2026:9683","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9683"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9684","reference_id":"RHSA-2026:9684","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9684"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9685","reference_id":"RHSA-2026:9685","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9685"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9686","reference_id":"RHSA-2026:9686","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9686"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9687","reference_id":"RHSA-2026:9687","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9687"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9688","reference_id":"RHSA-2026:9688","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9688"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9689","reference_id":"RHSA-2026:9689","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9689"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9690","reference_id":"RHSA-2026:9690","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9690"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9691","reference_id":"RHSA-2026:9691","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9691"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9693","reference_id":"RHSA-2026:9693","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9693"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9694","reference_id":"RHSA-2026:9694","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9694"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1103025?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19%2B10-1~deb11u1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19%252B10-1~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933604?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.12%2B7-2~deb11u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1gha-995s-7qdg"},{"vulnerability":"VCID-57sd-8y93-qqhu"},{"vulnerability":"VCID-6r1k-8y1c-q7fm"},{"vulnerability":"VCID-jxgd-j4wr-tyb7"},{"vulnerability":"VCID-sz6r-65q1-q3bh"},{"vulnerability":"VCID-xte1-h9nn-4bbk"},{"vulnerability":"VCID-zsun-4q6p-8fek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.12%252B7-2~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933602?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1gha-995s-7qdg"},{"vulnerability":"VCID-57sd-8y93-qqhu"},{"vulnerability":"VCID-6r1k-8y1c-q7fm"},{"vulnerability":"VCID-jxgd-j4wr-tyb7"},{"vulnerability":"VCID-sz6r-65q1-q3bh"},{"vulnerability":"VCID-xte1-h9nn-4bbk"},{"vulnerability":"VCID-zsun-4q6p-8fek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.17%252B10-1~deb12u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1088715?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19%2B10-1~deb12u2?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19%252B10-1~deb12u2%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1077466?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19%2B10-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19%252B10-1%3Fdistro=sid"}],"aliases":["CVE-2026-22021"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-sz6r-65q1-q3bh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60301?format=json","vulnerability_id":"VCID-t4r8-ujpb-5kdk","summary":"Multiple vulnerabilities have been discovered in OpenJDK, the worst of which can lead to remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21541.json","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21541.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-21541","reference_id":"","reference_type":"","scores":[{"value":"0.00401","scoring_system":"epss","scoring_elements":"0.60711","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00401","scoring_system":"epss","scoring_elements":"0.60739","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00401","scoring_system":"epss","scoring_elements":"0.60741","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00401","scoring_system":"epss","scoring_elements":"0.60706","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00401","scoring_system":"epss","scoring_elements":"0.60755","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00401","scoring_system":"epss","scoring_elements":"0.6077","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00401","scoring_system":"epss","scoring_elements":"0.60795","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00401","scoring_system":"epss","scoring_elements":"0.60781","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00401","scoring_system":"epss","scoring_elements":"0.60761","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00401","scoring_system":"epss","scoring_elements":"0.60804","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00401","scoring_system":"epss","scoring_elements":"0.60809","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00401","scoring_system":"epss","scoring_elements":"0.60794","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00401","scoring_system":"epss","scoring_elements":"0.60782","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00401","scoring_system":"epss","scoring_elements":"0.60787","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-21541"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21540","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21540"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21541","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21541"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21549","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21549"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34169","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34169"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2108543","reference_id":"2108543","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2108543"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/H4YNJSJ64NPCNKFPNBYITNZU5H3L4D6L/","reference_id":"H4YNJSJ64NPCNKFPNBYITNZU5H3L4D6L","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-11T20:42:01Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/H4YNJSJ64NPCNKFPNBYITNZU5H3L4D6L/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I5OZNAZJ4YHLOKRRRZSWRT5OJ25E4XLM/","reference_id":"I5OZNAZJ4YHLOKRRRZSWRT5OJ25E4XLM","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-11T20:42:01Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I5OZNAZJ4YHLOKRRRZSWRT5OJ25E4XLM/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JN3EVGR7FD3ZLV5SBTJXUIDCMSK4QUE2/","reference_id":"JN3EVGR7FD3ZLV5SBTJXUIDCMSK4QUE2","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-11T20:42:01Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JN3EVGR7FD3ZLV5SBTJXUIDCMSK4QUE2/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KO3DXNKZ4EU3UZBT6AAR4XRKCD73KLMO/","reference_id":"KO3DXNKZ4EU3UZBT6AAR4XRKCD73KLMO","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-11T20:42:01Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KO3DXNKZ4EU3UZBT6AAR4XRKCD73KLMO/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L3XPOTPPBZIPFBZHQE5E7OW6PDACUMCJ/","reference_id":"L3XPOTPPBZIPFBZHQE5E7OW6PDACUMCJ","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-11T20:42:01Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L3XPOTPPBZIPFBZHQE5E7OW6PDACUMCJ/"},{"reference_url":"https://security.netapp.com/advisory/ntap-20220729-0009/","reference_id":"ntap-20220729-0009","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-11T20:42:01Z/"}],"url":"https://security.netapp.com/advisory/ntap-20220729-0009/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5681","reference_id":"RHSA-2022:5681","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5681"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5683","reference_id":"RHSA-2022:5683","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5683"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5684","reference_id":"RHSA-2022:5684","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5684"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5685","reference_id":"RHSA-2022:5685","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5685"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5687","reference_id":"RHSA-2022:5687","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5687"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5695","reference_id":"RHSA-2022:5695","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5695"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5696","reference_id":"RHSA-2022:5696","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5696"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5697","reference_id":"RHSA-2022:5697","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5697"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5698","reference_id":"RHSA-2022:5698","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5698"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5700","reference_id":"RHSA-2022:5700","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5700"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5701","reference_id":"RHSA-2022:5701","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5701"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5709","reference_id":"RHSA-2022:5709","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5709"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5726","reference_id":"RHSA-2022:5726","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5726"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5736","reference_id":"RHSA-2022:5736","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5736"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5753","reference_id":"RHSA-2022:5753","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5753"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5754","reference_id":"RHSA-2022:5754","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5754"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5755","reference_id":"RHSA-2022:5755","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5755"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5756","reference_id":"RHSA-2022:5756","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5756"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5757","reference_id":"RHSA-2022:5757","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5757"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5758","reference_id":"RHSA-2022:5758","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5758"},{"reference_url":"https://usn.ubuntu.com/5546-1/","reference_id":"USN-5546-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5546-1/"},{"reference_url":"https://usn.ubuntu.com/5546-2/","reference_id":"USN-5546-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5546-2/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YULPNO3PAWMEQQZV2C54I3H3ZOXFZUTB/","reference_id":"YULPNO3PAWMEQQZV2C54I3H3ZOXFZUTB","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-11T20:42:01Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YULPNO3PAWMEQQZV2C54I3H3ZOXFZUTB/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/933614?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.4%2B8-1~deb11u1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.4%252B8-1~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933613?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.4%2B8-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.4%252B8-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933604?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.12%2B7-2~deb11u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1gha-995s-7qdg"},{"vulnerability":"VCID-57sd-8y93-qqhu"},{"vulnerability":"VCID-6r1k-8y1c-q7fm"},{"vulnerability":"VCID-jxgd-j4wr-tyb7"},{"vulnerability":"VCID-sz6r-65q1-q3bh"},{"vulnerability":"VCID-xte1-h9nn-4bbk"},{"vulnerability":"VCID-zsun-4q6p-8fek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.12%252B7-2~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933602?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1gha-995s-7qdg"},{"vulnerability":"VCID-57sd-8y93-qqhu"},{"vulnerability":"VCID-6r1k-8y1c-q7fm"},{"vulnerability":"VCID-jxgd-j4wr-tyb7"},{"vulnerability":"VCID-sz6r-65q1-q3bh"},{"vulnerability":"VCID-xte1-h9nn-4bbk"},{"vulnerability":"VCID-zsun-4q6p-8fek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.17%252B10-1~deb12u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933605?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~6ea-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~6ea-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1062446?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~9ea-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1067592?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~9ea-2?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-2%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1077466?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19%2B10-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19%252B10-1%3Fdistro=sid"}],"aliases":["CVE-2022-21541"],"risk_score":2.6,"exploitability":"0.5","weighted_severity":"5.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-t4r8-ujpb-5kdk"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/34357?format=json","vulnerability_id":"VCID-tna8-m3b1-nkhn","summary":"Multiple vulnerabilities have been found in OpenJDK, the worst of which could result in denial of service.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21291.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21291.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-21291","reference_id":"","reference_type":"","scores":[{"value":"0.00126","scoring_system":"epss","scoring_elements":"0.32017","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00126","scoring_system":"epss","scoring_elements":"0.32057","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00133","scoring_system":"epss","scoring_elements":"0.32861","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00133","scoring_system":"epss","scoring_elements":"0.32862","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00133","scoring_system":"epss","scoring_elements":"0.32824","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00133","scoring_system":"epss","scoring_elements":"0.32799","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00133","scoring_system":"epss","scoring_elements":"0.32841","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00133","scoring_system":"epss","scoring_elements":"0.32818","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00133","scoring_system":"epss","scoring_elements":"0.32783","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00133","scoring_system":"epss","scoring_elements":"0.32632","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00133","scoring_system":"epss","scoring_elements":"0.32517","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00133","scoring_system":"epss","scoring_elements":"0.32434","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00133","scoring_system":"epss","scoring_elements":"0.32298","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00133","scoring_system":"epss","scoring_elements":"0.32785","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00133","scoring_system":"epss","scoring_elements":"0.32832","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-21291"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21248","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21248"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21277","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21277"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21282","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21282"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21283","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21283"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21291","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21291"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21293","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21293"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21294","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21294"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21296","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21296"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21299","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21299"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21305","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21305"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21340","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21340"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21341","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21341"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21360","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21360"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21365","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21365"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21366","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21366"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2041831","reference_id":"2041831","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2041831"},{"reference_url":"https://security.gentoo.org/glsa/202209-05","reference_id":"GLSA-202209-05","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202209-05"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0161","reference_id":"RHSA-2022:0161","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0161"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0165","reference_id":"RHSA-2022:0165","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0165"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0166","reference_id":"RHSA-2022:0166","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0166"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0185","reference_id":"RHSA-2022:0185","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0185"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0204","reference_id":"RHSA-2022:0204","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0204"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0209","reference_id":"RHSA-2022:0209","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0209"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0211","reference_id":"RHSA-2022:0211","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0211"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0228","reference_id":"RHSA-2022:0228","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0228"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0229","reference_id":"RHSA-2022:0229","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0229"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0233","reference_id":"RHSA-2022:0233","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0233"},{"reference_url":"https://usn.ubuntu.com/5313-1/","reference_id":"USN-5313-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5313-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/933610?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.2%2B8-1~deb11u1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.2%252B8-1~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933609?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.2%2B8-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.2%252B8-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933604?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.12%2B7-2~deb11u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1gha-995s-7qdg"},{"vulnerability":"VCID-57sd-8y93-qqhu"},{"vulnerability":"VCID-6r1k-8y1c-q7fm"},{"vulnerability":"VCID-jxgd-j4wr-tyb7"},{"vulnerability":"VCID-sz6r-65q1-q3bh"},{"vulnerability":"VCID-xte1-h9nn-4bbk"},{"vulnerability":"VCID-zsun-4q6p-8fek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.12%252B7-2~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933602?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1gha-995s-7qdg"},{"vulnerability":"VCID-57sd-8y93-qqhu"},{"vulnerability":"VCID-6r1k-8y1c-q7fm"},{"vulnerability":"VCID-jxgd-j4wr-tyb7"},{"vulnerability":"VCID-sz6r-65q1-q3bh"},{"vulnerability":"VCID-xte1-h9nn-4bbk"},{"vulnerability":"VCID-zsun-4q6p-8fek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.17%252B10-1~deb12u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933605?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~6ea-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~6ea-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1062446?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~9ea-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1067592?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~9ea-2?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-2%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1077466?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19%2B10-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19%252B10-1%3Fdistro=sid"}],"aliases":["CVE-2022-21291"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-tna8-m3b1-nkhn"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/34367?format=json","vulnerability_id":"VCID-tr4r-wm4s-auej","summary":"Multiple vulnerabilities have been found in OpenJDK, the worst of which could result in denial of service.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21340.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21340.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-21340","reference_id":"","reference_type":"","scores":[{"value":"0.06446","scoring_system":"epss","scoring_elements":"0.91022","published_at":"2026-04-02T12:55:00Z"},{"value":"0.06446","scoring_system":"epss","scoring_elements":"0.91031","published_at":"2026-04-04T12:55:00Z"},{"value":"0.06446","scoring_system":"epss","scoring_elements":"0.9104","published_at":"2026-04-07T12:55:00Z"},{"value":"0.06446","scoring_system":"epss","scoring_elements":"0.91052","published_at":"2026-04-08T12:55:00Z"},{"value":"0.06446","scoring_system":"epss","scoring_elements":"0.91059","published_at":"2026-04-09T12:55:00Z"},{"value":"0.06446","scoring_system":"epss","scoring_elements":"0.91067","published_at":"2026-04-13T12:55:00Z"},{"value":"0.06446","scoring_system":"epss","scoring_elements":"0.91091","published_at":"2026-04-18T12:55:00Z"},{"value":"0.06446","scoring_system":"epss","scoring_elements":"0.91093","published_at":"2026-04-21T12:55:00Z"},{"value":"0.06446","scoring_system":"epss","scoring_elements":"0.91106","published_at":"2026-04-24T12:55:00Z"},{"value":"0.06446","scoring_system":"epss","scoring_elements":"0.91104","published_at":"2026-04-26T12:55:00Z"},{"value":"0.06446","scoring_system":"epss","scoring_elements":"0.91099","published_at":"2026-04-29T12:55:00Z"},{"value":"0.06446","scoring_system":"epss","scoring_elements":"0.91115","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-21340"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21248","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21248"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21277","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21277"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21282","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21282"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21283","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21283"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21291","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21291"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21293","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21293"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21294","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21294"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21296","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21296"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21299","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21299"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21305","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21305"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21340","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21340"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21341","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21341"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21360","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21360"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21365","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21365"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21366","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21366"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2041884","reference_id":"2041884","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2041884"},{"reference_url":"https://security.gentoo.org/glsa/202209-05","reference_id":"GLSA-202209-05","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202209-05"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0161","reference_id":"RHSA-2022:0161","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0161"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0165","reference_id":"RHSA-2022:0165","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0165"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0166","reference_id":"RHSA-2022:0166","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0166"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0185","reference_id":"RHSA-2022:0185","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0185"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0204","reference_id":"RHSA-2022:0204","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0204"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0209","reference_id":"RHSA-2022:0209","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0209"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0211","reference_id":"RHSA-2022:0211","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0211"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0228","reference_id":"RHSA-2022:0228","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0228"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0229","reference_id":"RHSA-2022:0229","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0229"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0233","reference_id":"RHSA-2022:0233","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0233"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0304","reference_id":"RHSA-2022:0304","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0304"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0305","reference_id":"RHSA-2022:0305","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0305"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0306","reference_id":"RHSA-2022:0306","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0306"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0307","reference_id":"RHSA-2022:0307","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0307"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0312","reference_id":"RHSA-2022:0312","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0312"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0317","reference_id":"RHSA-2022:0317","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0317"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0321","reference_id":"RHSA-2022:0321","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0321"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0968","reference_id":"RHSA-2022:0968","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0968"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0969","reference_id":"RHSA-2022:0969","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0969"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0970","reference_id":"RHSA-2022:0970","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0970"},{"reference_url":"https://usn.ubuntu.com/5313-1/","reference_id":"USN-5313-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5313-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/933610?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.2%2B8-1~deb11u1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.2%252B8-1~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933609?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.2%2B8-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.2%252B8-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933604?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.12%2B7-2~deb11u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1gha-995s-7qdg"},{"vulnerability":"VCID-57sd-8y93-qqhu"},{"vulnerability":"VCID-6r1k-8y1c-q7fm"},{"vulnerability":"VCID-jxgd-j4wr-tyb7"},{"vulnerability":"VCID-sz6r-65q1-q3bh"},{"vulnerability":"VCID-xte1-h9nn-4bbk"},{"vulnerability":"VCID-zsun-4q6p-8fek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.12%252B7-2~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933602?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1gha-995s-7qdg"},{"vulnerability":"VCID-57sd-8y93-qqhu"},{"vulnerability":"VCID-6r1k-8y1c-q7fm"},{"vulnerability":"VCID-jxgd-j4wr-tyb7"},{"vulnerability":"VCID-sz6r-65q1-q3bh"},{"vulnerability":"VCID-xte1-h9nn-4bbk"},{"vulnerability":"VCID-zsun-4q6p-8fek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.17%252B10-1~deb12u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933605?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~6ea-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~6ea-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1062446?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~9ea-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1067592?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~9ea-2?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-2%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1077466?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19%2B10-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19%252B10-1%3Fdistro=sid"}],"aliases":["CVE-2022-21340"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-tr4r-wm4s-auej"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/70363?format=json","vulnerability_id":"VCID-u81s-cs95-4yhx","summary":"openjdk: Better TLS connection support (Oracle CPU 2025-04)","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-21587.json","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-21587.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-21587","reference_id":"","reference_type":"","scores":[{"value":"0.00575","scoring_system":"epss","scoring_elements":"0.687","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00575","scoring_system":"epss","scoring_elements":"0.68816","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00575","scoring_system":"epss","scoring_elements":"0.68825","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00575","scoring_system":"epss","scoring_elements":"0.6883","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00575","scoring_system":"epss","scoring_elements":"0.68837","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00575","scoring_system":"epss","scoring_elements":"0.68718","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00575","scoring_system":"epss","scoring_elements":"0.68696","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00575","scoring_system":"epss","scoring_elements":"0.68748","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00575","scoring_system":"epss","scoring_elements":"0.68767","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00575","scoring_system":"epss","scoring_elements":"0.68789","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00575","scoring_system":"epss","scoring_elements":"0.68775","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00575","scoring_system":"epss","scoring_elements":"0.68746","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00575","scoring_system":"epss","scoring_elements":"0.68788","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00575","scoring_system":"epss","scoring_elements":"0.68798","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00575","scoring_system":"epss","scoring_elements":"0.68776","published_at":"2026-04-21T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-21587"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21587","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21587"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103897","reference_id":"1103897","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103897"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103898","reference_id":"1103898","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103898"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103899","reference_id":"1103899","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103899"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103900","reference_id":"1103900","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103900"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2359695","reference_id":"2359695","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2359695"},{"reference_url":"https://www.oracle.com/security-alerts/cpuapr2025.html","reference_id":"cpuapr2025.html","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-17T03:55:41Z/"}],"url":"https://www.oracle.com/security-alerts/cpuapr2025.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3844","reference_id":"RHSA-2025:3844","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3844"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3845","reference_id":"RHSA-2025:3845","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3845"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3846","reference_id":"RHSA-2025:3846","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3846"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3847","reference_id":"RHSA-2025:3847","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3847"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3848","reference_id":"RHSA-2025:3848","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3848"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3849","reference_id":"RHSA-2025:3849","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3849"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3850","reference_id":"RHSA-2025:3850","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3850"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3852","reference_id":"RHSA-2025:3852","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3852"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3853","reference_id":"RHSA-2025:3853","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3853"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3854","reference_id":"RHSA-2025:3854","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3854"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3855","reference_id":"RHSA-2025:3855","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3855"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3856","reference_id":"RHSA-2025:3856","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3856"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3857","reference_id":"RHSA-2025:3857","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3857"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:7508","reference_id":"RHSA-2025:7508","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:7508"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8063","reference_id":"RHSA-2025:8063","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:8063"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8431","reference_id":"RHSA-2025:8431","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:8431"},{"reference_url":"https://usn.ubuntu.com/7480-1/","reference_id":"USN-7480-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7480-1/"},{"reference_url":"https://usn.ubuntu.com/7481-1/","reference_id":"USN-7481-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7481-1/"},{"reference_url":"https://usn.ubuntu.com/7482-1/","reference_id":"USN-7482-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7482-1/"},{"reference_url":"https://usn.ubuntu.com/7483-1/","reference_id":"USN-7483-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7483-1/"},{"reference_url":"https://usn.ubuntu.com/7484-1/","reference_id":"USN-7484-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7484-1/"},{"reference_url":"https://usn.ubuntu.com/7531-1/","reference_id":"USN-7531-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7531-1/"},{"reference_url":"https://usn.ubuntu.com/7533-1/","reference_id":"USN-7533-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7533-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/933604?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.12%2B7-2~deb11u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1gha-995s-7qdg"},{"vulnerability":"VCID-57sd-8y93-qqhu"},{"vulnerability":"VCID-6r1k-8y1c-q7fm"},{"vulnerability":"VCID-jxgd-j4wr-tyb7"},{"vulnerability":"VCID-sz6r-65q1-q3bh"},{"vulnerability":"VCID-xte1-h9nn-4bbk"},{"vulnerability":"VCID-zsun-4q6p-8fek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.12%252B7-2~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933641?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.15%2B6-1~deb11u1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.15%252B6-1~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933640?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.15%2B6-1~deb12u1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.15%252B6-1~deb12u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933642?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.15%2B6-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.15%252B6-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933602?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1gha-995s-7qdg"},{"vulnerability":"VCID-57sd-8y93-qqhu"},{"vulnerability":"VCID-6r1k-8y1c-q7fm"},{"vulnerability":"VCID-jxgd-j4wr-tyb7"},{"vulnerability":"VCID-sz6r-65q1-q3bh"},{"vulnerability":"VCID-xte1-h9nn-4bbk"},{"vulnerability":"VCID-zsun-4q6p-8fek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.17%252B10-1~deb12u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933605?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~6ea-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~6ea-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1062446?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~9ea-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1067592?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~9ea-2?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-2%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1077466?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19%2B10-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19%252B10-1%3Fdistro=sid"}],"aliases":["CVE-2025-21587"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-u81s-cs95-4yhx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/34331?format=json","vulnerability_id":"VCID-u9xe-x4f1-9fc8","summary":"Multiple vulnerabilities have been found in OpenJDK, the worst of which could result in denial of service.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-2163.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-2163.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-2163","reference_id":"","reference_type":"","scores":[{"value":"0.00097","scoring_system":"epss","scoring_elements":"0.26911","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00097","scoring_system":"epss","scoring_elements":"0.26469","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00097","scoring_system":"epss","scoring_elements":"0.26604","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00097","scoring_system":"epss","scoring_elements":"0.26673","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00097","scoring_system":"epss","scoring_elements":"0.2695","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00097","scoring_system":"epss","scoring_elements":"0.26679","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00097","scoring_system":"epss","scoring_elements":"0.26736","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00097","scoring_system":"epss","scoring_elements":"0.26775","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00097","scoring_system":"epss","scoring_elements":"0.26803","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00097","scoring_system":"epss","scoring_elements":"0.26795","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00097","scoring_system":"epss","scoring_elements":"0.26852","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00097","scoring_system":"epss","scoring_elements":"0.26896","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00097","scoring_system":"epss","scoring_elements":"0.26893","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00097","scoring_system":"epss","scoring_elements":"0.26846","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00097","scoring_system":"epss","scoring_elements":"0.26986","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00097","scoring_system":"epss","scoring_elements":"0.26777","published_at":"2026-04-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-2163"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-2163","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-2163"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1951217","reference_id":"1951217","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1951217"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5ACX4JEVYH6H4PSMGMYWTGABPOFPH3TS/","reference_id":"5ACX4JEVYH6H4PSMGMYWTGABPOFPH3TS","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T14:44:06Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5ACX4JEVYH6H4PSMGMYWTGABPOFPH3TS/"},{"reference_url":"https://security.archlinux.org/AVG-1847","reference_id":"AVG-1847","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1847"},{"reference_url":"https://security.archlinux.org/AVG-1848","reference_id":"AVG-1848","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1848"},{"reference_url":"https://security.archlinux.org/AVG-1849","reference_id":"AVG-1849","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1849"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CFXOKM2233JVGYDOWW77BN54X3GZTIBK/","reference_id":"CFXOKM2233JVGYDOWW77BN54X3GZTIBK","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T14:44:06Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CFXOKM2233JVGYDOWW77BN54X3GZTIBK/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CG7EWXSO6JUCVHP7R3SOZQ7WPNBOISJH/","reference_id":"CG7EWXSO6JUCVHP7R3SOZQ7WPNBOISJH","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T14:44:06Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CG7EWXSO6JUCVHP7R3SOZQ7WPNBOISJH/"},{"reference_url":"https://www.debian.org/security/2021/dsa-4899","reference_id":"dsa-4899","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T14:44:06Z/"}],"url":"https://www.debian.org/security/2021/dsa-4899"},{"reference_url":"https://security.gentoo.org/glsa/202209-05","reference_id":"GLSA-202209-05","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T14:44:06Z/"}],"url":"https://security.gentoo.org/glsa/202209-05"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MAULPCQFLAMBJIS27YLNNX6IHRFJMVP4/","reference_id":"MAULPCQFLAMBJIS27YLNNX6IHRFJMVP4","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T14:44:06Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MAULPCQFLAMBJIS27YLNNX6IHRFJMVP4/"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2021/04/msg00021.html","reference_id":"msg00021.html","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T14:44:06Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2021/04/msg00021.html"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MVDY4T5XMSYDQT6RRKPMRCV4MVGS7KXF/","reference_id":"MVDY4T5XMSYDQT6RRKPMRCV4MVGS7KXF","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T14:44:06Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MVDY4T5XMSYDQT6RRKPMRCV4MVGS7KXF/"},{"reference_url":"https://security.netapp.com/advisory/ntap-20210513-0001/","reference_id":"ntap-20210513-0001","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T14:44:06Z/"}],"url":"https://security.netapp.com/advisory/ntap-20210513-0001/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:1297","reference_id":"RHSA-2021:1297","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:1297"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:1298","reference_id":"RHSA-2021:1298","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:1298"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:1299","reference_id":"RHSA-2021:1299","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:1299"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:1301","reference_id":"RHSA-2021:1301","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:1301"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:1305","reference_id":"RHSA-2021:1305","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:1305"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:1306","reference_id":"RHSA-2021:1306","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:1306"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:1307","reference_id":"RHSA-2021:1307","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:1307"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:1315","reference_id":"RHSA-2021:1315","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:1315"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:1444","reference_id":"RHSA-2021:1444","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:1444"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:1445","reference_id":"RHSA-2021:1445","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:1445"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:1446","reference_id":"RHSA-2021:1446","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:1446"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:1447","reference_id":"RHSA-2021:1447","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:1447"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:6735","reference_id":"RHSA-2022:6735","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:6735"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:6755","reference_id":"RHSA-2022:6755","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:6755"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:6756","reference_id":"RHSA-2022:6756","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:6756"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UD3JEP4HPLK7MNZHVUMKIJPBP74M3A2V/","reference_id":"UD3JEP4HPLK7MNZHVUMKIJPBP74M3A2V","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T14:44:06Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UD3JEP4HPLK7MNZHVUMKIJPBP74M3A2V/"},{"reference_url":"https://usn.ubuntu.com/4892-1/","reference_id":"USN-4892-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4892-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/933606?format=json","purl":"pkg:deb/debian/openjdk-17@17~19-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17~19-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933604?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.12%2B7-2~deb11u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1gha-995s-7qdg"},{"vulnerability":"VCID-57sd-8y93-qqhu"},{"vulnerability":"VCID-6r1k-8y1c-q7fm"},{"vulnerability":"VCID-jxgd-j4wr-tyb7"},{"vulnerability":"VCID-sz6r-65q1-q3bh"},{"vulnerability":"VCID-xte1-h9nn-4bbk"},{"vulnerability":"VCID-zsun-4q6p-8fek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.12%252B7-2~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933602?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1gha-995s-7qdg"},{"vulnerability":"VCID-57sd-8y93-qqhu"},{"vulnerability":"VCID-6r1k-8y1c-q7fm"},{"vulnerability":"VCID-jxgd-j4wr-tyb7"},{"vulnerability":"VCID-sz6r-65q1-q3bh"},{"vulnerability":"VCID-xte1-h9nn-4bbk"},{"vulnerability":"VCID-zsun-4q6p-8fek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.17%252B10-1~deb12u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933605?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~6ea-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~6ea-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1062446?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~9ea-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1067592?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~9ea-2?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-2%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1077466?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19%2B10-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19%252B10-1%3Fdistro=sid"}],"aliases":["CVE-2021-2163"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-u9xe-x4f1-9fc8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/34428?format=json","vulnerability_id":"VCID-um54-6ggz-gqf9","summary":"Multiple vulnerabilities have been found in IcedTea, the worst of which could result in arbitrary code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21628.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21628.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-21628","reference_id":"","reference_type":"","scores":[{"value":"0.00248","scoring_system":"epss","scoring_elements":"0.48077","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00248","scoring_system":"epss","scoring_elements":"0.47967","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00248","scoring_system":"epss","scoring_elements":"0.48098","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00248","scoring_system":"epss","scoring_elements":"0.48048","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00248","scoring_system":"epss","scoring_elements":"0.48101","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00248","scoring_system":"epss","scoring_elements":"0.48096","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00248","scoring_system":"epss","scoring_elements":"0.48119","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00248","scoring_system":"epss","scoring_elements":"0.48094","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00248","scoring_system":"epss","scoring_elements":"0.48105","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00248","scoring_system":"epss","scoring_elements":"0.48107","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00248","scoring_system":"epss","scoring_elements":"0.48088","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00248","scoring_system":"epss","scoring_elements":"0.481","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00248","scoring_system":"epss","scoring_elements":"0.48047","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00404","scoring_system":"epss","scoring_elements":"0.60983","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00404","scoring_system":"epss","scoring_elements":"0.60977","published_at":"2026-04-16T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-21628"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21618","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21618"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21619","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21619"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21624","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21624"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21626","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21626"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21628","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21628"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39399","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39399"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21835","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21835"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21843","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21843"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2133769","reference_id":"2133769","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2133769"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/37QDWJBGEPP65X43NXQTXQ7KASLUHON6/","reference_id":"37QDWJBGEPP65X43NXQTXQ7KASLUHON6","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-23T16:44:33Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/37QDWJBGEPP65X43NXQTXQ7KASLUHON6/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3ARF4QF4N3X5GSFHXUBWARGLISGKJ33R/","reference_id":"3ARF4QF4N3X5GSFHXUBWARGLISGKJ33R","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-23T16:44:33Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3ARF4QF4N3X5GSFHXUBWARGLISGKJ33R/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3QLQ7OD33W6LT3HWI7VYDFFJLV75Y73K/","reference_id":"3QLQ7OD33W6LT3HWI7VYDFFJLV75Y73K","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-23T16:44:33Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3QLQ7OD33W6LT3HWI7VYDFFJLV75Y73K/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EXSBV3W6EP6B7XJ63Z2FPVBH6HAPGJ5T/","reference_id":"EXSBV3W6EP6B7XJ63Z2FPVBH6HAPGJ5T","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-23T16:44:33Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EXSBV3W6EP6B7XJ63Z2FPVBH6HAPGJ5T/"},{"reference_url":"https://security.gentoo.org/glsa/202409-26","reference_id":"GLSA-202409-26","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202409-26"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HNGMDNIHAA73BEX6XPA2IMXJSGOKKYE6/","reference_id":"HNGMDNIHAA73BEX6XPA2IMXJSGOKKYE6","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-23T16:44:33Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HNGMDNIHAA73BEX6XPA2IMXJSGOKKYE6/"},{"reference_url":"https://security.netapp.com/advisory/ntap-20221028-0012/","reference_id":"ntap-20221028-0012","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-23T16:44:33Z/"}],"url":"https://security.netapp.com/advisory/ntap-20221028-0012/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PB3CIGOFG7CENUVVE4FFZT2HI5FO77XU/","reference_id":"PB3CIGOFG7CENUVVE4FFZT2HI5FO77XU","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-23T16:44:33Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PB3CIGOFG7CENUVVE4FFZT2HI5FO77XU/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:6999","reference_id":"RHSA-2022:6999","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:6999"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7000","reference_id":"RHSA-2022:7000","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7000"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7001","reference_id":"RHSA-2022:7001","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7001"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7002","reference_id":"RHSA-2022:7002","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7002"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7003","reference_id":"RHSA-2022:7003","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7003"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7004","reference_id":"RHSA-2022:7004","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7004"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7005","reference_id":"RHSA-2022:7005","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7005"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7006","reference_id":"RHSA-2022:7006","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7006"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7007","reference_id":"RHSA-2022:7007","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7007"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7008","reference_id":"RHSA-2022:7008","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7008"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7009","reference_id":"RHSA-2022:7009","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7009"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7010","reference_id":"RHSA-2022:7010","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7010"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7011","reference_id":"RHSA-2022:7011","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7011"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7012","reference_id":"RHSA-2022:7012","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7012"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7013","reference_id":"RHSA-2022:7013","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7013"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7049","reference_id":"RHSA-2022:7049","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7049"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7050","reference_id":"RHSA-2022:7050","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7050"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7051","reference_id":"RHSA-2022:7051","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7051"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7052","reference_id":"RHSA-2022:7052","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7052"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7053","reference_id":"RHSA-2022:7053","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7053"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7054","reference_id":"RHSA-2022:7054","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7054"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:8880","reference_id":"RHSA-2022:8880","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:8880"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0128","reference_id":"RHSA-2023:0128","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0128"},{"reference_url":"https://usn.ubuntu.com/5719-1/","reference_id":"USN-5719-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5719-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/933615?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.5%2B8-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.5%252B8-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933616?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.6%2B10-1~deb11u1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.6%252B10-1~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933604?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.12%2B7-2~deb11u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1gha-995s-7qdg"},{"vulnerability":"VCID-57sd-8y93-qqhu"},{"vulnerability":"VCID-6r1k-8y1c-q7fm"},{"vulnerability":"VCID-jxgd-j4wr-tyb7"},{"vulnerability":"VCID-sz6r-65q1-q3bh"},{"vulnerability":"VCID-xte1-h9nn-4bbk"},{"vulnerability":"VCID-zsun-4q6p-8fek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.12%252B7-2~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933602?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1gha-995s-7qdg"},{"vulnerability":"VCID-57sd-8y93-qqhu"},{"vulnerability":"VCID-6r1k-8y1c-q7fm"},{"vulnerability":"VCID-jxgd-j4wr-tyb7"},{"vulnerability":"VCID-sz6r-65q1-q3bh"},{"vulnerability":"VCID-xte1-h9nn-4bbk"},{"vulnerability":"VCID-zsun-4q6p-8fek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.17%252B10-1~deb12u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933605?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~6ea-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~6ea-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1062446?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~9ea-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1067592?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~9ea-2?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-2%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1077466?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19%2B10-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19%252B10-1%3Fdistro=sid"}],"aliases":["CVE-2022-21628"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-um54-6ggz-gqf9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/68627?format=json","vulnerability_id":"VCID-vbw8-4j9f-eya5","summary":"openjdk: Glyph out-of-memory access and crash (Oracle CPU 2025-07)","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-50106.json","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-50106.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-50106","reference_id":"","reference_type":"","scores":[{"value":"0.00201","scoring_system":"epss","scoring_elements":"0.42096","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00232","scoring_system":"epss","scoring_elements":"0.46067","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00232","scoring_system":"epss","scoring_elements":"0.46091","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00232","scoring_system":"epss","scoring_elements":"0.46089","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00232","scoring_system":"epss","scoring_elements":"0.46088","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00232","scoring_system":"epss","scoring_elements":"0.46035","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00259","scoring_system":"epss","scoring_elements":"0.49267","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00259","scoring_system":"epss","scoring_elements":"0.49288","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00259","scoring_system":"epss","scoring_elements":"0.49246","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00259","scoring_system":"epss","scoring_elements":"0.49255","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00259","scoring_system":"epss","scoring_elements":"0.49213","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00259","scoring_system":"epss","scoring_elements":"0.4924","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00259","scoring_system":"epss","scoring_elements":"0.49245","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00259","scoring_system":"epss","scoring_elements":"0.49292","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00281","scoring_system":"epss","scoring_elements":"0.51332","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-50106"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-50106","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-50106"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2379031","reference_id":"2379031","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2379031"},{"reference_url":"https://www.oracle.com/security-alerts/cpujul2025.html","reference_id":"cpujul2025.html","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-07-15T20:22:48Z/"}],"url":"https://www.oracle.com/security-alerts/cpujul2025.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10861","reference_id":"RHSA-2025:10861","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10861"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10862","reference_id":"RHSA-2025:10862","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10862"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10863","reference_id":"RHSA-2025:10863","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10863"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10864","reference_id":"RHSA-2025:10864","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10864"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10865","reference_id":"RHSA-2025:10865","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10865"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10866","reference_id":"RHSA-2025:10866","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10866"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10867","reference_id":"RHSA-2025:10867","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10867"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10868","reference_id":"RHSA-2025:10868","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10868"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10869","reference_id":"RHSA-2025:10869","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10869"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10870","reference_id":"RHSA-2025:10870","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10870"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10873","reference_id":"RHSA-2025:10873","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10873"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10874","reference_id":"RHSA-2025:10874","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10874"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10875","reference_id":"RHSA-2025:10875","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10875"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:13656","reference_id":"RHSA-2025:13656","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:13656"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:13675","reference_id":"RHSA-2025:13675","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:13675"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0934","reference_id":"RHSA-2026:0934","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0934"},{"reference_url":"https://usn.ubuntu.com/7667-1/","reference_id":"USN-7667-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7667-1/"},{"reference_url":"https://usn.ubuntu.com/7668-1/","reference_id":"USN-7668-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7668-1/"},{"reference_url":"https://usn.ubuntu.com/7669-1/","reference_id":"USN-7669-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7669-1/"},{"reference_url":"https://usn.ubuntu.com/7672-1/","reference_id":"USN-7672-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7672-1/"},{"reference_url":"https://usn.ubuntu.com/7673-1/","reference_id":"USN-7673-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7673-1/"},{"reference_url":"https://usn.ubuntu.com/7674-1/","reference_id":"USN-7674-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7674-1/"},{"reference_url":"https://usn.ubuntu.com/7690-1/","reference_id":"USN-7690-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7690-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/933604?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.12%2B7-2~deb11u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1gha-995s-7qdg"},{"vulnerability":"VCID-57sd-8y93-qqhu"},{"vulnerability":"VCID-6r1k-8y1c-q7fm"},{"vulnerability":"VCID-jxgd-j4wr-tyb7"},{"vulnerability":"VCID-sz6r-65q1-q3bh"},{"vulnerability":"VCID-xte1-h9nn-4bbk"},{"vulnerability":"VCID-zsun-4q6p-8fek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.12%252B7-2~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933644?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.16%2B8-1~deb11u1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.16%252B8-1~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933643?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.16%2B8-1~deb12u1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.16%252B8-1~deb12u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933645?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.16%2B8-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.16%252B8-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933602?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1gha-995s-7qdg"},{"vulnerability":"VCID-57sd-8y93-qqhu"},{"vulnerability":"VCID-6r1k-8y1c-q7fm"},{"vulnerability":"VCID-jxgd-j4wr-tyb7"},{"vulnerability":"VCID-sz6r-65q1-q3bh"},{"vulnerability":"VCID-xte1-h9nn-4bbk"},{"vulnerability":"VCID-zsun-4q6p-8fek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.17%252B10-1~deb12u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933605?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~6ea-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~6ea-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1062446?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~9ea-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1067592?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~9ea-2?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-2%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1077466?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19%2B10-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19%252B10-1%3Fdistro=sid"}],"aliases":["CVE-2025-50106"],"risk_score":3.6,"exploitability":"0.5","weighted_severity":"7.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vbw8-4j9f-eya5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/31978?format=json","vulnerability_id":"VCID-vpnc-yu7r-bqb6","summary":"Multiple vulnerabilities have been discovered in OpenJDK, the worst of which could lead to remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21208.json","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21208.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-21208","reference_id":"","reference_type":"","scores":[{"value":"0.00054","scoring_system":"epss","scoring_elements":"0.16717","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00054","scoring_system":"epss","scoring_elements":"0.16915","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00054","scoring_system":"epss","scoring_elements":"0.16899","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00054","scoring_system":"epss","scoring_elements":"0.16849","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00054","scoring_system":"epss","scoring_elements":"0.1719","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00054","scoring_system":"epss","scoring_elements":"0.17241","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00054","scoring_system":"epss","scoring_elements":"0.17021","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00054","scoring_system":"epss","scoring_elements":"0.17111","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00054","scoring_system":"epss","scoring_elements":"0.17169","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00054","scoring_system":"epss","scoring_elements":"0.17144","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00054","scoring_system":"epss","scoring_elements":"0.17096","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00054","scoring_system":"epss","scoring_elements":"0.17036","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00054","scoring_system":"epss","scoring_elements":"0.16971","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00054","scoring_system":"epss","scoring_elements":"0.16975","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00054","scoring_system":"epss","scoring_elements":"0.17012","published_at":"2026-04-21T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-21208"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21208","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21208"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1085696","reference_id":"1085696","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1085696"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2318526","reference_id":"2318526","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2318526"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm:20.3.15:*:*:*:enterprise:*:*:*","reference_id":"cpe:2.3:a:oracle:graalvm:20.3.15:*:*:*:enterprise:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm:20.3.15:*:*:*:enterprise:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm:21.3.11:*:*:*:enterprise:*:*:*","reference_id":"cpe:2.3:a:oracle:graalvm:21.3.11:*:*:*:enterprise:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm:21.3.11:*:*:*:enterprise:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:17.0.12:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:graalvm_for_jdk:17.0.12:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:17.0.12:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:21.0.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:graalvm_for_jdk:21.0.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:21.0.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:23:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:graalvm_for_jdk:23:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:23:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:11.0.24:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:java_se:11.0.24:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:11.0.24:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:17.0.12:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:java_se:17.0.12:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:17.0.12:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:21.0.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:java_se:21.0.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:21.0.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:23:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:java_se:23:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:23:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:8u421:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:java_se:8u421:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:8u421:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:8u421:*:*:*:enterprise_performance:*:*:*","reference_id":"cpe:2.3:a:oracle:java_se:8u421:*:*:*:enterprise_performance:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:8u421:*:*:*:enterprise_performance:*:*:*"},{"reference_url":"https://security.gentoo.org/glsa/202412-07","reference_id":"GLSA-202412-07","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-07"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10926","reference_id":"RHSA-2024:10926","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10926"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8116","reference_id":"RHSA-2024:8116","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8116"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8117","reference_id":"RHSA-2024:8117","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8117"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8118","reference_id":"RHSA-2024:8118","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8118"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8119","reference_id":"RHSA-2024:8119","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8119"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8120","reference_id":"RHSA-2024:8120","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8120"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8121","reference_id":"RHSA-2024:8121","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8121"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8122","reference_id":"RHSA-2024:8122","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8122"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8123","reference_id":"RHSA-2024:8123","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8123"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8124","reference_id":"RHSA-2024:8124","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8124"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8125","reference_id":"RHSA-2024:8125","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8125"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8126","reference_id":"RHSA-2024:8126","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8126"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8127","reference_id":"RHSA-2024:8127","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8127"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8128","reference_id":"RHSA-2024:8128","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8128"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8129","reference_id":"RHSA-2024:8129","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8129"},{"reference_url":"https://usn.ubuntu.com/7096-1/","reference_id":"USN-7096-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7096-1/"},{"reference_url":"https://usn.ubuntu.com/7097-1/","reference_id":"USN-7097-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7097-1/"},{"reference_url":"https://usn.ubuntu.com/7098-1/","reference_id":"USN-7098-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7098-1/"},{"reference_url":"https://usn.ubuntu.com/7099-1/","reference_id":"USN-7099-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7099-1/"},{"reference_url":"https://usn.ubuntu.com/7124-1/","reference_id":"USN-7124-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7124-1/"},{"reference_url":"https://usn.ubuntu.com/7338-1/","reference_id":"USN-7338-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7338-1/"},{"reference_url":"https://usn.ubuntu.com/7339-1/","reference_id":"USN-7339-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7339-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/933604?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.12%2B7-2~deb11u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1gha-995s-7qdg"},{"vulnerability":"VCID-57sd-8y93-qqhu"},{"vulnerability":"VCID-6r1k-8y1c-q7fm"},{"vulnerability":"VCID-jxgd-j4wr-tyb7"},{"vulnerability":"VCID-sz6r-65q1-q3bh"},{"vulnerability":"VCID-xte1-h9nn-4bbk"},{"vulnerability":"VCID-zsun-4q6p-8fek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.12%252B7-2~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933635?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.13%2B11-1~deb11u1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.13%252B11-1~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933636?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.13%2B11-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.13%252B11-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933634?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.13%2B11-2~deb12u1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.13%252B11-2~deb12u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933602?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1gha-995s-7qdg"},{"vulnerability":"VCID-57sd-8y93-qqhu"},{"vulnerability":"VCID-6r1k-8y1c-q7fm"},{"vulnerability":"VCID-jxgd-j4wr-tyb7"},{"vulnerability":"VCID-sz6r-65q1-q3bh"},{"vulnerability":"VCID-xte1-h9nn-4bbk"},{"vulnerability":"VCID-zsun-4q6p-8fek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.17%252B10-1~deb12u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933605?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~6ea-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~6ea-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1062446?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~9ea-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1067592?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~9ea-2?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-2%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1077466?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19%2B10-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19%252B10-1%3Fdistro=sid"}],"aliases":["CVE-2024-21208"],"risk_score":1.6,"exploitability":"0.5","weighted_severity":"3.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vpnc-yu7r-bqb6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/31959?format=json","vulnerability_id":"VCID-vuhe-re6z-8kax","summary":"Multiple vulnerabilities have been discovered in OpenJDK, the worst of which could lead to remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-22025.json","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-22025.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-22025","reference_id":"","reference_type":"","scores":[{"value":"0.00128","scoring_system":"epss","scoring_elements":"0.32344","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00128","scoring_system":"epss","scoring_elements":"0.31683","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00128","scoring_system":"epss","scoring_elements":"0.32217","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00128","scoring_system":"epss","scoring_elements":"0.32251","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00128","scoring_system":"epss","scoring_elements":"0.3223","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00128","scoring_system":"epss","scoring_elements":"0.32201","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00128","scoring_system":"epss","scoring_elements":"0.32039","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00128","scoring_system":"epss","scoring_elements":"0.31912","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00128","scoring_system":"epss","scoring_elements":"0.31831","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00128","scoring_system":"epss","scoring_elements":"0.32382","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00128","scoring_system":"epss","scoring_elements":"0.32207","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00128","scoring_system":"epss","scoring_elements":"0.32256","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00128","scoring_system":"epss","scoring_elements":"0.32285","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00128","scoring_system":"epss","scoring_elements":"0.32286","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00128","scoring_system":"epss","scoring_elements":"0.32248","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-22025"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22025","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22025"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22081","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22081"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2243805","reference_id":"2243805","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2243805"},{"reference_url":"https://www.debian.org/security/2023/dsa-5548","reference_id":"dsa-5548","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-13T16:28:29Z/"}],"url":"https://www.debian.org/security/2023/dsa-5548"},{"reference_url":"https://security.gentoo.org/glsa/202412-07","reference_id":"GLSA-202412-07","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-07"},{"reference_url":"https://security.netapp.com/advisory/ntap-20231027-0006/","reference_id":"ntap-20231027-0006","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-13T16:28:29Z/"}],"url":"https://security.netapp.com/advisory/ntap-20231027-0006/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5745","reference_id":"RHSA-2023:5745","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5745"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5746","reference_id":"RHSA-2023:5746","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5746"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5747","reference_id":"RHSA-2023:5747","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5747"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5750","reference_id":"RHSA-2023:5750","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5750"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5751","reference_id":"RHSA-2023:5751","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5751"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5752","reference_id":"RHSA-2023:5752","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5752"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5753","reference_id":"RHSA-2023:5753","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5753"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6738","reference_id":"RHSA-2023:6738","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6738"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6887","reference_id":"RHSA-2023:6887","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6887"},{"reference_url":"https://usn.ubuntu.com/6527-1/","reference_id":"USN-6527-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6527-1/"},{"reference_url":"https://usn.ubuntu.com/6528-1/","reference_id":"USN-6528-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6528-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/933624?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.9%2B9-1~deb11u1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.9%252B9-1~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933623?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.9%2B9-1~deb12u1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.9%252B9-1~deb12u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933625?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.9%2B9-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.9%252B9-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933604?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.12%2B7-2~deb11u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1gha-995s-7qdg"},{"vulnerability":"VCID-57sd-8y93-qqhu"},{"vulnerability":"VCID-6r1k-8y1c-q7fm"},{"vulnerability":"VCID-jxgd-j4wr-tyb7"},{"vulnerability":"VCID-sz6r-65q1-q3bh"},{"vulnerability":"VCID-xte1-h9nn-4bbk"},{"vulnerability":"VCID-zsun-4q6p-8fek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.12%252B7-2~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933602?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1gha-995s-7qdg"},{"vulnerability":"VCID-57sd-8y93-qqhu"},{"vulnerability":"VCID-6r1k-8y1c-q7fm"},{"vulnerability":"VCID-jxgd-j4wr-tyb7"},{"vulnerability":"VCID-sz6r-65q1-q3bh"},{"vulnerability":"VCID-xte1-h9nn-4bbk"},{"vulnerability":"VCID-zsun-4q6p-8fek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.17%252B10-1~deb12u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933605?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~6ea-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~6ea-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1062446?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~9ea-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1067592?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~9ea-2?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-2%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1077466?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19%2B10-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19%252B10-1%3Fdistro=sid"}],"aliases":["CVE-2023-22025"],"risk_score":1.6,"exploitability":"0.5","weighted_severity":"3.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vuhe-re6z-8kax"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/31969?format=json","vulnerability_id":"VCID-wn4r-ugaa-5ydb","summary":"Multiple vulnerabilities have been discovered in OpenJDK, the worst of which could lead to remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-20918.json","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-20918.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-20918","reference_id":"","reference_type":"","scores":[{"value":"0.0022","scoring_system":"epss","scoring_elements":"0.44288","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00238","scoring_system":"epss","scoring_elements":"0.46929","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00238","scoring_system":"epss","scoring_elements":"0.46936","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00238","scoring_system":"epss","scoring_elements":"0.46944","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00238","scoring_system":"epss","scoring_elements":"0.46999","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00238","scoring_system":"epss","scoring_elements":"0.46995","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00238","scoring_system":"epss","scoring_elements":"0.4689","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00238","scoring_system":"epss","scoring_elements":"0.46923","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00238","scoring_system":"epss","scoring_elements":"0.4694","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00238","scoring_system":"epss","scoring_elements":"0.46888","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00238","scoring_system":"epss","scoring_elements":"0.46942","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00238","scoring_system":"epss","scoring_elements":"0.46939","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00238","scoring_system":"epss","scoring_elements":"0.46963","published_at":"2026-04-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-20918"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20918","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20918"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20919","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20919"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20921","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20921"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20926","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20926"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20932","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20932"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20945","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20945"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20952","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20952"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2257728","reference_id":"2257728","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2257728"},{"reference_url":"https://security.gentoo.org/glsa/202412-07","reference_id":"GLSA-202412-07","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-07"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2024/01/msg00023.html","reference_id":"msg00023.html","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-01-25T05:01:02Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2024/01/msg00023.html"},{"reference_url":"https://security.netapp.com/advisory/ntap-20240201-0002/","reference_id":"ntap-20240201-0002","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-01-25T05:01:02Z/"}],"url":"https://security.netapp.com/advisory/ntap-20240201-0002/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0222","reference_id":"RHSA-2024:0222","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0222"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0223","reference_id":"RHSA-2024:0223","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0223"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0224","reference_id":"RHSA-2024:0224","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0224"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0225","reference_id":"RHSA-2024:0225","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0225"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0226","reference_id":"RHSA-2024:0226","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0226"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0228","reference_id":"RHSA-2024:0228","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0228"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0230","reference_id":"RHSA-2024:0230","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0230"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0231","reference_id":"RHSA-2024:0231","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0231"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0232","reference_id":"RHSA-2024:0232","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0232"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0233","reference_id":"RHSA-2024:0233","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0233"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0234","reference_id":"RHSA-2024:0234","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0234"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0235","reference_id":"RHSA-2024:0235","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0235"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0237","reference_id":"RHSA-2024:0237","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0237"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0239","reference_id":"RHSA-2024:0239","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0239"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0240","reference_id":"RHSA-2024:0240","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0240"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0241","reference_id":"RHSA-2024:0241","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0241"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0242","reference_id":"RHSA-2024:0242","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0242"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0244","reference_id":"RHSA-2024:0244","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0244"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0246","reference_id":"RHSA-2024:0246","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0246"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0247","reference_id":"RHSA-2024:0247","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0247"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0248","reference_id":"RHSA-2024:0248","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0248"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0249","reference_id":"RHSA-2024:0249","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0249"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0250","reference_id":"RHSA-2024:0250","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0250"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0265","reference_id":"RHSA-2024:0265","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0265"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0266","reference_id":"RHSA-2024:0266","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0266"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0267","reference_id":"RHSA-2024:0267","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0267"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1481","reference_id":"RHSA-2024:1481","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1481"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1482","reference_id":"RHSA-2024:1482","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1482"},{"reference_url":"https://usn.ubuntu.com/6660-1/","reference_id":"USN-6660-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6660-1/"},{"reference_url":"https://usn.ubuntu.com/6661-1/","reference_id":"USN-6661-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6661-1/"},{"reference_url":"https://usn.ubuntu.com/6662-1/","reference_id":"USN-6662-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6662-1/"},{"reference_url":"https://usn.ubuntu.com/6696-1/","reference_id":"USN-6696-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6696-1/"},{"reference_url":"https://usn.ubuntu.com/7096-1/","reference_id":"USN-7096-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7096-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/933627?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.10%2B7-1~deb11u1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.10%252B7-1~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933626?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.10%2B7-1~deb12u1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.10%252B7-1~deb12u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933628?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.10%2B7-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.10%252B7-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933604?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.12%2B7-2~deb11u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1gha-995s-7qdg"},{"vulnerability":"VCID-57sd-8y93-qqhu"},{"vulnerability":"VCID-6r1k-8y1c-q7fm"},{"vulnerability":"VCID-jxgd-j4wr-tyb7"},{"vulnerability":"VCID-sz6r-65q1-q3bh"},{"vulnerability":"VCID-xte1-h9nn-4bbk"},{"vulnerability":"VCID-zsun-4q6p-8fek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.12%252B7-2~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933602?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1gha-995s-7qdg"},{"vulnerability":"VCID-57sd-8y93-qqhu"},{"vulnerability":"VCID-6r1k-8y1c-q7fm"},{"vulnerability":"VCID-jxgd-j4wr-tyb7"},{"vulnerability":"VCID-sz6r-65q1-q3bh"},{"vulnerability":"VCID-xte1-h9nn-4bbk"},{"vulnerability":"VCID-zsun-4q6p-8fek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.17%252B10-1~deb12u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933605?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~6ea-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~6ea-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1062446?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~9ea-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1067592?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~9ea-2?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-2%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1077466?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19%2B10-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19%252B10-1%3Fdistro=sid"}],"aliases":["CVE-2024-20918"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wn4r-ugaa-5ydb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/34363?format=json","vulnerability_id":"VCID-ws4h-edpn-nudd","summary":"Multiple vulnerabilities have been found in OpenJDK, the worst of which could result in denial of service.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21299.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21299.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-21299","reference_id":"","reference_type":"","scores":[{"value":"0.00097","scoring_system":"epss","scoring_elements":"0.26898","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00097","scoring_system":"epss","scoring_elements":"0.26933","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00097","scoring_system":"epss","scoring_elements":"0.2672","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00097","scoring_system":"epss","scoring_elements":"0.26789","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00097","scoring_system":"epss","scoring_elements":"0.26838","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00097","scoring_system":"epss","scoring_elements":"0.26841","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00097","scoring_system":"epss","scoring_elements":"0.26796","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00097","scoring_system":"epss","scoring_elements":"0.26739","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00097","scoring_system":"epss","scoring_elements":"0.26747","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00097","scoring_system":"epss","scoring_elements":"0.26719","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00097","scoring_system":"epss","scoring_elements":"0.26683","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00097","scoring_system":"epss","scoring_elements":"0.26627","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00097","scoring_system":"epss","scoring_elements":"0.2662","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00097","scoring_system":"epss","scoring_elements":"0.26548","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00097","scoring_system":"epss","scoring_elements":"0.26415","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-21299"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21248","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21248"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21277","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21277"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21282","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21282"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21283","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21283"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21291","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21291"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21293","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21293"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21294","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21294"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21296","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21296"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21299","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21299"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21305","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21305"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21340","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21340"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21341","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21341"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21360","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21360"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21365","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21365"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21366","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21366"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2041472","reference_id":"2041472","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2041472"},{"reference_url":"https://security.gentoo.org/glsa/202209-05","reference_id":"GLSA-202209-05","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202209-05"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0161","reference_id":"RHSA-2022:0161","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0161"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0165","reference_id":"RHSA-2022:0165","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0165"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0166","reference_id":"RHSA-2022:0166","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0166"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0185","reference_id":"RHSA-2022:0185","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0185"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0204","reference_id":"RHSA-2022:0204","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0204"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0209","reference_id":"RHSA-2022:0209","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0209"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0211","reference_id":"RHSA-2022:0211","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0211"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0228","reference_id":"RHSA-2022:0228","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0228"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0229","reference_id":"RHSA-2022:0229","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0229"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0233","reference_id":"RHSA-2022:0233","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0233"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0304","reference_id":"RHSA-2022:0304","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0304"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0305","reference_id":"RHSA-2022:0305","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0305"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0306","reference_id":"RHSA-2022:0306","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0306"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0307","reference_id":"RHSA-2022:0307","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0307"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0312","reference_id":"RHSA-2022:0312","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0312"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0317","reference_id":"RHSA-2022:0317","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0317"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0321","reference_id":"RHSA-2022:0321","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0321"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:4918","reference_id":"RHSA-2022:4918","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:4918"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:4919","reference_id":"RHSA-2022:4919","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:4919"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:4922","reference_id":"RHSA-2022:4922","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:4922"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:4957","reference_id":"RHSA-2022:4957","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:4957"},{"reference_url":"https://usn.ubuntu.com/5313-1/","reference_id":"USN-5313-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5313-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/933610?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.2%2B8-1~deb11u1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.2%252B8-1~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933609?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.2%2B8-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.2%252B8-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933604?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.12%2B7-2~deb11u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1gha-995s-7qdg"},{"vulnerability":"VCID-57sd-8y93-qqhu"},{"vulnerability":"VCID-6r1k-8y1c-q7fm"},{"vulnerability":"VCID-jxgd-j4wr-tyb7"},{"vulnerability":"VCID-sz6r-65q1-q3bh"},{"vulnerability":"VCID-xte1-h9nn-4bbk"},{"vulnerability":"VCID-zsun-4q6p-8fek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.12%252B7-2~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933602?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1gha-995s-7qdg"},{"vulnerability":"VCID-57sd-8y93-qqhu"},{"vulnerability":"VCID-6r1k-8y1c-q7fm"},{"vulnerability":"VCID-jxgd-j4wr-tyb7"},{"vulnerability":"VCID-sz6r-65q1-q3bh"},{"vulnerability":"VCID-xte1-h9nn-4bbk"},{"vulnerability":"VCID-zsun-4q6p-8fek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.17%252B10-1~deb12u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933605?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~6ea-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~6ea-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1062446?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~9ea-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1067592?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~9ea-2?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-2%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1077466?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19%2B10-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19%252B10-1%3Fdistro=sid"}],"aliases":["CVE-2022-21299"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ws4h-edpn-nudd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/31957?format=json","vulnerability_id":"VCID-x4ms-sbj7-aufu","summary":"Multiple vulnerabilities have been discovered in OpenJDK, the worst of which could lead to remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-22006.json","reference_id":"","reference_type":"","scores":[{"value":"3.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-22006.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-22006","reference_id":"","reference_type":"","scores":[{"value":"0.00134","scoring_system":"epss","scoring_elements":"0.32482","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00134","scoring_system":"epss","scoring_elements":"0.32964","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00134","scoring_system":"epss","scoring_elements":"0.32818","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00134","scoring_system":"epss","scoring_elements":"0.32705","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00134","scoring_system":"epss","scoring_elements":"0.32622","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00147","scoring_system":"epss","scoring_elements":"0.35226","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00147","scoring_system":"epss","scoring_elements":"0.35255","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00147","scoring_system":"epss","scoring_elements":"0.3522","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00147","scoring_system":"epss","scoring_elements":"0.35196","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00147","scoring_system":"epss","scoring_elements":"0.35235","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00147","scoring_system":"epss","scoring_elements":"0.35221","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00147","scoring_system":"epss","scoring_elements":"0.35251","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00147","scoring_system":"epss","scoring_elements":"0.35272","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00147","scoring_system":"epss","scoring_elements":"0.353","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00147","scoring_system":"epss","scoring_elements":"0.35182","published_at":"2026-04-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-22006"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21930","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21930"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21937","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21937"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21938","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21938"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21939","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21939"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21954","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21954"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21967","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21967"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21968","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21968"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22006","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22006"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22036","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22036"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22041","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22041"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22045","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22045"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22049","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22049"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2221626","reference_id":"2221626","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2221626"},{"reference_url":"https://security.gentoo.org/glsa/202407-24","reference_id":"GLSA-202407-24","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202407-24"},{"reference_url":"https://security.gentoo.org/glsa/202412-07","reference_id":"GLSA-202412-07","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-07"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4157","reference_id":"RHSA-2023:4157","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4157"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4158","reference_id":"RHSA-2023:4158","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4158"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4159","reference_id":"RHSA-2023:4159","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4159"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4161","reference_id":"RHSA-2023:4161","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4161"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4162","reference_id":"RHSA-2023:4162","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4162"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4163","reference_id":"RHSA-2023:4163","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4163"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4164","reference_id":"RHSA-2023:4164","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4164"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4165","reference_id":"RHSA-2023:4165","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4165"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4169","reference_id":"RHSA-2023:4169","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4169"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4170","reference_id":"RHSA-2023:4170","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4170"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4171","reference_id":"RHSA-2023:4171","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4171"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4175","reference_id":"RHSA-2023:4175","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4175"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4177","reference_id":"RHSA-2023:4177","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4177"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4208","reference_id":"RHSA-2023:4208","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4208"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4210","reference_id":"RHSA-2023:4210","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4210"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4211","reference_id":"RHSA-2023:4211","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4211"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4233","reference_id":"RHSA-2023:4233","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4233"},{"reference_url":"https://usn.ubuntu.com/6263-1/","reference_id":"USN-6263-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6263-1/"},{"reference_url":"https://usn.ubuntu.com/6272-1/","reference_id":"USN-6272-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6272-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/933621?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.8%2B7-1~deb12u1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.8%252B7-1~deb12u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933622?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.8%2B7-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.8%252B7-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933604?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.12%2B7-2~deb11u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1gha-995s-7qdg"},{"vulnerability":"VCID-57sd-8y93-qqhu"},{"vulnerability":"VCID-6r1k-8y1c-q7fm"},{"vulnerability":"VCID-jxgd-j4wr-tyb7"},{"vulnerability":"VCID-sz6r-65q1-q3bh"},{"vulnerability":"VCID-xte1-h9nn-4bbk"},{"vulnerability":"VCID-zsun-4q6p-8fek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.12%252B7-2~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933602?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1gha-995s-7qdg"},{"vulnerability":"VCID-57sd-8y93-qqhu"},{"vulnerability":"VCID-6r1k-8y1c-q7fm"},{"vulnerability":"VCID-jxgd-j4wr-tyb7"},{"vulnerability":"VCID-sz6r-65q1-q3bh"},{"vulnerability":"VCID-xte1-h9nn-4bbk"},{"vulnerability":"VCID-zsun-4q6p-8fek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.17%252B10-1~deb12u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933605?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~6ea-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~6ea-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1062446?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~9ea-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1067592?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~9ea-2?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-2%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1077466?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19%2B10-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19%252B10-1%3Fdistro=sid"}],"aliases":["CVE-2023-22006"],"risk_score":1.4,"exploitability":"0.5","weighted_severity":"2.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-x4ms-sbj7-aufu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/34351?format=json","vulnerability_id":"VCID-xfqx-d3jw-yuhn","summary":"Multiple vulnerabilities have been found in OpenJDK, the worst of which could result in denial of service.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21248.json","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21248.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-21248","reference_id":"","reference_type":"","scores":[{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.24337","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.23875","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.2437","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.24153","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.2422","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.24263","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.2428","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.24237","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.2418","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.24196","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.24183","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.2416","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.24037","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.24025","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.23985","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-21248"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21248","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21248"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21277","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21277"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21282","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21282"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21283","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21283"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21291","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21291"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21293","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21293"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21294","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21294"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21296","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21296"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21299","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21299"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21305","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21305"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21340","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21340"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21341","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21341"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21360","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21360"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21365","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21365"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21366","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21366"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2041801","reference_id":"2041801","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2041801"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2DIN3L6L3SVZK75CKW2GPSU4HIGZR7XG/","reference_id":"2DIN3L6L3SVZK75CKW2GPSU4HIGZR7XG","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-24T17:45:14Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2DIN3L6L3SVZK75CKW2GPSU4HIGZR7XG/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4J2N4FNXW6JKJBWUZH6SNI2UHCZXQXCY/","reference_id":"4J2N4FNXW6JKJBWUZH6SNI2UHCZXQXCY","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-24T17:45:14Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4J2N4FNXW6JKJBWUZH6SNI2UHCZXQXCY/"},{"reference_url":"https://www.debian.org/security/2022/dsa-5057","reference_id":"dsa-5057","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-24T17:45:14Z/"}],"url":"https://www.debian.org/security/2022/dsa-5057"},{"reference_url":"https://www.debian.org/security/2022/dsa-5058","reference_id":"dsa-5058","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-24T17:45:14Z/"}],"url":"https://www.debian.org/security/2022/dsa-5058"},{"reference_url":"https://security.gentoo.org/glsa/202209-05","reference_id":"GLSA-202209-05","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-24T17:45:14Z/"}],"url":"https://security.gentoo.org/glsa/202209-05"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KPIWQ6DL5IPOT54UBWTISG5T24FQJ7MN/","reference_id":"KPIWQ6DL5IPOT54UBWTISG5T24FQJ7MN","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-24T17:45:14Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KPIWQ6DL5IPOT54UBWTISG5T24FQJ7MN/"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2022/02/msg00011.html","reference_id":"msg00011.html","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-24T17:45:14Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2022/02/msg00011.html"},{"reference_url":"https://security.netapp.com/advisory/ntap-20220121-0007/","reference_id":"ntap-20220121-0007","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-24T17:45:14Z/"}],"url":"https://security.netapp.com/advisory/ntap-20220121-0007/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0161","reference_id":"RHSA-2022:0161","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0161"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0165","reference_id":"RHSA-2022:0165","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0165"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0166","reference_id":"RHSA-2022:0166","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0166"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0185","reference_id":"RHSA-2022:0185","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0185"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0204","reference_id":"RHSA-2022:0204","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0204"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0209","reference_id":"RHSA-2022:0209","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0209"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0211","reference_id":"RHSA-2022:0211","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0211"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0228","reference_id":"RHSA-2022:0228","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0228"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0229","reference_id":"RHSA-2022:0229","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0229"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0233","reference_id":"RHSA-2022:0233","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0233"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0304","reference_id":"RHSA-2022:0304","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0304"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0305","reference_id":"RHSA-2022:0305","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0305"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0306","reference_id":"RHSA-2022:0306","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0306"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0307","reference_id":"RHSA-2022:0307","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0307"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0312","reference_id":"RHSA-2022:0312","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0312"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0317","reference_id":"RHSA-2022:0317","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0317"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0321","reference_id":"RHSA-2022:0321","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0321"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0968","reference_id":"RHSA-2022:0968","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0968"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0969","reference_id":"RHSA-2022:0969","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0969"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0970","reference_id":"RHSA-2022:0970","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0970"},{"reference_url":"https://usn.ubuntu.com/5313-1/","reference_id":"USN-5313-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5313-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/933610?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.2%2B8-1~deb11u1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.2%252B8-1~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933609?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.2%2B8-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.2%252B8-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933604?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.12%2B7-2~deb11u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1gha-995s-7qdg"},{"vulnerability":"VCID-57sd-8y93-qqhu"},{"vulnerability":"VCID-6r1k-8y1c-q7fm"},{"vulnerability":"VCID-jxgd-j4wr-tyb7"},{"vulnerability":"VCID-sz6r-65q1-q3bh"},{"vulnerability":"VCID-xte1-h9nn-4bbk"},{"vulnerability":"VCID-zsun-4q6p-8fek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.12%252B7-2~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933602?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1gha-995s-7qdg"},{"vulnerability":"VCID-57sd-8y93-qqhu"},{"vulnerability":"VCID-6r1k-8y1c-q7fm"},{"vulnerability":"VCID-jxgd-j4wr-tyb7"},{"vulnerability":"VCID-sz6r-65q1-q3bh"},{"vulnerability":"VCID-xte1-h9nn-4bbk"},{"vulnerability":"VCID-zsun-4q6p-8fek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.17%252B10-1~deb12u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933605?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~6ea-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~6ea-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1062446?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~9ea-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1067592?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~9ea-2?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-2%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1077466?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19%2B10-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19%252B10-1%3Fdistro=sid"}],"aliases":["CVE-2022-21248"],"risk_score":1.6,"exploitability":"0.5","weighted_severity":"3.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xfqx-d3jw-yuhn"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/78476?format=json","vulnerability_id":"VCID-xk2v-7cgk-13ex","summary":"OpenJDK: certificate validation issue in TLS session negotiation (8298310)","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-21967.json","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-21967.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-21967","reference_id":"","reference_type":"","scores":[{"value":"0.00068","scoring_system":"epss","scoring_elements":"0.20705","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00068","scoring_system":"epss","scoring_elements":"0.20967","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00068","scoring_system":"epss","scoring_elements":"0.20837","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00068","scoring_system":"epss","scoring_elements":"0.20834","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00068","scoring_system":"epss","scoring_elements":"0.20802","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.21607","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.21605","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.21805","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.21556","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.21633","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.21691","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.21702","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.21664","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.2175","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.21613","published_at":"2026-04-18T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-21967"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21930","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21930"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21937","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21937"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21938","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21938"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21939","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21939"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21954","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21954"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21967","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21967"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21968","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21968"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22006","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22006"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22036","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22036"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22041","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22041"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22045","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22045"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22049","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22049"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1035957","reference_id":"1035957","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1035957"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036280","reference_id":"1036280","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036280"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2187704","reference_id":"2187704","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2187704"},{"reference_url":"https://www.debian.org/security/2023/dsa-5430","reference_id":"dsa-5430","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-17T13:34:32Z/"}],"url":"https://www.debian.org/security/2023/dsa-5430"},{"reference_url":"https://www.debian.org/security/2023/dsa-5478","reference_id":"dsa-5478","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-17T13:34:32Z/"}],"url":"https://www.debian.org/security/2023/dsa-5478"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2023/09/msg00018.html","reference_id":"msg00018.html","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-17T13:34:32Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2023/09/msg00018.html"},{"reference_url":"https://security.netapp.com/advisory/ntap-20230427-0008/","reference_id":"ntap-20230427-0008","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-17T13:34:32Z/"}],"url":"https://security.netapp.com/advisory/ntap-20230427-0008/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1875","reference_id":"RHSA-2023:1875","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1875"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1877","reference_id":"RHSA-2023:1877","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1877"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1878","reference_id":"RHSA-2023:1878","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1878"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1879","reference_id":"RHSA-2023:1879","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1879"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1880","reference_id":"RHSA-2023:1880","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1880"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1882","reference_id":"RHSA-2023:1882","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1882"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1883","reference_id":"RHSA-2023:1883","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1883"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1884","reference_id":"RHSA-2023:1884","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1884"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1885","reference_id":"RHSA-2023:1885","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1885"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1889","reference_id":"RHSA-2023:1889","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1889"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1890","reference_id":"RHSA-2023:1890","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1890"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1891","reference_id":"RHSA-2023:1891","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1891"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1892","reference_id":"RHSA-2023:1892","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1892"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1895","reference_id":"RHSA-2023:1895","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1895"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1898","reference_id":"RHSA-2023:1898","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1898"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1899","reference_id":"RHSA-2023:1899","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1899"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1900","reference_id":"RHSA-2023:1900","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1900"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1903","reference_id":"RHSA-2023:1903","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1903"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1904","reference_id":"RHSA-2023:1904","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1904"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1905","reference_id":"RHSA-2023:1905","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1905"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1906","reference_id":"RHSA-2023:1906","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1906"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1907","reference_id":"RHSA-2023:1907","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1907"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1908","reference_id":"RHSA-2023:1908","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1908"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1909","reference_id":"RHSA-2023:1909","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1909"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1910","reference_id":"RHSA-2023:1910","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1910"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1911","reference_id":"RHSA-2023:1911","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1911"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1912","reference_id":"RHSA-2023:1912","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1912"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4103","reference_id":"RHSA-2023:4103","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4103"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4160","reference_id":"RHSA-2023:4160","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4160"},{"reference_url":"https://usn.ubuntu.com/6077-1/","reference_id":"USN-6077-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6077-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/933619?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.7%2B7-1~deb11u1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.7%252B7-1~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933618?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.7%2B7-1~deb12u1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.7%252B7-1~deb12u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933620?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.7%2B7-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.7%252B7-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933604?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.12%2B7-2~deb11u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1gha-995s-7qdg"},{"vulnerability":"VCID-57sd-8y93-qqhu"},{"vulnerability":"VCID-6r1k-8y1c-q7fm"},{"vulnerability":"VCID-jxgd-j4wr-tyb7"},{"vulnerability":"VCID-sz6r-65q1-q3bh"},{"vulnerability":"VCID-xte1-h9nn-4bbk"},{"vulnerability":"VCID-zsun-4q6p-8fek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.12%252B7-2~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933602?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1gha-995s-7qdg"},{"vulnerability":"VCID-57sd-8y93-qqhu"},{"vulnerability":"VCID-6r1k-8y1c-q7fm"},{"vulnerability":"VCID-jxgd-j4wr-tyb7"},{"vulnerability":"VCID-sz6r-65q1-q3bh"},{"vulnerability":"VCID-xte1-h9nn-4bbk"},{"vulnerability":"VCID-zsun-4q6p-8fek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.17%252B10-1~deb12u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933605?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~6ea-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~6ea-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1062446?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~9ea-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1067592?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~9ea-2?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-2%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1077466?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19%2B10-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19%252B10-1%3Fdistro=sid"}],"aliases":["CVE-2023-21967"],"risk_score":2.6,"exploitability":"0.5","weighted_severity":"5.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xk2v-7cgk-13ex"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/353832?format=json","vulnerability_id":"VCID-xte1-h9nn-4bbk","summary":"Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Oracle Java SE: 8u481, 8u481-b50, 8u481-perf, 11.0.30, 17.0.18, 21.0.10, 25.0.2, 26; Oracle GraalVM for JDK: 17.0.18 and 21.0.10; Oracle GraalVM Enterprise Edition: 21.3.17. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. CVSS 3.1 Base Score 3.7 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L).","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-22018.json","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-22018.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-22018","reference_id":"","reference_type":"","scores":[{"value":"0.00039","scoring_system":"epss","scoring_elements":"0.11627","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00039","scoring_system":"epss","scoring_elements":"0.11666","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00047","scoring_system":"epss","scoring_elements":"0.14194","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00047","scoring_system":"epss","scoring_elements":"0.14332","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-22018"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-22018","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-22018"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1134894","reference_id":"1134894","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1134894"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2460041","reference_id":"2460041","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2460041"},{"reference_url":"https://www.oracle.com/security-alerts/cpuapr2026.html","reference_id":"cpuapr2026.html","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-22T14:05:52Z/"}],"url":"https://www.oracle.com/security-alerts/cpuapr2026.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11403","reference_id":"RHSA-2026:11403","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:11403"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11655","reference_id":"RHSA-2026:11655","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:11655"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11822","reference_id":"RHSA-2026:11822","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:11822"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11829","reference_id":"RHSA-2026:11829","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:11829"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11902","reference_id":"RHSA-2026:11902","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:11902"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9254","reference_id":"RHSA-2026:9254","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9254"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9255","reference_id":"RHSA-2026:9255","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9255"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9256","reference_id":"RHSA-2026:9256","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9256"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9682","reference_id":"RHSA-2026:9682","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9682"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9683","reference_id":"RHSA-2026:9683","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9683"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9684","reference_id":"RHSA-2026:9684","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9684"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9685","reference_id":"RHSA-2026:9685","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9685"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9686","reference_id":"RHSA-2026:9686","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9686"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9687","reference_id":"RHSA-2026:9687","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9687"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9688","reference_id":"RHSA-2026:9688","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9688"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9689","reference_id":"RHSA-2026:9689","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9689"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9690","reference_id":"RHSA-2026:9690","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9690"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9691","reference_id":"RHSA-2026:9691","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9691"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9693","reference_id":"RHSA-2026:9693","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9693"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9694","reference_id":"RHSA-2026:9694","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9694"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1103025?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19%2B10-1~deb11u1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19%252B10-1~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933604?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.12%2B7-2~deb11u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1gha-995s-7qdg"},{"vulnerability":"VCID-57sd-8y93-qqhu"},{"vulnerability":"VCID-6r1k-8y1c-q7fm"},{"vulnerability":"VCID-jxgd-j4wr-tyb7"},{"vulnerability":"VCID-sz6r-65q1-q3bh"},{"vulnerability":"VCID-xte1-h9nn-4bbk"},{"vulnerability":"VCID-zsun-4q6p-8fek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.12%252B7-2~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933602?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1gha-995s-7qdg"},{"vulnerability":"VCID-57sd-8y93-qqhu"},{"vulnerability":"VCID-6r1k-8y1c-q7fm"},{"vulnerability":"VCID-jxgd-j4wr-tyb7"},{"vulnerability":"VCID-sz6r-65q1-q3bh"},{"vulnerability":"VCID-xte1-h9nn-4bbk"},{"vulnerability":"VCID-zsun-4q6p-8fek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.17%252B10-1~deb12u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1088715?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19%2B10-1~deb12u2?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19%252B10-1~deb12u2%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1077466?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19%2B10-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19%252B10-1%3Fdistro=sid"}],"aliases":["CVE-2026-22018"],"risk_score":1.6,"exploitability":"0.5","weighted_severity":"3.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xte1-h9nn-4bbk"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/79489?format=json","vulnerability_id":"VCID-y5qu-j3wt-wuej","summary":"OpenJDK: URI parsing inconsistencies (JNDI, 8278972)","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21496.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21496.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-21496","reference_id":"","reference_type":"","scores":[{"value":"0.00109","scoring_system":"epss","scoring_elements":"0.28899","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00109","scoring_system":"epss","scoring_elements":"0.29303","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00109","scoring_system":"epss","scoring_elements":"0.28679","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00109","scoring_system":"epss","scoring_elements":"0.28828","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00109","scoring_system":"epss","scoring_elements":"0.29352","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00109","scoring_system":"epss","scoring_elements":"0.29164","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00109","scoring_system":"epss","scoring_elements":"0.29228","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00109","scoring_system":"epss","scoring_elements":"0.29269","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00109","scoring_system":"epss","scoring_elements":"0.29275","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00109","scoring_system":"epss","scoring_elements":"0.29229","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00109","scoring_system":"epss","scoring_elements":"0.29176","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00109","scoring_system":"epss","scoring_elements":"0.29203","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00109","scoring_system":"epss","scoring_elements":"0.29178","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00109","scoring_system":"epss","scoring_elements":"0.29132","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00109","scoring_system":"epss","scoring_elements":"0.2901","published_at":"2026-04-24T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-21496"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21426","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21426"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21434","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21434"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21443","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21443"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21449","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21449"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21476","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21476"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21496","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21496"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2075849","reference_id":"2075849","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2075849"},{"reference_url":"https://security.archlinux.org/AVG-2686","reference_id":"AVG-2686","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2686"},{"reference_url":"https://security.archlinux.org/AVG-2687","reference_id":"AVG-2687","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2687"},{"reference_url":"https://security.archlinux.org/AVG-2688","reference_id":"AVG-2688","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2688"},{"reference_url":"https://security.archlinux.org/AVG-2689","reference_id":"AVG-2689","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2689"},{"reference_url":"https://www.debian.org/security/2022/dsa-5128","reference_id":"dsa-5128","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-24T13:53:50Z/"}],"url":"https://www.debian.org/security/2022/dsa-5128"},{"reference_url":"https://www.debian.org/security/2022/dsa-5131","reference_id":"dsa-5131","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-24T13:53:50Z/"}],"url":"https://www.debian.org/security/2022/dsa-5131"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2022/05/msg00017.html","reference_id":"msg00017.html","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-24T13:53:50Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2022/05/msg00017.html"},{"reference_url":"https://security.netapp.com/advisory/ntap-20220429-0006/","reference_id":"ntap-20220429-0006","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-24T13:53:50Z/"}],"url":"https://security.netapp.com/advisory/ntap-20220429-0006/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:1435","reference_id":"RHSA-2022:1435","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:1435"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:1436","reference_id":"RHSA-2022:1436","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:1436"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:1437","reference_id":"RHSA-2022:1437","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:1437"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:1438","reference_id":"RHSA-2022:1438","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:1438"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:1439","reference_id":"RHSA-2022:1439","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:1439"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:1440","reference_id":"RHSA-2022:1440","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:1440"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:1441","reference_id":"RHSA-2022:1441","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:1441"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:1442","reference_id":"RHSA-2022:1442","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:1442"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:1443","reference_id":"RHSA-2022:1443","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:1443"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:1444","reference_id":"RHSA-2022:1444","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:1444"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:1445","reference_id":"RHSA-2022:1445","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:1445"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:1487","reference_id":"RHSA-2022:1487","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:1487"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:1488","reference_id":"RHSA-2022:1488","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:1488"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:1489","reference_id":"RHSA-2022:1489","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:1489"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:1490","reference_id":"RHSA-2022:1490","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:1490"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:1491","reference_id":"RHSA-2022:1491","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:1491"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:1492","reference_id":"RHSA-2022:1492","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:1492"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:1728","reference_id":"RHSA-2022:1728","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:1728"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:1729","reference_id":"RHSA-2022:1729","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:1729"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:2137","reference_id":"RHSA-2022:2137","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:2137"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:4957","reference_id":"RHSA-2022:4957","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:4957"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:4959","reference_id":"RHSA-2022:4959","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:4959"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5837","reference_id":"RHSA-2022:5837","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5837"},{"reference_url":"https://usn.ubuntu.com/5388-1/","reference_id":"USN-5388-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5388-1/"},{"reference_url":"https://usn.ubuntu.com/5388-2/","reference_id":"USN-5388-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5388-2/"},{"reference_url":"https://usn.ubuntu.com/5546-1/","reference_id":"USN-5546-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5546-1/"},{"reference_url":"https://usn.ubuntu.com/5546-2/","reference_id":"USN-5546-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5546-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/933612?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.3%2B7-1~deb11u1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.3%252B7-1~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933611?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.3%2B7-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.3%252B7-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933604?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.12%2B7-2~deb11u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1gha-995s-7qdg"},{"vulnerability":"VCID-57sd-8y93-qqhu"},{"vulnerability":"VCID-6r1k-8y1c-q7fm"},{"vulnerability":"VCID-jxgd-j4wr-tyb7"},{"vulnerability":"VCID-sz6r-65q1-q3bh"},{"vulnerability":"VCID-xte1-h9nn-4bbk"},{"vulnerability":"VCID-zsun-4q6p-8fek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.12%252B7-2~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933602?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1gha-995s-7qdg"},{"vulnerability":"VCID-57sd-8y93-qqhu"},{"vulnerability":"VCID-6r1k-8y1c-q7fm"},{"vulnerability":"VCID-jxgd-j4wr-tyb7"},{"vulnerability":"VCID-sz6r-65q1-q3bh"},{"vulnerability":"VCID-xte1-h9nn-4bbk"},{"vulnerability":"VCID-zsun-4q6p-8fek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.17%252B10-1~deb12u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933605?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~6ea-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~6ea-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1062446?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~9ea-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1067592?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~9ea-2?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-2%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1077466?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19%2B10-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19%252B10-1%3Fdistro=sid"}],"aliases":["CVE-2022-21496"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-y5qu-j3wt-wuej"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/70362?format=json","vulnerability_id":"VCID-y8bc-k5qu-c7f5","summary":"openjdk: Improve compiler transformations (Oracle CPU 2025-04)","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-30691.json","reference_id":"","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-30691.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-30691","reference_id":"","reference_type":"","scores":[{"value":"0.00369","scoring_system":"epss","scoring_elements":"0.58784","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00369","scoring_system":"epss","scoring_elements":"0.58774","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00369","scoring_system":"epss","scoring_elements":"0.58811","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00369","scoring_system":"epss","scoring_elements":"0.58826","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00369","scoring_system":"epss","scoring_elements":"0.5881","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00369","scoring_system":"epss","scoring_elements":"0.58805","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00369","scoring_system":"epss","scoring_elements":"0.58775","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00369","scoring_system":"epss","scoring_elements":"0.58827","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00369","scoring_system":"epss","scoring_elements":"0.58833","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00369","scoring_system":"epss","scoring_elements":"0.58851","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00369","scoring_system":"epss","scoring_elements":"0.58814","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00369","scoring_system":"epss","scoring_elements":"0.58846","published_at":"2026-04-16T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-30691"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-30691","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-30691"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103897","reference_id":"1103897","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103897"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103898","reference_id":"1103898","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103898"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103899","reference_id":"1103899","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103899"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103900","reference_id":"1103900","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103900"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2359694","reference_id":"2359694","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2359694"},{"reference_url":"https://www.oracle.com/security-alerts/cpuapr2025.html","reference_id":"cpuapr2025.html","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-16T14:24:18Z/"}],"url":"https://www.oracle.com/security-alerts/cpuapr2025.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3844","reference_id":"RHSA-2025:3844","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3844"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3845","reference_id":"RHSA-2025:3845","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3845"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3846","reference_id":"RHSA-2025:3846","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3846"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3847","reference_id":"RHSA-2025:3847","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3847"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3848","reference_id":"RHSA-2025:3848","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3848"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3849","reference_id":"RHSA-2025:3849","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3849"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3850","reference_id":"RHSA-2025:3850","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3850"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3852","reference_id":"RHSA-2025:3852","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3852"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3853","reference_id":"RHSA-2025:3853","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3853"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3854","reference_id":"RHSA-2025:3854","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3854"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3855","reference_id":"RHSA-2025:3855","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3855"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3856","reference_id":"RHSA-2025:3856","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3856"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3857","reference_id":"RHSA-2025:3857","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3857"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:7508","reference_id":"RHSA-2025:7508","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:7508"},{"reference_url":"https://usn.ubuntu.com/7480-1/","reference_id":"USN-7480-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7480-1/"},{"reference_url":"https://usn.ubuntu.com/7481-1/","reference_id":"USN-7481-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7481-1/"},{"reference_url":"https://usn.ubuntu.com/7482-1/","reference_id":"USN-7482-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7482-1/"},{"reference_url":"https://usn.ubuntu.com/7483-1/","reference_id":"USN-7483-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7483-1/"},{"reference_url":"https://usn.ubuntu.com/7484-1/","reference_id":"USN-7484-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7484-1/"},{"reference_url":"https://usn.ubuntu.com/7531-1/","reference_id":"USN-7531-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7531-1/"},{"reference_url":"https://usn.ubuntu.com/7533-1/","reference_id":"USN-7533-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7533-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/933604?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.12%2B7-2~deb11u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1gha-995s-7qdg"},{"vulnerability":"VCID-57sd-8y93-qqhu"},{"vulnerability":"VCID-6r1k-8y1c-q7fm"},{"vulnerability":"VCID-jxgd-j4wr-tyb7"},{"vulnerability":"VCID-sz6r-65q1-q3bh"},{"vulnerability":"VCID-xte1-h9nn-4bbk"},{"vulnerability":"VCID-zsun-4q6p-8fek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.12%252B7-2~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933641?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.15%2B6-1~deb11u1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.15%252B6-1~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933640?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.15%2B6-1~deb12u1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.15%252B6-1~deb12u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933642?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.15%2B6-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.15%252B6-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933602?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1gha-995s-7qdg"},{"vulnerability":"VCID-57sd-8y93-qqhu"},{"vulnerability":"VCID-6r1k-8y1c-q7fm"},{"vulnerability":"VCID-jxgd-j4wr-tyb7"},{"vulnerability":"VCID-sz6r-65q1-q3bh"},{"vulnerability":"VCID-xte1-h9nn-4bbk"},{"vulnerability":"VCID-zsun-4q6p-8fek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.17%252B10-1~deb12u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933605?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~6ea-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~6ea-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1062446?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~9ea-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1067592?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~9ea-2?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-2%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1077466?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19%2B10-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19%252B10-1%3Fdistro=sid"}],"aliases":["CVE-2025-30691"],"risk_score":2.1,"exploitability":"0.5","weighted_severity":"4.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-y8bc-k5qu-c7f5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/34347?format=json","vulnerability_id":"VCID-yxk8-59zb-y7g2","summary":"Multiple vulnerabilities have been found in OpenJDK, the worst of which could result in denial of service.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-35578.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-35578.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-35578","reference_id":"","reference_type":"","scores":[{"value":"0.00144","scoring_system":"epss","scoring_elements":"0.34514","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00144","scoring_system":"epss","scoring_elements":"0.3416","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00144","scoring_system":"epss","scoring_elements":"0.3429","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00144","scoring_system":"epss","scoring_elements":"0.34375","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00144","scoring_system":"epss","scoring_elements":"0.34758","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00144","scoring_system":"epss","scoring_elements":"0.34631","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00144","scoring_system":"epss","scoring_elements":"0.34671","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00144","scoring_system":"epss","scoring_elements":"0.34685","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00144","scoring_system":"epss","scoring_elements":"0.34648","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00144","scoring_system":"epss","scoring_elements":"0.34672","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00144","scoring_system":"epss","scoring_elements":"0.34711","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00144","scoring_system":"epss","scoring_elements":"0.34707","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00144","scoring_system":"epss","scoring_elements":"0.34679","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00144","scoring_system":"epss","scoring_elements":"0.34635","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00144","scoring_system":"epss","scoring_elements":"0.34732","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00144","scoring_system":"epss","scoring_elements":"0.34393","published_at":"2026-04-24T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-35578"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35550","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35550"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35556","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35556"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35559","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35559"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35561","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35561"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35564","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35564"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35565","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35565"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35567","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35567"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35578","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35578"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35586","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35586"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35603","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35603"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2015653","reference_id":"2015653","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2015653"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6EUURAQOIJYFZHQ7DFZCO6IKDPIAWTNK/","reference_id":"6EUURAQOIJYFZHQ7DFZCO6IKDPIAWTNK","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-18T17:53:39Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6EUURAQOIJYFZHQ7DFZCO6IKDPIAWTNK/"},{"reference_url":"https://security.archlinux.org/AVG-2477","reference_id":"AVG-2477","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2477"},{"reference_url":"https://security.archlinux.org/AVG-2478","reference_id":"AVG-2478","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2478"},{"reference_url":"https://security.archlinux.org/AVG-2479","reference_id":"AVG-2479","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2479"},{"reference_url":"https://www.debian.org/security/2021/dsa-5000","reference_id":"dsa-5000","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-18T17:53:39Z/"}],"url":"https://www.debian.org/security/2021/dsa-5000"},{"reference_url":"https://www.debian.org/security/2021/dsa-5012","reference_id":"dsa-5012","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-18T17:53:39Z/"}],"url":"https://www.debian.org/security/2021/dsa-5012"},{"reference_url":"https://security.gentoo.org/glsa/202209-05","reference_id":"GLSA-202209-05","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-18T17:53:39Z/"}],"url":"https://security.gentoo.org/glsa/202209-05"},{"reference_url":"https://security.gentoo.org/glsa/202409-26","reference_id":"GLSA-202409-26","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202409-26"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GTYZWIXDFUV2H57YQZJWPOD3BC3I3EIQ/","reference_id":"GTYZWIXDFUV2H57YQZJWPOD3BC3I3EIQ","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-18T17:53:39Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GTYZWIXDFUV2H57YQZJWPOD3BC3I3EIQ/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GXTUWAWXVU37GRNIG4TPMA47THO6VAE6/","reference_id":"GXTUWAWXVU37GRNIG4TPMA47THO6VAE6","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-18T17:53:39Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GXTUWAWXVU37GRNIG4TPMA47THO6VAE6/"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2021/11/msg00008.html","reference_id":"msg00008.html","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-18T17:53:39Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2021/11/msg00008.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3884","reference_id":"RHSA-2021:3884","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3884"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3885","reference_id":"RHSA-2021:3885","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3885"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3886","reference_id":"RHSA-2021:3886","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3886"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3887","reference_id":"RHSA-2021:3887","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3887"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3889","reference_id":"RHSA-2021:3889","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3889"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3891","reference_id":"RHSA-2021:3891","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3891"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3892","reference_id":"RHSA-2021:3892","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3892"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3893","reference_id":"RHSA-2021:3893","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3893"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3960","reference_id":"RHSA-2021:3960","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3960"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3961","reference_id":"RHSA-2021:3961","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3961"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3967","reference_id":"RHSA-2021:3967","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3967"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3968","reference_id":"RHSA-2021:3968","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3968"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:4135","reference_id":"RHSA-2021:4135","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:4135"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:4531","reference_id":"RHSA-2021:4531","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:4531"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:4532","reference_id":"RHSA-2021:4532","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:4532"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:5030","reference_id":"RHSA-2021:5030","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:5030"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0345","reference_id":"RHSA-2022:0345","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0345"},{"reference_url":"https://usn.ubuntu.com/5202-1/","reference_id":"USN-5202-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5202-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/933607?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.1%2B12-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.1%252B12-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933608?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.1%2B12-1%2Bdeb11u2?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.1%252B12-1%252Bdeb11u2%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933604?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.12%2B7-2~deb11u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1gha-995s-7qdg"},{"vulnerability":"VCID-57sd-8y93-qqhu"},{"vulnerability":"VCID-6r1k-8y1c-q7fm"},{"vulnerability":"VCID-jxgd-j4wr-tyb7"},{"vulnerability":"VCID-sz6r-65q1-q3bh"},{"vulnerability":"VCID-xte1-h9nn-4bbk"},{"vulnerability":"VCID-zsun-4q6p-8fek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.12%252B7-2~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933602?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1gha-995s-7qdg"},{"vulnerability":"VCID-57sd-8y93-qqhu"},{"vulnerability":"VCID-6r1k-8y1c-q7fm"},{"vulnerability":"VCID-jxgd-j4wr-tyb7"},{"vulnerability":"VCID-sz6r-65q1-q3bh"},{"vulnerability":"VCID-xte1-h9nn-4bbk"},{"vulnerability":"VCID-zsun-4q6p-8fek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.17%252B10-1~deb12u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933605?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~6ea-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~6ea-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1062446?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~9ea-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1067592?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~9ea-2?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-2%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1077466?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19%2B10-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19%252B10-1%3Fdistro=sid"}],"aliases":["CVE-2021-35578"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-yxk8-59zb-y7g2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/31979?format=json","vulnerability_id":"VCID-z356-tw9t-q7bp","summary":"Multiple vulnerabilities have been discovered in OpenJDK, the worst of which could lead to remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21210.json","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21210.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-21210","reference_id":"","reference_type":"","scores":[{"value":"0.00144","scoring_system":"epss","scoring_elements":"0.34161","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00144","scoring_system":"epss","scoring_elements":"0.34394","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00144","scoring_system":"epss","scoring_elements":"0.34375","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00144","scoring_system":"epss","scoring_elements":"0.34291","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00144","scoring_system":"epss","scoring_elements":"0.34732","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00144","scoring_system":"epss","scoring_elements":"0.34758","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00144","scoring_system":"epss","scoring_elements":"0.34636","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00144","scoring_system":"epss","scoring_elements":"0.34679","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00144","scoring_system":"epss","scoring_elements":"0.34708","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00144","scoring_system":"epss","scoring_elements":"0.34711","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00144","scoring_system":"epss","scoring_elements":"0.34672","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00144","scoring_system":"epss","scoring_elements":"0.34648","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00144","scoring_system":"epss","scoring_elements":"0.34685","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00144","scoring_system":"epss","scoring_elements":"0.34671","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00144","scoring_system":"epss","scoring_elements":"0.34631","published_at":"2026-04-21T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-21210"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21210","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21210"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1085696","reference_id":"1085696","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1085696"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2318524","reference_id":"2318524","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2318524"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:11.0.24:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:java_se:11.0.24:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:11.0.24:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:17.0.12:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:java_se:17.0.12:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:17.0.12:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:21.0.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:java_se:21.0.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:21.0.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:23:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:java_se:23:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:23:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:8u421:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:java_se:8u421:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:8u421:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:8u421:*:*:*:enterprise_performance:*:*:*","reference_id":"cpe:2.3:a:oracle:java_se:8u421:*:*:*:enterprise_performance:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:8u421:*:*:*:enterprise_performance:*:*:*"},{"reference_url":"https://security.gentoo.org/glsa/202412-07","reference_id":"GLSA-202412-07","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202412-07"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10926","reference_id":"RHSA-2024:10926","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10926"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8116","reference_id":"RHSA-2024:8116","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8116"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8117","reference_id":"RHSA-2024:8117","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8117"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8118","reference_id":"RHSA-2024:8118","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8118"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8119","reference_id":"RHSA-2024:8119","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8119"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8120","reference_id":"RHSA-2024:8120","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8120"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8121","reference_id":"RHSA-2024:8121","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8121"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8122","reference_id":"RHSA-2024:8122","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8122"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8123","reference_id":"RHSA-2024:8123","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8123"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8124","reference_id":"RHSA-2024:8124","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8124"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8125","reference_id":"RHSA-2024:8125","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8125"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8126","reference_id":"RHSA-2024:8126","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8126"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8127","reference_id":"RHSA-2024:8127","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8127"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8128","reference_id":"RHSA-2024:8128","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8128"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8129","reference_id":"RHSA-2024:8129","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8129"},{"reference_url":"https://usn.ubuntu.com/7096-1/","reference_id":"USN-7096-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7096-1/"},{"reference_url":"https://usn.ubuntu.com/7097-1/","reference_id":"USN-7097-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7097-1/"},{"reference_url":"https://usn.ubuntu.com/7098-1/","reference_id":"USN-7098-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7098-1/"},{"reference_url":"https://usn.ubuntu.com/7099-1/","reference_id":"USN-7099-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7099-1/"},{"reference_url":"https://usn.ubuntu.com/7124-1/","reference_id":"USN-7124-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7124-1/"},{"reference_url":"https://usn.ubuntu.com/7338-1/","reference_id":"USN-7338-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7338-1/"},{"reference_url":"https://usn.ubuntu.com/7339-1/","reference_id":"USN-7339-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7339-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/933604?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.12%2B7-2~deb11u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1gha-995s-7qdg"},{"vulnerability":"VCID-57sd-8y93-qqhu"},{"vulnerability":"VCID-6r1k-8y1c-q7fm"},{"vulnerability":"VCID-jxgd-j4wr-tyb7"},{"vulnerability":"VCID-sz6r-65q1-q3bh"},{"vulnerability":"VCID-xte1-h9nn-4bbk"},{"vulnerability":"VCID-zsun-4q6p-8fek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.12%252B7-2~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933635?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.13%2B11-1~deb11u1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.13%252B11-1~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933636?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.13%2B11-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.13%252B11-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933634?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.13%2B11-2~deb12u1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.13%252B11-2~deb12u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933602?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1gha-995s-7qdg"},{"vulnerability":"VCID-57sd-8y93-qqhu"},{"vulnerability":"VCID-6r1k-8y1c-q7fm"},{"vulnerability":"VCID-jxgd-j4wr-tyb7"},{"vulnerability":"VCID-sz6r-65q1-q3bh"},{"vulnerability":"VCID-xte1-h9nn-4bbk"},{"vulnerability":"VCID-zsun-4q6p-8fek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.17%252B10-1~deb12u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933605?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~6ea-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~6ea-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1062446?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~9ea-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1067592?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~9ea-2?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-2%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1077466?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19%2B10-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19%252B10-1%3Fdistro=sid"}],"aliases":["CVE-2024-21210"],"risk_score":1.6,"exploitability":"0.5","weighted_severity":"3.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-z356-tw9t-q7bp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/76843?format=json","vulnerability_id":"VCID-zdra-bzqn-4ug9","summary":"OpenJDK: integer overflow in C1 compiler address generation (8322122)","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21068.json","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21068.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-21068","reference_id":"","reference_type":"","scores":[{"value":"0.0054","scoring_system":"epss","scoring_elements":"0.67649","published_at":"2026-05-05T12:55:00Z"},{"value":"0.0054","scoring_system":"epss","scoring_elements":"0.67648","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0054","scoring_system":"epss","scoring_elements":"0.67616","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0054","scoring_system":"epss","scoring_elements":"0.6765","published_at":"2026-04-16T12:55:00Z"},{"value":"0.0054","scoring_system":"epss","scoring_elements":"0.67641","published_at":"2026-04-21T12:55:00Z"},{"value":"0.0054","scoring_system":"epss","scoring_elements":"0.67661","published_at":"2026-04-24T12:55:00Z"},{"value":"0.0054","scoring_system":"epss","scoring_elements":"0.67671","published_at":"2026-04-26T12:55:00Z"},{"value":"0.0054","scoring_system":"epss","scoring_elements":"0.67673","published_at":"2026-04-29T12:55:00Z"},{"value":"0.0054","scoring_system":"epss","scoring_elements":"0.67576","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0054","scoring_system":"epss","scoring_elements":"0.67597","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0054","scoring_system":"epss","scoring_elements":"0.67575","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0054","scoring_system":"epss","scoring_elements":"0.67627","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0054","scoring_system":"epss","scoring_elements":"0.6764","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0054","scoring_system":"epss","scoring_elements":"0.67663","published_at":"2026-04-18T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-21068"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21011","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21011"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21012","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21012"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21068","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21068"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21085","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21085"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21094","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21094"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1069678","reference_id":"1069678","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1069678"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2275003","reference_id":"2275003","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2275003"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm:21.3.9:*:*:*:enterprise:*:*:*","reference_id":"cpe:2.3:a:oracle:graalvm:21.3.9:*:*:*:enterprise:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm:21.3.9:*:*:*:enterprise:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:17.0.10:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:graalvm_for_jdk:17.0.10:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:17.0.10:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:21.0.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:graalvm_for_jdk:21.0.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:21.0.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:22:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:graalvm_for_jdk:22:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:22:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:11.0.22:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:java_se:11.0.22:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:11.0.22:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:17.0.10:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:java_se:17.0.10:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:17.0.10:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:21.0.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:java_se:21.0.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:21.0.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:22:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:java_se:22:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:22:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:8u401:*:*:*:enterprise_performance:*:*:*","reference_id":"cpe:2.3:a:oracle:java_se:8u401:*:*:*:enterprise_performance:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:8u401:*:*:*:enterprise_performance:*:*:*"},{"reference_url":"https://www.oracle.com/security-alerts/cpuapr2024.html","reference_id":"cpuapr2024.html","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-03T19:30:18Z/"}],"url":"https://www.oracle.com/security-alerts/cpuapr2024.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2024/04/msg00014.html","reference_id":"msg00014.html","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-03T19:30:18Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2024/04/msg00014.html"},{"reference_url":"https://security.netapp.com/advisory/ntap-20240426-0004/","reference_id":"ntap-20240426-0004","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-03T19:30:18Z/"}],"url":"https://security.netapp.com/advisory/ntap-20240426-0004/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1815","reference_id":"RHSA-2024:1815","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1815"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1816","reference_id":"RHSA-2024:1816","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1816"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1817","reference_id":"RHSA-2024:1817","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1817"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1818","reference_id":"RHSA-2024:1818","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1818"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1819","reference_id":"RHSA-2024:1819","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1819"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1820","reference_id":"RHSA-2024:1820","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1820"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1821","reference_id":"RHSA-2024:1821","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1821"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1822","reference_id":"RHSA-2024:1822","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1822"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1823","reference_id":"RHSA-2024:1823","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1823"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1824","reference_id":"RHSA-2024:1824","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1824"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1825","reference_id":"RHSA-2024:1825","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1825"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1826","reference_id":"RHSA-2024:1826","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1826"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1827","reference_id":"RHSA-2024:1827","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1827"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1828","reference_id":"RHSA-2024:1828","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1828"},{"reference_url":"https://usn.ubuntu.com/6810-1/","reference_id":"USN-6810-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6810-1/"},{"reference_url":"https://usn.ubuntu.com/6811-1/","reference_id":"USN-6811-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6811-1/"},{"reference_url":"https://usn.ubuntu.com/6812-1/","reference_id":"USN-6812-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6812-1/"},{"reference_url":"https://usn.ubuntu.com/6813-1/","reference_id":"USN-6813-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6813-1/"},{"reference_url":"https://usn.ubuntu.com/7096-1/","reference_id":"USN-7096-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7096-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/933630?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.11%2B9-1~deb11u1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.11%252B9-1~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933629?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.11%2B9-1~deb12u1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.11%252B9-1~deb12u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933631?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.11%2B9-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.11%252B9-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933604?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.12%2B7-2~deb11u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1gha-995s-7qdg"},{"vulnerability":"VCID-57sd-8y93-qqhu"},{"vulnerability":"VCID-6r1k-8y1c-q7fm"},{"vulnerability":"VCID-jxgd-j4wr-tyb7"},{"vulnerability":"VCID-sz6r-65q1-q3bh"},{"vulnerability":"VCID-xte1-h9nn-4bbk"},{"vulnerability":"VCID-zsun-4q6p-8fek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.12%252B7-2~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933602?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1gha-995s-7qdg"},{"vulnerability":"VCID-57sd-8y93-qqhu"},{"vulnerability":"VCID-6r1k-8y1c-q7fm"},{"vulnerability":"VCID-jxgd-j4wr-tyb7"},{"vulnerability":"VCID-sz6r-65q1-q3bh"},{"vulnerability":"VCID-xte1-h9nn-4bbk"},{"vulnerability":"VCID-zsun-4q6p-8fek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.17%252B10-1~deb12u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933605?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~6ea-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~6ea-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1062446?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~9ea-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1067592?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~9ea-2?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-2%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1077466?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19%2B10-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19%252B10-1%3Fdistro=sid"}],"aliases":["CVE-2024-21068"],"risk_score":1.6,"exploitability":"0.5","weighted_severity":"3.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zdra-bzqn-4ug9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/74707?format=json","vulnerability_id":"VCID-zgpr-3zft-zqgt","summary":"OpenJDK: Range Check Elimination (RCE) pre-loop limit overflow (8320548)","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21140.json","reference_id":"","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21140.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-21140","reference_id":"","reference_type":"","scores":[{"value":"0.00568","scoring_system":"epss","scoring_elements":"0.68543","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00568","scoring_system":"epss","scoring_elements":"0.68569","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00568","scoring_system":"epss","scoring_elements":"0.68556","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00568","scoring_system":"epss","scoring_elements":"0.68526","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00568","scoring_system":"epss","scoring_elements":"0.68566","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00568","scoring_system":"epss","scoring_elements":"0.68579","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00568","scoring_system":"epss","scoring_elements":"0.68605","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00568","scoring_system":"epss","scoring_elements":"0.6861","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00568","scoring_system":"epss","scoring_elements":"0.68479","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00568","scoring_system":"epss","scoring_elements":"0.68498","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00568","scoring_system":"epss","scoring_elements":"0.68475","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00568","scoring_system":"epss","scoring_elements":"0.68525","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00584","scoring_system":"epss","scoring_elements":"0.69107","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00584","scoring_system":"epss","scoring_elements":"0.69087","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-21140"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21131","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21131"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21138","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21138"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21140","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21140"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21144","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21144"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21145","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21145"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21147","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21147"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2297963","reference_id":"2297963","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2297963"},{"reference_url":"https://www.oracle.com/security-alerts/cpujul2024.html","reference_id":"cpujul2024.html","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-17T13:27:50Z/"}],"url":"https://www.oracle.com/security-alerts/cpujul2024.html"},{"reference_url":"https://security.netapp.com/advisory/ntap-20240719-0008/","reference_id":"ntap-20240719-0008","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-17T13:27:50Z/"}],"url":"https://security.netapp.com/advisory/ntap-20240719-0008/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4560","reference_id":"RHSA-2024:4560","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4560"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4561","reference_id":"RHSA-2024:4561","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4561"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4562","reference_id":"RHSA-2024:4562","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4562"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4563","reference_id":"RHSA-2024:4563","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4563"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4564","reference_id":"RHSA-2024:4564","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4564"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4565","reference_id":"RHSA-2024:4565","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4565"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4566","reference_id":"RHSA-2024:4566","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4566"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4567","reference_id":"RHSA-2024:4567","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4567"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4568","reference_id":"RHSA-2024:4568","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4568"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4569","reference_id":"RHSA-2024:4569","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4569"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4570","reference_id":"RHSA-2024:4570","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4570"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4571","reference_id":"RHSA-2024:4571","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4571"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4572","reference_id":"RHSA-2024:4572","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4572"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4573","reference_id":"RHSA-2024:4573","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4573"},{"reference_url":"https://usn.ubuntu.com/6929-1/","reference_id":"USN-6929-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6929-1/"},{"reference_url":"https://usn.ubuntu.com/6930-1/","reference_id":"USN-6930-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6930-1/"},{"reference_url":"https://usn.ubuntu.com/6931-1/","reference_id":"USN-6931-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6931-1/"},{"reference_url":"https://usn.ubuntu.com/6932-1/","reference_id":"USN-6932-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6932-1/"},{"reference_url":"https://usn.ubuntu.com/7096-1/","reference_id":"USN-7096-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7096-1/"},{"reference_url":"https://usn.ubuntu.com/7097-1/","reference_id":"USN-7097-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7097-1/"},{"reference_url":"https://usn.ubuntu.com/7098-1/","reference_id":"USN-7098-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7098-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/933633?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.12%2B7-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.12%252B7-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933604?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.12%2B7-2~deb11u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1gha-995s-7qdg"},{"vulnerability":"VCID-57sd-8y93-qqhu"},{"vulnerability":"VCID-6r1k-8y1c-q7fm"},{"vulnerability":"VCID-jxgd-j4wr-tyb7"},{"vulnerability":"VCID-sz6r-65q1-q3bh"},{"vulnerability":"VCID-xte1-h9nn-4bbk"},{"vulnerability":"VCID-zsun-4q6p-8fek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.12%252B7-2~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933632?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.12%2B7-2~deb12u1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.12%252B7-2~deb12u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933602?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1gha-995s-7qdg"},{"vulnerability":"VCID-57sd-8y93-qqhu"},{"vulnerability":"VCID-6r1k-8y1c-q7fm"},{"vulnerability":"VCID-jxgd-j4wr-tyb7"},{"vulnerability":"VCID-sz6r-65q1-q3bh"},{"vulnerability":"VCID-xte1-h9nn-4bbk"},{"vulnerability":"VCID-zsun-4q6p-8fek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.17%252B10-1~deb12u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933605?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~6ea-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~6ea-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1062446?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~9ea-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1067592?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~9ea-2?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-2%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1077466?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19%2B10-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19%252B10-1%3Fdistro=sid"}],"aliases":["CVE-2024-21140"],"risk_score":2.1,"exploitability":"0.5","weighted_severity":"4.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zgpr-3zft-zqgt"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/79487?format=json","vulnerability_id":"VCID-zh9v-47ue-p7ep","summary":"OpenJDK: Improper object-to-string conversion in AnnotationInvocationHandler (Libraries, 8277672)","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21434.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21434.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-21434","reference_id":"","reference_type":"","scores":[{"value":"0.00108","scoring_system":"epss","scoring_elements":"0.2849","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00108","scoring_system":"epss","scoring_elements":"0.28643","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00108","scoring_system":"epss","scoring_elements":"0.28713","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00108","scoring_system":"epss","scoring_elements":"0.28823","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00108","scoring_system":"epss","scoring_elements":"0.28972","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00108","scoring_system":"epss","scoring_elements":"0.29161","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00108","scoring_system":"epss","scoring_elements":"0.2911","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00108","scoring_system":"epss","scoring_elements":"0.28946","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00108","scoring_system":"epss","scoring_elements":"0.28992","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00108","scoring_system":"epss","scoring_elements":"0.29014","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00108","scoring_system":"epss","scoring_elements":"0.2899","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00108","scoring_system":"epss","scoring_elements":"0.2904","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00108","scoring_system":"epss","scoring_elements":"0.29084","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00108","scoring_system":"epss","scoring_elements":"0.29078","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00108","scoring_system":"epss","scoring_elements":"0.29036","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-21434"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21426","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21426"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21434","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21434"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21443","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21443"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21449","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21449"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21476","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21476"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21496","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21496"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2075836","reference_id":"2075836","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2075836"},{"reference_url":"https://security.archlinux.org/AVG-2686","reference_id":"AVG-2686","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2686"},{"reference_url":"https://security.archlinux.org/AVG-2687","reference_id":"AVG-2687","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2687"},{"reference_url":"https://security.archlinux.org/AVG-2688","reference_id":"AVG-2688","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2688"},{"reference_url":"https://security.archlinux.org/AVG-2689","reference_id":"AVG-2689","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2689"},{"reference_url":"https://www.debian.org/security/2022/dsa-5128","reference_id":"dsa-5128","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-02T19:51:37Z/"}],"url":"https://www.debian.org/security/2022/dsa-5128"},{"reference_url":"https://www.debian.org/security/2022/dsa-5131","reference_id":"dsa-5131","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-02T19:51:37Z/"}],"url":"https://www.debian.org/security/2022/dsa-5131"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2022/05/msg00017.html","reference_id":"msg00017.html","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-02T19:51:37Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2022/05/msg00017.html"},{"reference_url":"https://security.netapp.com/advisory/ntap-20220429-0006/","reference_id":"ntap-20220429-0006","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-02T19:51:37Z/"}],"url":"https://security.netapp.com/advisory/ntap-20220429-0006/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:1435","reference_id":"RHSA-2022:1435","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:1435"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:1436","reference_id":"RHSA-2022:1436","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:1436"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:1437","reference_id":"RHSA-2022:1437","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:1437"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:1438","reference_id":"RHSA-2022:1438","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:1438"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:1439","reference_id":"RHSA-2022:1439","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:1439"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:1440","reference_id":"RHSA-2022:1440","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:1440"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:1441","reference_id":"RHSA-2022:1441","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:1441"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:1442","reference_id":"RHSA-2022:1442","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:1442"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:1443","reference_id":"RHSA-2022:1443","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:1443"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:1444","reference_id":"RHSA-2022:1444","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:1444"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:1445","reference_id":"RHSA-2022:1445","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:1445"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:1487","reference_id":"RHSA-2022:1487","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:1487"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:1488","reference_id":"RHSA-2022:1488","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:1488"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:1489","reference_id":"RHSA-2022:1489","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:1489"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:1490","reference_id":"RHSA-2022:1490","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:1490"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:1491","reference_id":"RHSA-2022:1491","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:1491"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:1492","reference_id":"RHSA-2022:1492","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:1492"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:1728","reference_id":"RHSA-2022:1728","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:1728"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:1729","reference_id":"RHSA-2022:1729","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:1729"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:2137","reference_id":"RHSA-2022:2137","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:2137"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:4957","reference_id":"RHSA-2022:4957","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:4957"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:4959","reference_id":"RHSA-2022:4959","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:4959"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5837","reference_id":"RHSA-2022:5837","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5837"},{"reference_url":"https://usn.ubuntu.com/5388-1/","reference_id":"USN-5388-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5388-1/"},{"reference_url":"https://usn.ubuntu.com/5388-2/","reference_id":"USN-5388-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5388-2/"},{"reference_url":"https://usn.ubuntu.com/5546-1/","reference_id":"USN-5546-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5546-1/"},{"reference_url":"https://usn.ubuntu.com/5546-2/","reference_id":"USN-5546-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5546-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/933612?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.3%2B7-1~deb11u1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.3%252B7-1~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933611?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.3%2B7-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.3%252B7-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933604?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.12%2B7-2~deb11u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1gha-995s-7qdg"},{"vulnerability":"VCID-57sd-8y93-qqhu"},{"vulnerability":"VCID-6r1k-8y1c-q7fm"},{"vulnerability":"VCID-jxgd-j4wr-tyb7"},{"vulnerability":"VCID-sz6r-65q1-q3bh"},{"vulnerability":"VCID-xte1-h9nn-4bbk"},{"vulnerability":"VCID-zsun-4q6p-8fek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.12%252B7-2~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933602?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1gha-995s-7qdg"},{"vulnerability":"VCID-57sd-8y93-qqhu"},{"vulnerability":"VCID-6r1k-8y1c-q7fm"},{"vulnerability":"VCID-jxgd-j4wr-tyb7"},{"vulnerability":"VCID-sz6r-65q1-q3bh"},{"vulnerability":"VCID-xte1-h9nn-4bbk"},{"vulnerability":"VCID-zsun-4q6p-8fek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.17%252B10-1~deb12u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933605?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~6ea-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~6ea-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1062446?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~9ea-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1067592?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~9ea-2?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-2%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1077466?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19%2B10-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19%252B10-1%3Fdistro=sid"}],"aliases":["CVE-2022-21434"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zh9v-47ue-p7ep"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/353820?format=json","vulnerability_id":"VCID-zsun-4q6p-8fek","summary":"Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JGSS). Supported versions that are affected are Oracle Java SE: 8u481, 8u481-b50, 8u481-perf, 11.0.30, 17.0.18, 21.0.10, 25.0.2, 26; Oracle GraalVM for JDK: 17.0.18 and 21.0.10; Oracle GraalVM Enterprise Edition: 21.3.17. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.1 Base Score 5.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N).","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-22013.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-22013.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-22013","reference_id":"","reference_type":"","scores":[{"value":"0.0004","scoring_system":"epss","scoring_elements":"0.12084","published_at":"2026-04-26T12:55:00Z"},{"value":"0.0004","scoring_system":"epss","scoring_elements":"0.12118","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00052","scoring_system":"epss","scoring_elements":"0.15882","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00052","scoring_system":"epss","scoring_elements":"0.16002","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-22013"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-22013","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-22013"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1134894","reference_id":"1134894","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1134894"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2460040","reference_id":"2460040","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2460040"},{"reference_url":"https://www.oracle.com/security-alerts/cpuapr2026.html","reference_id":"cpuapr2026.html","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-22T14:09:34Z/"}],"url":"https://www.oracle.com/security-alerts/cpuapr2026.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11403","reference_id":"RHSA-2026:11403","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:11403"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11655","reference_id":"RHSA-2026:11655","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:11655"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11822","reference_id":"RHSA-2026:11822","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:11822"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11829","reference_id":"RHSA-2026:11829","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:11829"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11902","reference_id":"RHSA-2026:11902","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:11902"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9254","reference_id":"RHSA-2026:9254","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9254"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9255","reference_id":"RHSA-2026:9255","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9255"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9256","reference_id":"RHSA-2026:9256","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9256"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9682","reference_id":"RHSA-2026:9682","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9682"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9683","reference_id":"RHSA-2026:9683","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9683"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9684","reference_id":"RHSA-2026:9684","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9684"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9685","reference_id":"RHSA-2026:9685","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9685"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9686","reference_id":"RHSA-2026:9686","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9686"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9687","reference_id":"RHSA-2026:9687","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9687"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9688","reference_id":"RHSA-2026:9688","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9688"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9689","reference_id":"RHSA-2026:9689","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9689"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9690","reference_id":"RHSA-2026:9690","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9690"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9691","reference_id":"RHSA-2026:9691","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9691"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9693","reference_id":"RHSA-2026:9693","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9693"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9694","reference_id":"RHSA-2026:9694","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9694"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1103025?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19%2B10-1~deb11u1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19%252B10-1~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933604?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.12%2B7-2~deb11u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1gha-995s-7qdg"},{"vulnerability":"VCID-57sd-8y93-qqhu"},{"vulnerability":"VCID-6r1k-8y1c-q7fm"},{"vulnerability":"VCID-jxgd-j4wr-tyb7"},{"vulnerability":"VCID-sz6r-65q1-q3bh"},{"vulnerability":"VCID-xte1-h9nn-4bbk"},{"vulnerability":"VCID-zsun-4q6p-8fek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.12%252B7-2~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933602?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1gha-995s-7qdg"},{"vulnerability":"VCID-57sd-8y93-qqhu"},{"vulnerability":"VCID-6r1k-8y1c-q7fm"},{"vulnerability":"VCID-jxgd-j4wr-tyb7"},{"vulnerability":"VCID-sz6r-65q1-q3bh"},{"vulnerability":"VCID-xte1-h9nn-4bbk"},{"vulnerability":"VCID-zsun-4q6p-8fek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.17%252B10-1~deb12u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1088715?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19%2B10-1~deb12u2?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19%252B10-1~deb12u2%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1077466?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19%2B10-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19%252B10-1%3Fdistro=sid"}],"aliases":["CVE-2026-22013"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zsun-4q6p-8fek"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/34353?format=json","vulnerability_id":"VCID-ztx2-xh6v-nke1","summary":"Multiple vulnerabilities have been found in OpenJDK, the worst of which could result in denial of service.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21277.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21277.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-21277","reference_id":"","reference_type":"","scores":[{"value":"0.00164","scoring_system":"epss","scoring_elements":"0.37445","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00164","scoring_system":"epss","scoring_elements":"0.3747","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00882","scoring_system":"epss","scoring_elements":"0.75391","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00882","scoring_system":"epss","scoring_elements":"0.75412","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00882","scoring_system":"epss","scoring_elements":"0.7539","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00882","scoring_system":"epss","scoring_elements":"0.75378","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00882","scoring_system":"epss","scoring_elements":"0.7542","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00882","scoring_system":"epss","scoring_elements":"0.75426","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00882","scoring_system":"epss","scoring_elements":"0.75416","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00882","scoring_system":"epss","scoring_elements":"0.7545","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00882","scoring_system":"epss","scoring_elements":"0.75455","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00882","scoring_system":"epss","scoring_elements":"0.75459","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00882","scoring_system":"epss","scoring_elements":"0.75467","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00882","scoring_system":"epss","scoring_elements":"0.75338","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00882","scoring_system":"epss","scoring_elements":"0.75382","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-21277"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21248","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21248"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21277","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21277"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21282","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21282"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21283","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21283"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21291","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21291"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21293","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21293"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21294","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21294"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21296","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21296"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21299","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21299"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21305","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21305"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21340","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21340"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21341","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21341"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21360","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21360"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21365","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21365"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21366","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21366"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2041479","reference_id":"2041479","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2041479"},{"reference_url":"https://security.gentoo.org/glsa/202209-05","reference_id":"GLSA-202209-05","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202209-05"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0161","reference_id":"RHSA-2022:0161","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0161"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0165","reference_id":"RHSA-2022:0165","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0165"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0166","reference_id":"RHSA-2022:0166","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0166"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0185","reference_id":"RHSA-2022:0185","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0185"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0204","reference_id":"RHSA-2022:0204","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0204"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0209","reference_id":"RHSA-2022:0209","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0209"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0211","reference_id":"RHSA-2022:0211","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0211"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0228","reference_id":"RHSA-2022:0228","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0228"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0229","reference_id":"RHSA-2022:0229","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0229"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0233","reference_id":"RHSA-2022:0233","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0233"},{"reference_url":"https://usn.ubuntu.com/5313-1/","reference_id":"USN-5313-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5313-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/933610?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.2%2B8-1~deb11u1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.2%252B8-1~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933609?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.2%2B8-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.2%252B8-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933604?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.12%2B7-2~deb11u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1gha-995s-7qdg"},{"vulnerability":"VCID-57sd-8y93-qqhu"},{"vulnerability":"VCID-6r1k-8y1c-q7fm"},{"vulnerability":"VCID-jxgd-j4wr-tyb7"},{"vulnerability":"VCID-sz6r-65q1-q3bh"},{"vulnerability":"VCID-xte1-h9nn-4bbk"},{"vulnerability":"VCID-zsun-4q6p-8fek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.12%252B7-2~deb11u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933602?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.17%2B10-1~deb12u1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1gha-995s-7qdg"},{"vulnerability":"VCID-57sd-8y93-qqhu"},{"vulnerability":"VCID-6r1k-8y1c-q7fm"},{"vulnerability":"VCID-jxgd-j4wr-tyb7"},{"vulnerability":"VCID-sz6r-65q1-q3bh"},{"vulnerability":"VCID-xte1-h9nn-4bbk"},{"vulnerability":"VCID-zsun-4q6p-8fek"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.17%252B10-1~deb12u1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/933605?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~6ea-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~6ea-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1062446?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~9ea-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1067592?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19~9ea-2?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19~9ea-2%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1077466?format=json","purl":"pkg:deb/debian/openjdk-17@17.0.19%2B10-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.19%252B10-1%3Fdistro=sid"}],"aliases":["CVE-2022-21277"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ztx2-xh6v-nke1"}],"risk_score":"3.4","resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjdk-17@17.0.12%252B7-2~deb11u1%3Fdistro=sid"}