{"url":"http://public2.vulnerablecode.io/api/packages/933719?format=json","purl":"pkg:deb/debian/openjfx@11.0.11%2B1-3?distro=trixie","type":"deb","namespace":"debian","name":"openjfx","version":"11.0.11+1-3","qualifiers":{"distro":"trixie"},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":"11.0.11+1-7","latest_non_vulnerable_version":"11.0.11+1-7","affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/50862?format=json","vulnerability_id":"VCID-26wp-rmjk-huc8","summary":"Multiple vulnerabilities have been found in Oracle's JRE and JDK\n    software suites allowing remote attackers to remotely execute arbitrary\n    code, obtain information, and cause Denial of Service.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00011.html","reference_id":"","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-11T20:11:32Z/"}],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00011.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00024.html","reference_id":"","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-11T20:11:32Z/"}],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00024.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00032.html","reference_id":"","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-11T20:11:32Z/"}],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00032.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00033.html","reference_id":"","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-11T20:11:32Z/"}],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00033.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00034.html","reference_id":"","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-11T20:11:32Z/"}],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00034.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00035.html","reference_id":"","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-11T20:11:32Z/"}],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00035.html"},{"reference_url":"http://lists.opensuse.org/opensuse-updates/2016-08/msg00028.html","reference_id":"","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-11T20:11:32Z/"}],"url":"http://lists.opensuse.org/opensuse-updates/2016-08/msg00028.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3498.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3498.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-3498","reference_id":"","reference_type":"","scores":[{"value":"0.07768","scoring_system":"epss","scoring_elements":"0.91967","published_at":"2026-04-29T12:55:00Z"},{"value":"0.07768","scoring_system":"epss","scoring_elements":"0.91951","published_at":"2026-04-08T12:55:00Z"},{"value":"0.07768","scoring_system":"epss","scoring_elements":"0.91956","published_at":"2026-04-09T12:55:00Z"},{"value":"0.07768","scoring_system":"epss","scoring_elements":"0.91959","published_at":"2026-04-12T12:55:00Z"},{"value":"0.07768","scoring_system":"epss","scoring_elements":"0.91955","published_at":"2026-04-13T12:55:00Z"},{"value":"0.07768","scoring_system":"epss","scoring_elements":"0.91975","published_at":"2026-04-16T12:55:00Z"},{"value":"0.07768","scoring_system":"epss","scoring_elements":"0.91972","published_at":"2026-04-18T12:55:00Z"},{"value":"0.07768","scoring_system":"epss","scoring_elements":"0.91968","published_at":"2026-04-21T12:55:00Z"},{"value":"0.07768","scoring_system":"epss","scoring_elements":"0.91973","published_at":"2026-04-24T12:55:00Z"},{"value":"0.07768","scoring_system":"epss","scoring_elements":"0.91971","published_at":"2026-04-26T12:55:00Z"},{"value":"0.07768","scoring_system":"epss","scoring_elements":"0.91916","published_at":"2026-04-01T12:55:00Z"},{"value":"0.07768","scoring_system":"epss","scoring_elements":"0.91924","published_at":"2026-04-02T12:55:00Z"},{"value":"0.07768","scoring_system":"epss","scoring_elements":"0.91931","published_at":"2026-04-04T12:55:00Z"},{"value":"0.07768","scoring_system":"epss","scoring_elements":"0.91938","published_at":"2026-04-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-3498"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3498","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3498"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:N/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://security.netapp.com/advisory/ntap-20160721-0001/","reference_id":"","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-11T20:11:32Z/"}],"url":"https://security.netapp.com/advisory/ntap-20160721-0001/"},{"reference_url":"http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html","reference_id":"","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-11T20:11:32Z/"}],"url":"http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html"},{"reference_url":"http://www.securityfocus.com/bid/91787","reference_id":"","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-11T20:11:32Z/"}],"url":"http://www.securityfocus.com/bid/91787"},{"reference_url":"http://www.securityfocus.com/bid/91956","reference_id":"","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-11T20:11:32Z/"}],"url":"http://www.securityfocus.com/bid/91956"},{"reference_url":"http://www.securitytracker.com/id/1036365","reference_id":"","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-11T20:11:32Z/"}],"url":"http://www.securitytracker.com/id/1036365"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1358170","reference_id":"1358170","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1358170"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=832419","reference_id":"832419","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=832419"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.7.0:update101:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:jdk:1.7.0:update101:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.7.0:update101:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.8.0:update92:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:jdk:1.8.0:update92:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.8.0:update92:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.7.0:update101:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:jre:1.7.0:update101:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.7.0:update101:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.8.0:update92:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:jre:1.8.0:update92:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.8.0:update92:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-3498","reference_id":"CVE-2016-3498","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:N/A:P"},{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-3498"},{"reference_url":"https://security.gentoo.org/glsa/201610-08","reference_id":"GLSA-201610-08","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-11T20:11:32Z/"}],"url":"https://security.gentoo.org/glsa/201610-08"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1475","reference_id":"RHSA-2016:1475","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-11T20:11:32Z/"}],"url":"https://access.redhat.com/errata/RHSA-2016:1475"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1476","reference_id":"RHSA-2016:1476","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-11T20:11:32Z/"}],"url":"https://access.redhat.com/errata/RHSA-2016:1476"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/933723?format=json","purl":"pkg:deb/debian/openjfx@8u102-b14-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjfx@8u102-b14-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933721?format=json","purl":"pkg:deb/debian/openjfx@11.0.11%2B0-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjfx@11.0.11%252B0-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933719?format=json","purl":"pkg:deb/debian/openjfx@11.0.11%2B1-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjfx@11.0.11%252B1-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933722?format=json","purl":"pkg:deb/debian/openjfx@11.0.11%2B1-7?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjfx@11.0.11%252B1-7%3Fdistro=trixie"}],"aliases":["CVE-2016-3498"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-26wp-rmjk-huc8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/15413?format=json","vulnerability_id":"VCID-29d8-nuyz-yua9","summary":"Vulnerability affecting the org.openjfx:javafx-media maven component of the OpenJFX project\nVulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JavaFX).  Supported versions that are affected are Oracle Java SE: 8u391; Oracle GraalVM Enterprise Edition: 20.3.12 and  21.3.8. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition.  Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in  unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.1 Base Score 3.1 (Integrity impacts).  CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N).","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-20925","reference_id":"","reference_type":"","scores":[{"value":"0.00218","scoring_system":"epss","scoring_elements":"0.44379","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00218","scoring_system":"epss","scoring_elements":"0.44393","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00218","scoring_system":"epss","scoring_elements":"0.44402","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00218","scoring_system":"epss","scoring_elements":"0.44346","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00218","scoring_system":"epss","scoring_elements":"0.44348","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00218","scoring_system":"epss","scoring_elements":"0.44347","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00218","scoring_system":"epss","scoring_elements":"0.44368","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00218","scoring_system":"epss","scoring_elements":"0.44305","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00218","scoring_system":"epss","scoring_elements":"0.44357","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00218","scoring_system":"epss","scoring_elements":"0.44362","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00238","scoring_system":"epss","scoring_elements":"0.46877","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00238","scoring_system":"epss","scoring_elements":"0.46926","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00238","scoring_system":"epss","scoring_elements":"0.46915","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00238","scoring_system":"epss","scoring_elements":"0.4693","published_at":"2026-04-21T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-20925"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/openjdk/jfx","reference_id":"","reference_type":"","scores":[{"value":"3.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/openjdk/jfx"},{"reference_url":"https://github.com/openjdk/jfx17u/commit/18206453163dec04f36f8787ce73624bb9ba6a7d","reference_id":"","reference_type":"","scores":[{"value":"3.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/openjdk/jfx17u/commit/18206453163dec04f36f8787ce73624bb9ba6a7d"},{"reference_url":"https://github.com/openjdk/jfx21u/commit/0c00753da13ed696b1a5025ce01ff478ee7ebd0a","reference_id":"","reference_type":"","scores":[{"value":"3.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/openjdk/jfx21u/commit/0c00753da13ed696b1a5025ce01ff478ee7ebd0a"},{"reference_url":"https://github.com/openjdk/jfx/blob/4beeb89f864ccf1424db36c9739a7f6999adeecc/doc-files/release-notes-22.md?plain=1#L122","reference_id":"","reference_type":"","scores":[{"value":"3.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/openjdk/jfx/blob/4beeb89f864ccf1424db36c9739a7f6999adeecc/doc-files/release-notes-22.md?plain=1#L122"},{"reference_url":"https://github.com/openjdk/jfx/commit/0a52a4cf1d1226e7a3c6d73313fde02e7f36fb11","reference_id":"","reference_type":"","scores":[{"value":"3.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/openjdk/jfx/commit/0a52a4cf1d1226e7a3c6d73313fde02e7f36fb11"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-20925","reference_id":"","reference_type":"","scores":[{"value":"3.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-20925"},{"reference_url":"https://openjdk.org/groups/vulnerability/advisories/2024-01-16","reference_id":"","reference_type":"","scores":[{"value":"3.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://openjdk.org/groups/vulnerability/advisories/2024-01-16"},{"reference_url":"https://security.netapp.com/advisory/ntap-20240201-0002","reference_id":"","reference_type":"","scores":[{"value":"3.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.netapp.com/advisory/ntap-20240201-0002"},{"reference_url":"https://www.oracle.com/security-alerts/cpujan2024.html","reference_id":"","reference_type":"","scores":[{"value":"3.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-23T19:35:19Z/"}],"url":"https://www.oracle.com/security-alerts/cpujan2024.html"},{"reference_url":"https://github.com/advisories/GHSA-47g3-mf24-6559","reference_id":"GHSA-47g3-mf24-6559","reference_type":"","scores":[{"value":"LOW","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-47g3-mf24-6559"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/933727?format=json","purl":"pkg:deb/debian/openjfx@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjfx@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933721?format=json","purl":"pkg:deb/debian/openjfx@11.0.11%2B0-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjfx@11.0.11%252B0-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933719?format=json","purl":"pkg:deb/debian/openjfx@11.0.11%2B1-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjfx@11.0.11%252B1-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933722?format=json","purl":"pkg:deb/debian/openjfx@11.0.11%2B1-7?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjfx@11.0.11%252B1-7%3Fdistro=trixie"}],"aliases":["CVE-2024-20925","GHSA-47g3-mf24-6559"],"risk_score":1.4,"exploitability":"0.5","weighted_severity":"2.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-29d8-nuyz-yua9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/34415?format=json","vulnerability_id":"VCID-2znn-4qpa-6kbm","summary":"Multiple vulnerabilities have been found in IcedTea, the worst of which could result in arbitrary code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14664.json","reference_id":"","reference_type":"","scores":[{"value":"8.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14664.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-14664","reference_id":"","reference_type":"","scores":[{"value":"0.01068","scoring_system":"epss","scoring_elements":"0.77658","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01068","scoring_system":"epss","scoring_elements":"0.77665","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01068","scoring_system":"epss","scoring_elements":"0.77805","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01068","scoring_system":"epss","scoring_elements":"0.77707","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01068","scoring_system":"epss","scoring_elements":"0.77734","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01068","scoring_system":"epss","scoring_elements":"0.77718","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01068","scoring_system":"epss","scoring_elements":"0.77717","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01068","scoring_system":"epss","scoring_elements":"0.77754","published_at":"2026-04-16T12:55:00Z"},{"value":"0.01068","scoring_system":"epss","scoring_elements":"0.77753","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01068","scoring_system":"epss","scoring_elements":"0.77747","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01068","scoring_system":"epss","scoring_elements":"0.7778","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01068","scoring_system":"epss","scoring_elements":"0.77789","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01068","scoring_system":"epss","scoring_elements":"0.77692","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01068","scoring_system":"epss","scoring_elements":"0.77675","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01068","scoring_system":"epss","scoring_elements":"0.77703","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-14664"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14664","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14664"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1866027","reference_id":"1866027","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1866027"},{"reference_url":"https://security.gentoo.org/glsa/202209-15","reference_id":"GLSA-202209-15","reference_type":"","scores":[{"value":"8.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-27T17:54:50Z/"}],"url":"https://security.gentoo.org/glsa/202209-15"},{"reference_url":"https://security.gentoo.org/glsa/202409-26","reference_id":"GLSA-202409-26","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202409-26"},{"reference_url":"https://security.netapp.com/advisory/ntap-20200717-0005/","reference_id":"ntap-20200717-0005","reference_type":"","scores":[{"value":"8.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-27T17:54:50Z/"}],"url":"https://security.netapp.com/advisory/ntap-20200717-0005/"},{"reference_url":"https://www.zerodayinitiative.com/advisories/ZDI-20-897/","reference_id":"ZDI-20-897","reference_type":"","scores":[{"value":"8.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-27T17:54:50Z/"}],"url":"https://www.zerodayinitiative.com/advisories/ZDI-20-897/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/933726?format=json","purl":"pkg:deb/debian/openjfx@11%2B26-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjfx@11%252B26-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933721?format=json","purl":"pkg:deb/debian/openjfx@11.0.11%2B0-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjfx@11.0.11%252B0-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933719?format=json","purl":"pkg:deb/debian/openjfx@11.0.11%2B1-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjfx@11.0.11%252B1-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933722?format=json","purl":"pkg:deb/debian/openjfx@11.0.11%2B1-7?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjfx@11.0.11%252B1-7%3Fdistro=trixie"}],"aliases":["CVE-2020-14664"],"risk_score":3.8,"exploitability":"0.5","weighted_severity":"7.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2znn-4qpa-6kbm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/226422?format=json","vulnerability_id":"VCID-486u-xhmt-cbdt","summary":"Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JavaFX).  Supported versions that are affected are Oracle Java SE: 8u401; Oracle GraalVM Enterprise Edition: 20.3.13 and  21.3.9. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition.  Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in  unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.1 Base Score 3.1 (Integrity impacts).  CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N).","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-21005","reference_id":"","reference_type":"","scores":[{"value":"0.00157","scoring_system":"epss","scoring_elements":"0.36066","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00157","scoring_system":"epss","scoring_elements":"0.36443","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00157","scoring_system":"epss","scoring_elements":"0.36483","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00157","scoring_system":"epss","scoring_elements":"0.36409","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00157","scoring_system":"epss","scoring_elements":"0.36183","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00157","scoring_system":"epss","scoring_elements":"0.36153","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00157","scoring_system":"epss","scoring_elements":"0.3655","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00157","scoring_system":"epss","scoring_elements":"0.36583","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00157","scoring_system":"epss","scoring_elements":"0.36422","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00157","scoring_system":"epss","scoring_elements":"0.36473","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00157","scoring_system":"epss","scoring_elements":"0.36494","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00157","scoring_system":"epss","scoring_elements":"0.36501","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00157","scoring_system":"epss","scoring_elements":"0.36466","published_at":"2026-04-18T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-21005"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm:20.3.13:*:*:*:enterprise:*:*:*","reference_id":"cpe:2.3:a:oracle:graalvm:20.3.13:*:*:*:enterprise:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm:20.3.13:*:*:*:enterprise:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm:21.3.9:*:*:*:enterprise:*:*:*","reference_id":"cpe:2.3:a:oracle:graalvm:21.3.9:*:*:*:enterprise:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm:21.3.9:*:*:*:enterprise:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:8u401:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:java_se:8u401:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:8u401:*:*:*:*:*:*:*"},{"reference_url":"https://www.oracle.com/security-alerts/cpuapr2024.html","reference_id":"cpuapr2024.html","reference_type":"","scores":[{"value":"3.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-17T18:06:59Z/"}],"url":"https://www.oracle.com/security-alerts/cpuapr2024.html"},{"reference_url":"https://security.netapp.com/advisory/ntap-20240426-0004/","reference_id":"ntap-20240426-0004","reference_type":"","scores":[{"value":"3.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-17T18:06:59Z/"}],"url":"https://security.netapp.com/advisory/ntap-20240426-0004/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/933727?format=json","purl":"pkg:deb/debian/openjfx@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjfx@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933721?format=json","purl":"pkg:deb/debian/openjfx@11.0.11%2B0-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjfx@11.0.11%252B0-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933719?format=json","purl":"pkg:deb/debian/openjfx@11.0.11%2B1-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjfx@11.0.11%252B1-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933722?format=json","purl":"pkg:deb/debian/openjfx@11.0.11%2B1-7?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjfx@11.0.11%252B1-7%3Fdistro=trixie"}],"aliases":["CVE-2024-21005"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-486u-xhmt-cbdt"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/31616?format=json","vulnerability_id":"VCID-4m47-kkyx-dyet","summary":"Multiple vulnerabilities have been found in Oracle's JRE and JDK\n    software suites, and IcedTea, the worst of which may allow execution of\n    arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-10086.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-10086.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-10086","reference_id":"","reference_type":"","scores":[{"value":"0.00592","scoring_system":"epss","scoring_elements":"0.6932","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00592","scoring_system":"epss","scoring_elements":"0.69305","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00592","scoring_system":"epss","scoring_elements":"0.69312","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01124","scoring_system":"epss","scoring_elements":"0.78277","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01124","scoring_system":"epss","scoring_elements":"0.78272","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01124","scoring_system":"epss","scoring_elements":"0.78223","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01124","scoring_system":"epss","scoring_elements":"0.78215","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01124","scoring_system":"epss","scoring_elements":"0.78296","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01124","scoring_system":"epss","scoring_elements":"0.783","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01124","scoring_system":"epss","scoring_elements":"0.78303","published_at":"2026-04-16T12:55:00Z"},{"value":"0.01124","scoring_system":"epss","scoring_elements":"0.78254","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01124","scoring_system":"epss","scoring_elements":"0.78236","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01124","scoring_system":"epss","scoring_elements":"0.78263","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01124","scoring_system":"epss","scoring_elements":"0.78268","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01124","scoring_system":"epss","scoring_elements":"0.78294","published_at":"2026-04-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-10086"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10086","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10086"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10114","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10114"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"10","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:C/I:C/A:C"},{"value":"9.6","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"http://www.securitytracker.com/id/1038931","reference_id":"1038931","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-04T15:39:48Z/"}],"url":"http://www.securitytracker.com/id/1038931"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1472657","reference_id":"1472657","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1472657"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=870860","reference_id":"870860","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=870860"},{"reference_url":"http://www.securityfocus.com/bid/99662","reference_id":"99662","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-04T15:39:48Z/"}],"url":"http://www.securityfocus.com/bid/99662"},{"reference_url":"http://www.debian.org/security/2017/dsa-4005","reference_id":"dsa-4005","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-04T15:39:48Z/"}],"url":"http://www.debian.org/security/2017/dsa-4005"},{"reference_url":"https://security.gentoo.org/glsa/201709-22","reference_id":"GLSA-201709-22","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-04T15:39:48Z/"}],"url":"https://security.gentoo.org/glsa/201709-22"},{"reference_url":"https://security.netapp.com/advisory/ntap-20170720-0001/","reference_id":"ntap-20170720-0001","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-04T15:39:48Z/"}],"url":"https://security.netapp.com/advisory/ntap-20170720-0001/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1790","reference_id":"RHSA-2017:1790","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-04T15:39:48Z/"}],"url":"https://access.redhat.com/errata/RHSA-2017:1790"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1791","reference_id":"RHSA-2017:1791","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-04T15:39:48Z/"}],"url":"https://access.redhat.com/errata/RHSA-2017:1791"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/933724?format=json","purl":"pkg:deb/debian/openjfx@8u141-b14-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjfx@8u141-b14-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933721?format=json","purl":"pkg:deb/debian/openjfx@11.0.11%2B0-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjfx@11.0.11%252B0-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933719?format=json","purl":"pkg:deb/debian/openjfx@11.0.11%2B1-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjfx@11.0.11%252B1-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933722?format=json","purl":"pkg:deb/debian/openjfx@11.0.11%2B1-7?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjfx@11.0.11%252B1-7%3Fdistro=trixie"}],"aliases":["CVE-2017-10086"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"7.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4m47-kkyx-dyet"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/43628?format=json","vulnerability_id":"VCID-5bfn-1ajw-cqdr","summary":"Multiple vulnerabilities have been found in Oracle's JDK and JRE\n    software suites, the worst of which may allow execution of arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-2581.json","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-2581.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-2581","reference_id":"","reference_type":"","scores":[{"value":"0.00492","scoring_system":"epss","scoring_elements":"0.65705","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00492","scoring_system":"epss","scoring_elements":"0.65563","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00492","scoring_system":"epss","scoring_elements":"0.65611","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00492","scoring_system":"epss","scoring_elements":"0.65683","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00492","scoring_system":"epss","scoring_elements":"0.65696","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00492","scoring_system":"epss","scoring_elements":"0.6568","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00492","scoring_system":"epss","scoring_elements":"0.65695","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00492","scoring_system":"epss","scoring_elements":"0.65706","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00492","scoring_system":"epss","scoring_elements":"0.65641","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00492","scoring_system":"epss","scoring_elements":"0.65607","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00492","scoring_system":"epss","scoring_elements":"0.65658","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00492","scoring_system":"epss","scoring_elements":"0.65671","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00492","scoring_system":"epss","scoring_elements":"0.65691","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00492","scoring_system":"epss","scoring_elements":"0.65677","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00492","scoring_system":"epss","scoring_elements":"0.65648","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-2581"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2581","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2581"},{"reference_url":"http://www.securityfocus.com/bid/102636","reference_id":"102636","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:58Z/"}],"url":"http://www.securityfocus.com/bid/102636"},{"reference_url":"http://www.securitytracker.com/id/1040203","reference_id":"1040203","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:58Z/"}],"url":"http://www.securitytracker.com/id/1040203"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1535354","reference_id":"1535354","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1535354"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=888530","reference_id":"888530","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=888530"},{"reference_url":"https://security.gentoo.org/glsa/201803-06","reference_id":"GLSA-201803-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201803-06"},{"reference_url":"https://security.netapp.com/advisory/ntap-20180117-0001/","reference_id":"ntap-20180117-0001","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:58Z/"}],"url":"https://security.netapp.com/advisory/ntap-20180117-0001/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0099","reference_id":"RHSA-2018:0099","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:58Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0099"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0100","reference_id":"RHSA-2018:0100","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:58Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0100"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:1463","reference_id":"RHSA-2018:1463","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:58Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:1463"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:1812","reference_id":"RHSA-2018:1812","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:58Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:1812"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/933725?format=json","purl":"pkg:deb/debian/openjfx@8u161-b12-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjfx@8u161-b12-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933721?format=json","purl":"pkg:deb/debian/openjfx@11.0.11%2B0-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjfx@11.0.11%252B0-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933719?format=json","purl":"pkg:deb/debian/openjfx@11.0.11%2B1-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjfx@11.0.11%252B1-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933722?format=json","purl":"pkg:deb/debian/openjfx@11.0.11%2B1-7?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjfx@11.0.11%252B1-7%3Fdistro=trixie"}],"aliases":["CVE-2018-2581"],"risk_score":1.9,"exploitability":"0.5","weighted_severity":"3.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5bfn-1ajw-cqdr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/34757?format=json","vulnerability_id":"VCID-6and-3vws-p3hu","summary":"Multiple vulnerabilities have been found in Oracle's JRE and JDK\n    software suites allowing remote attackers to remotely execute arbitrary\n    code, obtain information, and cause Denial of Service.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00009.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00009.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00045.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00045.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2015-1926.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2015-1926.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-4906.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-4906.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-4906","reference_id":"","reference_type":"","scores":[{"value":"0.00343","scoring_system":"epss","scoring_elements":"0.56907","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00343","scoring_system":"epss","scoring_elements":"0.56853","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00343","scoring_system":"epss","scoring_elements":"0.56948","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00343","scoring_system":"epss","scoring_elements":"0.56969","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00343","scoring_system":"epss","scoring_elements":"0.56945","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00343","scoring_system":"epss","scoring_elements":"0.56996","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00343","scoring_system":"epss","scoring_elements":"0.56999","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00343","scoring_system":"epss","scoring_elements":"0.57007","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00343","scoring_system":"epss","scoring_elements":"0.56986","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00343","scoring_system":"epss","scoring_elements":"0.56963","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00343","scoring_system":"epss","scoring_elements":"0.56992","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00343","scoring_system":"epss","scoring_elements":"0.56989","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00343","scoring_system":"epss","scoring_elements":"0.56966","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00343","scoring_system":"epss","scoring_elements":"0.56905","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00343","scoring_system":"epss","scoring_elements":"0.56923","published_at":"2026-04-26T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-4906"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4906","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4906"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html"},{"reference_url":"http://www.securityfocus.com/bid/77214","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/77214"},{"reference_url":"http://www.securitytracker.com/id/1033884","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1033884"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1273861","reference_id":"1273861","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1273861"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=823622","reference_id":"823622","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=823622"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:javafx:2.2.85:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:javafx:2.2.85:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:javafx:2.2.85:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.8.0:update60:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:jdk:1.8.0:update60:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.8.0:update60:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.8.0:update_60:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:jre:1.8.0:update_60:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.8.0:update_60:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2015-4906","reference_id":"CVE-2015-4906","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:N/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2015-4906"},{"reference_url":"https://security.gentoo.org/glsa/201603-11","reference_id":"GLSA-201603-11","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201603-11"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:1926","reference_id":"RHSA-2015:1926","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:1926"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/933720?format=json","purl":"pkg:deb/debian/openjfx@8u91-b14-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjfx@8u91-b14-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933721?format=json","purl":"pkg:deb/debian/openjfx@11.0.11%2B0-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjfx@11.0.11%252B0-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933719?format=json","purl":"pkg:deb/debian/openjfx@11.0.11%2B1-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjfx@11.0.11%252B1-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933722?format=json","purl":"pkg:deb/debian/openjfx@11.0.11%2B1-7?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjfx@11.0.11%252B1-7%3Fdistro=trixie"}],"aliases":["CVE-2015-4906"],"risk_score":2.2,"exploitability":"0.5","weighted_severity":"4.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6and-3vws-p3hu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/226333?format=json","vulnerability_id":"VCID-8b85-sby2-ebhb","summary":"Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JavaFX).  Supported versions that are affected are Oracle Java SE: 8u401; Oracle GraalVM Enterprise Edition: 20.3.13 and  21.3.9. Difficult to exploit vulnerability allows unauthenticated attacker with logon to the infrastructure where Oracle Java SE, Oracle GraalVM Enterprise Edition executes to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition.  Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in  unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.1 Base Score 2.5 (Integrity impacts).  CVSS Vector: (CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N).","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-21002","reference_id":"","reference_type":"","scores":[{"value":"0.00051","scoring_system":"epss","scoring_elements":"0.16222","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00051","scoring_system":"epss","scoring_elements":"0.16283","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00052","scoring_system":"epss","scoring_elements":"0.15989","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00052","scoring_system":"epss","scoring_elements":"0.16088","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00052","scoring_system":"epss","scoring_elements":"0.16103","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00052","scoring_system":"epss","scoring_elements":"0.16142","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00052","scoring_system":"epss","scoring_elements":"0.16032","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00052","scoring_system":"epss","scoring_elements":"0.1603","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00052","scoring_system":"epss","scoring_elements":"0.16128","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00052","scoring_system":"epss","scoring_elements":"0.16213","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00052","scoring_system":"epss","scoring_elements":"0.16279","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00052","scoring_system":"epss","scoring_elements":"0.16261","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00052","scoring_system":"epss","scoring_elements":"0.16221","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00052","scoring_system":"epss","scoring_elements":"0.16153","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-21002"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"2.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm:20.3.13:*:*:*:enterprise:*:*:*","reference_id":"cpe:2.3:a:oracle:graalvm:20.3.13:*:*:*:enterprise:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm:20.3.13:*:*:*:enterprise:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm:21.3.9:*:*:*:enterprise:*:*:*","reference_id":"cpe:2.3:a:oracle:graalvm:21.3.9:*:*:*:enterprise:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm:21.3.9:*:*:*:enterprise:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:8u401:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:java_se:8u401:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:8u401:*:*:*:*:*:*:*"},{"reference_url":"https://www.oracle.com/security-alerts/cpuapr2024.html","reference_id":"cpuapr2024.html","reference_type":"","scores":[{"value":"2.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-18T15:53:46Z/"}],"url":"https://www.oracle.com/security-alerts/cpuapr2024.html"},{"reference_url":"https://security.netapp.com/advisory/ntap-20240426-0004/","reference_id":"ntap-20240426-0004","reference_type":"","scores":[{"value":"2.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-18T15:53:46Z/"}],"url":"https://security.netapp.com/advisory/ntap-20240426-0004/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/933727?format=json","purl":"pkg:deb/debian/openjfx@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjfx@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933721?format=json","purl":"pkg:deb/debian/openjfx@11.0.11%2B0-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjfx@11.0.11%252B0-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933719?format=json","purl":"pkg:deb/debian/openjfx@11.0.11%2B1-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjfx@11.0.11%252B1-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933722?format=json","purl":"pkg:deb/debian/openjfx@11.0.11%2B1-7?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjfx@11.0.11%252B1-7%3Fdistro=trixie"}],"aliases":["CVE-2024-21002"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8b85-sby2-ebhb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/78278?format=json","vulnerability_id":"VCID-a91k-9kv3-yfb9","summary":"JavaFX: unauthorized creation, deletion or modification access to critical data via multiple protocols","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-22043.json","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-22043.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-22043","reference_id":"","reference_type":"","scores":[{"value":"0.00249","scoring_system":"epss","scoring_elements":"0.48187","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00249","scoring_system":"epss","scoring_elements":"0.48155","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00249","scoring_system":"epss","scoring_elements":"0.48267","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00249","scoring_system":"epss","scoring_elements":"0.48262","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00249","scoring_system":"epss","scoring_elements":"0.48218","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00249","scoring_system":"epss","scoring_elements":"0.48199","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00249","scoring_system":"epss","scoring_elements":"0.48209","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00249","scoring_system":"epss","scoring_elements":"0.48206","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00249","scoring_system":"epss","scoring_elements":"0.48158","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00249","scoring_system":"epss","scoring_elements":"0.48211","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00249","scoring_system":"epss","scoring_elements":"0.48205","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00249","scoring_system":"epss","scoring_elements":"0.48229","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00249","scoring_system":"epss","scoring_elements":"0.48204","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00249","scoring_system":"epss","scoring_elements":"0.48216","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-22043"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22043","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22043"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2224658","reference_id":"2224658","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2224658"},{"reference_url":"https://www.oracle.com/security-alerts/cpujul2023.html","reference_id":"cpujul2023.html","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-13T16:29:03Z/"}],"url":"https://www.oracle.com/security-alerts/cpujul2023.html"},{"reference_url":"https://security.netapp.com/advisory/ntap-20230725-0006/","reference_id":"ntap-20230725-0006","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-13T16:29:03Z/"}],"url":"https://security.netapp.com/advisory/ntap-20230725-0006/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/933726?format=json","purl":"pkg:deb/debian/openjfx@11%2B26-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjfx@11%252B26-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933721?format=json","purl":"pkg:deb/debian/openjfx@11.0.11%2B0-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjfx@11.0.11%252B0-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933719?format=json","purl":"pkg:deb/debian/openjfx@11.0.11%2B1-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjfx@11.0.11%252B1-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933722?format=json","purl":"pkg:deb/debian/openjfx@11.0.11%2B1-7?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjfx@11.0.11%252B1-7%3Fdistro=trixie"}],"aliases":["CVE-2023-22043"],"risk_score":2.6,"exploitability":"0.5","weighted_severity":"5.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-a91k-9kv3-yfb9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/34754?format=json","vulnerability_id":"VCID-d9gp-4hm3-h7dc","summary":"Multiple vulnerabilities have been found in Oracle's JRE and JDK\n    software suites allowing remote attackers to remotely execute arbitrary\n    code, obtain information, and cause Denial of Service.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00009.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00009.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00045.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00045.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2015-1926.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2015-1926.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-4901.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-4901.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-4901","reference_id":"","reference_type":"","scores":[{"value":"0.00884","scoring_system":"epss","scoring_elements":"0.755","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00884","scoring_system":"epss","scoring_elements":"0.75365","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00884","scoring_system":"epss","scoring_elements":"0.75368","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00884","scoring_system":"epss","scoring_elements":"0.75401","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00884","scoring_system":"epss","scoring_elements":"0.7538","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00884","scoring_system":"epss","scoring_elements":"0.75423","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00884","scoring_system":"epss","scoring_elements":"0.75433","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00884","scoring_system":"epss","scoring_elements":"0.75453","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00884","scoring_system":"epss","scoring_elements":"0.75431","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00884","scoring_system":"epss","scoring_elements":"0.7542","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00884","scoring_system":"epss","scoring_elements":"0.75461","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00884","scoring_system":"epss","scoring_elements":"0.75467","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00884","scoring_system":"epss","scoring_elements":"0.75456","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00884","scoring_system":"epss","scoring_elements":"0.75491","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00884","scoring_system":"epss","scoring_elements":"0.75496","published_at":"2026-04-26T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-4901"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4901","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4901"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html"},{"reference_url":"http://www.securityfocus.com/bid/77226","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/77226"},{"reference_url":"http://www.securitytracker.com/id/1033884","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1033884"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1273856","reference_id":"1273856","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1273856"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=823622","reference_id":"823622","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=823622"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.8.0:update60:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:jdk:1.8.0:update60:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.8.0:update60:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.8.0:update_60:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:jre:1.8.0:update_60:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.8.0:update_60:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2015-4901","reference_id":"CVE-2015-4901","reference_type":"","scores":[{"value":"9.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:C/I:C/A:C"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2015-4901"},{"reference_url":"https://security.gentoo.org/glsa/201603-11","reference_id":"GLSA-201603-11","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201603-11"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:1926","reference_id":"RHSA-2015:1926","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:1926"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/933720?format=json","purl":"pkg:deb/debian/openjfx@8u91-b14-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjfx@8u91-b14-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933721?format=json","purl":"pkg:deb/debian/openjfx@11.0.11%2B0-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjfx@11.0.11%252B0-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933719?format=json","purl":"pkg:deb/debian/openjfx@11.0.11%2B1-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjfx@11.0.11%252B1-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933722?format=json","purl":"pkg:deb/debian/openjfx@11.0.11%2B1-7?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjfx@11.0.11%252B1-7%3Fdistro=trixie"}],"aliases":["CVE-2015-4901"],"risk_score":4.2,"exploitability":"0.5","weighted_severity":"8.4","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-d9gp-4hm3-h7dc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/241874?format=json","vulnerability_id":"VCID-fqn2-qdd1-3fhg","summary":"Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JavaFX).  Supported versions that are affected are Oracle Java SE: 8u391; Oracle GraalVM Enterprise Edition: 20.3.12 and  21.3.8. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition.  Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in  unauthorized read access to a subset of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.1 Base Score 3.1 (Confidentiality impacts).  CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N).","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-20923","reference_id":"","reference_type":"","scores":[{"value":"0.00352","scoring_system":"epss","scoring_elements":"0.57609","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00352","scoring_system":"epss","scoring_elements":"0.57653","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00352","scoring_system":"epss","scoring_elements":"0.5761","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00352","scoring_system":"epss","scoring_elements":"0.5763","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00352","scoring_system":"epss","scoring_elements":"0.57619","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00352","scoring_system":"epss","scoring_elements":"0.5764","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00352","scoring_system":"epss","scoring_elements":"0.57616","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00352","scoring_system":"epss","scoring_elements":"0.5767","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00352","scoring_system":"epss","scoring_elements":"0.57675","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00352","scoring_system":"epss","scoring_elements":"0.57689","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00352","scoring_system":"epss","scoring_elements":"0.57668","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00352","scoring_system":"epss","scoring_elements":"0.57648","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00352","scoring_system":"epss","scoring_elements":"0.57678","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00352","scoring_system":"epss","scoring_elements":"0.57674","published_at":"2026-04-18T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-20923"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/933727?format=json","purl":"pkg:deb/debian/openjfx@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjfx@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933721?format=json","purl":"pkg:deb/debian/openjfx@11.0.11%2B0-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjfx@11.0.11%252B0-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933719?format=json","purl":"pkg:deb/debian/openjfx@11.0.11%2B1-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjfx@11.0.11%252B1-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933722?format=json","purl":"pkg:deb/debian/openjfx@11.0.11%2B1-7?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjfx@11.0.11%252B1-7%3Fdistro=trixie"}],"aliases":["CVE-2024-20923"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fqn2-qdd1-3fhg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/227034?format=json","vulnerability_id":"VCID-h2gf-sn1q-6bac","summary":"Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JavaFX).  Supported versions that are affected are Oracle Java SE: 8u401; Oracle GraalVM Enterprise Edition: 20.3.13 and  21.3.9. Difficult to exploit vulnerability allows unauthenticated attacker with logon to the infrastructure where Oracle Java SE, Oracle GraalVM Enterprise Edition executes to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition.  Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in  unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.1 Base Score 2.5 (Integrity impacts).  CVSS Vector: (CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N).","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-21004","reference_id":"","reference_type":"","scores":[{"value":"0.00043","scoring_system":"epss","scoring_elements":"0.13118","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00043","scoring_system":"epss","scoring_elements":"0.13159","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00043","scoring_system":"epss","scoring_elements":"0.13158","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00043","scoring_system":"epss","scoring_elements":"0.13245","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00043","scoring_system":"epss","scoring_elements":"0.1325","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00043","scoring_system":"epss","scoring_elements":"0.13222","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00043","scoring_system":"epss","scoring_elements":"0.13326","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00043","scoring_system":"epss","scoring_elements":"0.1339","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00043","scoring_system":"epss","scoring_elements":"0.13238","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00043","scoring_system":"epss","scoring_elements":"0.1332","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00043","scoring_system":"epss","scoring_elements":"0.13372","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00043","scoring_system":"epss","scoring_elements":"0.1334","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00043","scoring_system":"epss","scoring_elements":"0.13303","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00043","scoring_system":"epss","scoring_elements":"0.13253","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-21004"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"2.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm:20.3.13:*:*:*:enterprise:*:*:*","reference_id":"cpe:2.3:a:oracle:graalvm:20.3.13:*:*:*:enterprise:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm:20.3.13:*:*:*:enterprise:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm:21.3.9:*:*:*:enterprise:*:*:*","reference_id":"cpe:2.3:a:oracle:graalvm:21.3.9:*:*:*:enterprise:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm:21.3.9:*:*:*:enterprise:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:8u401:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:java_se:8u401:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:8u401:*:*:*:*:*:*:*"},{"reference_url":"https://www.oracle.com/security-alerts/cpuapr2024.html","reference_id":"cpuapr2024.html","reference_type":"","scores":[{"value":"2.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-18T16:11:37Z/"}],"url":"https://www.oracle.com/security-alerts/cpuapr2024.html"},{"reference_url":"https://security.netapp.com/advisory/ntap-20240426-0004/","reference_id":"ntap-20240426-0004","reference_type":"","scores":[{"value":"2.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-18T16:11:37Z/"}],"url":"https://security.netapp.com/advisory/ntap-20240426-0004/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/933727?format=json","purl":"pkg:deb/debian/openjfx@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjfx@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933721?format=json","purl":"pkg:deb/debian/openjfx@11.0.11%2B0-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjfx@11.0.11%252B0-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933719?format=json","purl":"pkg:deb/debian/openjfx@11.0.11%2B1-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjfx@11.0.11%252B1-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933722?format=json","purl":"pkg:deb/debian/openjfx@11.0.11%2B1-7?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjfx@11.0.11%252B1-7%3Fdistro=trixie"}],"aliases":["CVE-2024-21004"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-h2gf-sn1q-6bac"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/83283?format=json","vulnerability_id":"VCID-jvtu-gg6n-hyce","summary":"JDK: unspecified vulnerability fixed in 7u191, 8u181, and 10.0.2 (JavaFX)","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-2941.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-2941.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-2941","reference_id":"","reference_type":"","scores":[{"value":"0.01275","scoring_system":"epss","scoring_elements":"0.79629","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01275","scoring_system":"epss","scoring_elements":"0.79494","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01275","scoring_system":"epss","scoring_elements":"0.795","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01275","scoring_system":"epss","scoring_elements":"0.79551","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01275","scoring_system":"epss","scoring_elements":"0.79543","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01275","scoring_system":"epss","scoring_elements":"0.79572","published_at":"2026-04-16T12:55:00Z"},{"value":"0.01275","scoring_system":"epss","scoring_elements":"0.79571","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01275","scoring_system":"epss","scoring_elements":"0.79576","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01275","scoring_system":"epss","scoring_elements":"0.79607","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01275","scoring_system":"epss","scoring_elements":"0.79613","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01275","scoring_system":"epss","scoring_elements":"0.79524","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01275","scoring_system":"epss","scoring_elements":"0.7951","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01275","scoring_system":"epss","scoring_elements":"0.79538","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01275","scoring_system":"epss","scoring_elements":"0.79546","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01275","scoring_system":"epss","scoring_elements":"0.79568","published_at":"2026-04-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-2941"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2941","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2941"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://security.netapp.com/advisory/ntap-20180726-0001/","reference_id":"","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-02T18:16:44Z/"}],"url":"https://security.netapp.com/advisory/ntap-20180726-0001/"},{"reference_url":"http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html","reference_id":"","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-02T18:16:44Z/"}],"url":"http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html"},{"reference_url":"http://www.securityfocus.com/bid/104775","reference_id":"","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-02T18:16:44Z/"}],"url":"http://www.securityfocus.com/bid/104775"},{"reference_url":"http://www.securitytracker.com/id/1041302","reference_id":"","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-02T18:16:44Z/"}],"url":"http://www.securitytracker.com/id/1041302"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1602143","reference_id":"1602143","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1602143"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=905215","reference_id":"905215","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=905215"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:*","reference_id":"cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:windows:*:*","reference_id":"cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:windows:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:windows:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:cloud_backup:-:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:netapp:cloud_backup:-:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:cloud_backup:-:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:e-series_santricity_os_controller:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:netapp:e-series_santricity_os_controller:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:e-series_santricity_os_controller:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:e-series_santricity_storage_manager:-:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:netapp:e-series_santricity_storage_manager:-:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:e-series_santricity_storage_manager:-:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:oncommand_unified_manager:-:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:netapp:oncommand_unified_manager:-:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:oncommand_unified_manager:-:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:oncommand_workflow_automation:-:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:netapp:oncommand_workflow_automation:-:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:oncommand_workflow_automation:-:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:plug-in_for_symantec_netbackup:-:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:netapp:plug-in_for_symantec_netbackup:-:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:plug-in_for_symantec_netbackup:-:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:snapmanager:-:*:*:*:*:oracle:*:*","reference_id":"cpe:2.3:a:netapp:snapmanager:-:*:*:*:*:oracle:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:snapmanager:-:*:*:*:*:oracle:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:snapmanager:-:*:*:*:*:sap:*:*","reference_id":"cpe:2.3:a:netapp:snapmanager:-:*:*:*:*:sap:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:snapmanager:-:*:*:*:*:sap:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:steelstore_cloud_integrated_storage:-:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:netapp:steelstore_cloud_integrated_storage:-:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:steelstore_cloud_integrated_storage:-:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:storage_replication_adapter_for_clustered_data_ontap:*:*:*:*:*:vmware_vsphere:*:*","reference_id":"cpe:2.3:a:netapp:storage_replication_adapter_for_clustered_data_ontap:*:*:*:*:*:vmware_vsphere:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:storage_replication_adapter_for_clustered_data_ontap:*:*:*:*:*:vmware_vsphere:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:vasa_provider_for_clustered_data_ontap:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:netapp:vasa_provider_for_clustered_data_ontap:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:vasa_provider_for_clustered_data_ontap:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:virtual_storage_console:*:*:*:*:*:vmware_vsphere:*:*","reference_id":"cpe:2.3:a:netapp:virtual_storage_console:*:*:*:*:*:vmware_vsphere:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:virtual_storage_console:*:*:*:*:*:vmware_vsphere:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:10.0.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:jdk:10.0.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:10.0.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.7.0:update181:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:jdk:1.7.0:update181:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.7.0:update181:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.8.0:update172:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:jdk:1.8.0:update172:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.8.0:update172:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:10.0.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:jre:10.0.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:10.0.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.7.0:update181:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:jre:1.7.0:update181:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.7.0:update181:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.8.0:update172:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:jre:1.8.0:update172:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.8.0:update172:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2018-2941","reference_id":"CVE-2018-2941","reference_type":"","scores":[{"value":"5.1","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:H/Au:N/C:P/I:P/A:P"},{"value":"8.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2018-2941"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:2253","reference_id":"RHSA-2018:2253","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-02T18:16:44Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:2253"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:2254","reference_id":"RHSA-2018:2254","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-02T18:16:44Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:2254"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:2255","reference_id":"RHSA-2018:2255","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-02T18:16:44Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:2255"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:2256","reference_id":"RHSA-2018:2256","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-02T18:16:44Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:2256"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/933726?format=json","purl":"pkg:deb/debian/openjfx@11%2B26-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjfx@11%252B26-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933721?format=json","purl":"pkg:deb/debian/openjfx@11.0.11%2B0-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjfx@11.0.11%252B0-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933719?format=json","purl":"pkg:deb/debian/openjfx@11.0.11%2B1-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjfx@11.0.11%252B1-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933722?format=json","purl":"pkg:deb/debian/openjfx@11.0.11%2B1-7?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjfx@11.0.11%252B1-7%3Fdistro=trixie"}],"aliases":["CVE-2018-2941"],"risk_score":3.8,"exploitability":"0.5","weighted_severity":"7.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-jvtu-gg6n-hyce"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/50796?format=json","vulnerability_id":"VCID-jw3n-w9gu-x3hg","summary":"Multiple vulnerabilities have been found in Oracle’s JDK and JRE\n    software suites.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-3209.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-3209.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-3209","reference_id":"","reference_type":"","scores":[{"value":"0.01242","scoring_system":"epss","scoring_elements":"0.79344","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01242","scoring_system":"epss","scoring_elements":"0.79214","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01242","scoring_system":"epss","scoring_elements":"0.79221","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01242","scoring_system":"epss","scoring_elements":"0.79273","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01242","scoring_system":"epss","scoring_elements":"0.79261","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01242","scoring_system":"epss","scoring_elements":"0.79284","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01242","scoring_system":"epss","scoring_elements":"0.79286","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01242","scoring_system":"epss","scoring_elements":"0.7932","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01242","scoring_system":"epss","scoring_elements":"0.79326","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01242","scoring_system":"epss","scoring_elements":"0.79245","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01242","scoring_system":"epss","scoring_elements":"0.7923","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01242","scoring_system":"epss","scoring_elements":"0.79256","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01242","scoring_system":"epss","scoring_elements":"0.79263","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01242","scoring_system":"epss","scoring_elements":"0.79288","published_at":"2026-04-16T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-3209"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-3209","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-3209"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"http://www.securityfocus.com/bid/105590","reference_id":"105590","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-02T18:16:09Z/"}],"url":"http://www.securityfocus.com/bid/105590"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1639904","reference_id":"1639904","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1639904"},{"reference_url":"https://security.gentoo.org/glsa/201908-10","reference_id":"GLSA-201908-10","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-02T18:16:09Z/"}],"url":"https://security.gentoo.org/glsa/201908-10"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:3002","reference_id":"RHSA-2018:3002","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-02T18:16:09Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:3002"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:3003","reference_id":"RHSA-2018:3003","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-02T18:16:09Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:3003"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/933726?format=json","purl":"pkg:deb/debian/openjfx@11%2B26-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjfx@11%252B26-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933721?format=json","purl":"pkg:deb/debian/openjfx@11.0.11%2B0-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjfx@11.0.11%252B0-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933719?format=json","purl":"pkg:deb/debian/openjfx@11.0.11%2B1-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjfx@11.0.11%252B1-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933722?format=json","purl":"pkg:deb/debian/openjfx@11.0.11%2B1-7?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjfx@11.0.11%252B1-7%3Fdistro=trixie"}],"aliases":["CVE-2018-3209"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-jw3n-w9gu-x3hg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/226849?format=json","vulnerability_id":"VCID-mw4a-31ag-6udf","summary":"Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JavaFX).  Supported versions that are affected are Oracle Java SE: 8u401; Oracle GraalVM Enterprise Edition: 20.3.13 and  21.3.9. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition.  Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in  unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.1 Base Score 3.1 (Integrity impacts).  CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N).","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-21003","reference_id":"","reference_type":"","scores":[{"value":"0.00205","scoring_system":"epss","scoring_elements":"0.42461","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00205","scoring_system":"epss","scoring_elements":"0.42638","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00205","scoring_system":"epss","scoring_elements":"0.42698","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00205","scoring_system":"epss","scoring_elements":"0.42684","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00205","scoring_system":"epss","scoring_elements":"0.42621","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00205","scoring_system":"epss","scoring_elements":"0.42545","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00205","scoring_system":"epss","scoring_elements":"0.42637","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00205","scoring_system":"epss","scoring_elements":"0.42665","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00205","scoring_system":"epss","scoring_elements":"0.42605","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00205","scoring_system":"epss","scoring_elements":"0.42657","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00205","scoring_system":"epss","scoring_elements":"0.42668","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00205","scoring_system":"epss","scoring_elements":"0.42692","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00205","scoring_system":"epss","scoring_elements":"0.42655","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-21003"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm:20.3.13:*:*:*:enterprise:*:*:*","reference_id":"cpe:2.3:a:oracle:graalvm:20.3.13:*:*:*:enterprise:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm:20.3.13:*:*:*:enterprise:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm:21.3.9:*:*:*:enterprise:*:*:*","reference_id":"cpe:2.3:a:oracle:graalvm:21.3.9:*:*:*:enterprise:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm:21.3.9:*:*:*:enterprise:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:8u401:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:java_se:8u401:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:8u401:*:*:*:*:*:*:*"},{"reference_url":"https://www.oracle.com/security-alerts/cpuapr2024.html","reference_id":"cpuapr2024.html","reference_type":"","scores":[{"value":"3.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-13T17:05:54Z/"}],"url":"https://www.oracle.com/security-alerts/cpuapr2024.html"},{"reference_url":"https://security.netapp.com/advisory/ntap-20240426-0004/","reference_id":"ntap-20240426-0004","reference_type":"","scores":[{"value":"3.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-13T17:05:54Z/"}],"url":"https://security.netapp.com/advisory/ntap-20240426-0004/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/933727?format=json","purl":"pkg:deb/debian/openjfx@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjfx@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933721?format=json","purl":"pkg:deb/debian/openjfx@11.0.11%2B0-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjfx@11.0.11%252B0-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933719?format=json","purl":"pkg:deb/debian/openjfx@11.0.11%2B1-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjfx@11.0.11%252B1-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933722?format=json","purl":"pkg:deb/debian/openjfx@11.0.11%2B1-7?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjfx@11.0.11%252B1-7%3Fdistro=trixie"}],"aliases":["CVE-2024-21003"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-mw4a-31ag-6udf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/34760?format=json","vulnerability_id":"VCID-tet1-snjs-tbfb","summary":"Multiple vulnerabilities have been found in Oracle's JRE and JDK\n    software suites allowing remote attackers to remotely execute arbitrary\n    code, obtain information, and cause Denial of Service.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00009.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00009.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00045.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00045.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2015-1926.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2015-1926.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-4916.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-4916.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-4916","reference_id":"","reference_type":"","scores":[{"value":"0.00343","scoring_system":"epss","scoring_elements":"0.56907","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00343","scoring_system":"epss","scoring_elements":"0.56853","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00343","scoring_system":"epss","scoring_elements":"0.56948","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00343","scoring_system":"epss","scoring_elements":"0.56969","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00343","scoring_system":"epss","scoring_elements":"0.56945","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00343","scoring_system":"epss","scoring_elements":"0.56996","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00343","scoring_system":"epss","scoring_elements":"0.56999","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00343","scoring_system":"epss","scoring_elements":"0.57007","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00343","scoring_system":"epss","scoring_elements":"0.56986","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00343","scoring_system":"epss","scoring_elements":"0.56963","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00343","scoring_system":"epss","scoring_elements":"0.56992","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00343","scoring_system":"epss","scoring_elements":"0.56989","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00343","scoring_system":"epss","scoring_elements":"0.56966","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00343","scoring_system":"epss","scoring_elements":"0.56905","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00343","scoring_system":"epss","scoring_elements":"0.56923","published_at":"2026-04-26T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-4916"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4916","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4916"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html"},{"reference_url":"http://www.securityfocus.com/bid/77221","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/77221"},{"reference_url":"http://www.securitytracker.com/id/1033884","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1033884"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1273862","reference_id":"1273862","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1273862"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=823622","reference_id":"823622","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=823622"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:javafx:2.2.85:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:javafx:2.2.85:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:javafx:2.2.85:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.8.0:update60:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:jdk:1.8.0:update60:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.8.0:update60:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.8.0:update_60:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:jre:1.8.0:update_60:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.8.0:update_60:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2015-4916","reference_id":"CVE-2015-4916","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:N/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2015-4916"},{"reference_url":"https://security.gentoo.org/glsa/201603-11","reference_id":"GLSA-201603-11","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201603-11"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:1926","reference_id":"RHSA-2015:1926","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:1926"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/933720?format=json","purl":"pkg:deb/debian/openjfx@8u91-b14-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjfx@8u91-b14-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933721?format=json","purl":"pkg:deb/debian/openjfx@11.0.11%2B0-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjfx@11.0.11%252B0-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933719?format=json","purl":"pkg:deb/debian/openjfx@11.0.11%2B1-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjfx@11.0.11%252B1-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933722?format=json","purl":"pkg:deb/debian/openjfx@11.0.11%2B1-7?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjfx@11.0.11%252B1-7%3Fdistro=trixie"}],"aliases":["CVE-2015-4916"],"risk_score":2.2,"exploitability":"0.5","weighted_severity":"4.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-tet1-snjs-tbfb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/31630?format=json","vulnerability_id":"VCID-ts2n-qwjz-nfec","summary":"Multiple vulnerabilities have been found in Oracle's JRE and JDK\n    software suites, and IcedTea, the worst of which may allow execution of\n    arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-10114.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-10114.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-10114","reference_id":"","reference_type":"","scores":[{"value":"0.00925","scoring_system":"epss","scoring_elements":"0.76096","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00925","scoring_system":"epss","scoring_elements":"0.76075","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00925","scoring_system":"epss","scoring_elements":"0.76085","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01749","scoring_system":"epss","scoring_elements":"0.82557","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01749","scoring_system":"epss","scoring_elements":"0.82491","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01749","scoring_system":"epss","scoring_elements":"0.82477","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01749","scoring_system":"epss","scoring_elements":"0.82588","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01749","scoring_system":"epss","scoring_elements":"0.82584","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01749","scoring_system":"epss","scoring_elements":"0.82548","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01749","scoring_system":"epss","scoring_elements":"0.82553","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01749","scoring_system":"epss","scoring_elements":"0.82509","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01749","scoring_system":"epss","scoring_elements":"0.82505","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01749","scoring_system":"epss","scoring_elements":"0.82532","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01749","scoring_system":"epss","scoring_elements":"0.82539","published_at":"2026-04-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-10114"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10086","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10086"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10114","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10114"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.6","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:H/Au:N/C:C/I:C/A:C"},{"value":"8.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"http://www.securitytracker.com/id/1038931","reference_id":"1038931","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-04T15:39:27Z/"}],"url":"http://www.securitytracker.com/id/1038931"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1472662","reference_id":"1472662","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1472662"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=870860","reference_id":"870860","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=870860"},{"reference_url":"http://www.securityfocus.com/bid/99726","reference_id":"99726","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-04T15:39:27Z/"}],"url":"http://www.securityfocus.com/bid/99726"},{"reference_url":"http://www.debian.org/security/2017/dsa-4005","reference_id":"dsa-4005","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-04T15:39:27Z/"}],"url":"http://www.debian.org/security/2017/dsa-4005"},{"reference_url":"https://security.gentoo.org/glsa/201709-22","reference_id":"GLSA-201709-22","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-04T15:39:27Z/"}],"url":"https://security.gentoo.org/glsa/201709-22"},{"reference_url":"https://security.netapp.com/advisory/ntap-20170720-0001/","reference_id":"ntap-20170720-0001","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-04T15:39:27Z/"}],"url":"https://security.netapp.com/advisory/ntap-20170720-0001/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1790","reference_id":"RHSA-2017:1790","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-04T15:39:27Z/"}],"url":"https://access.redhat.com/errata/RHSA-2017:1790"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1791","reference_id":"RHSA-2017:1791","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-04T15:39:27Z/"}],"url":"https://access.redhat.com/errata/RHSA-2017:1791"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/933724?format=json","purl":"pkg:deb/debian/openjfx@8u141-b14-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjfx@8u141-b14-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933721?format=json","purl":"pkg:deb/debian/openjfx@11.0.11%2B0-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjfx@11.0.11%252B0-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933719?format=json","purl":"pkg:deb/debian/openjfx@11.0.11%2B1-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjfx@11.0.11%252B1-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933722?format=json","purl":"pkg:deb/debian/openjfx@11.0.11%2B1-7?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjfx@11.0.11%252B1-7%3Fdistro=trixie"}],"aliases":["CVE-2017-10114"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ts2n-qwjz-nfec"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/34759?format=json","vulnerability_id":"VCID-u4vm-t9jm-2yfv","summary":"Multiple vulnerabilities have been found in Oracle's JRE and JDK\n    software suites allowing remote attackers to remotely execute arbitrary\n    code, obtain information, and cause Denial of Service.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00009.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00009.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00045.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00045.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2015-1926.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2015-1926.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-4908.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-4908.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-4908","reference_id":"","reference_type":"","scores":[{"value":"0.00395","scoring_system":"epss","scoring_elements":"0.60358","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00395","scoring_system":"epss","scoring_elements":"0.60217","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00395","scoring_system":"epss","scoring_elements":"0.60293","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00395","scoring_system":"epss","scoring_elements":"0.60318","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00395","scoring_system":"epss","scoring_elements":"0.60286","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00395","scoring_system":"epss","scoring_elements":"0.60336","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00395","scoring_system":"epss","scoring_elements":"0.60352","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00395","scoring_system":"epss","scoring_elements":"0.60373","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00395","scoring_system":"epss","scoring_elements":"0.60359","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00395","scoring_system":"epss","scoring_elements":"0.60341","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00395","scoring_system":"epss","scoring_elements":"0.60382","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00395","scoring_system":"epss","scoring_elements":"0.6039","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00395","scoring_system":"epss","scoring_elements":"0.60379","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00395","scoring_system":"epss","scoring_elements":"0.60355","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00395","scoring_system":"epss","scoring_elements":"0.6037","published_at":"2026-04-26T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-4908"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4908","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4908"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html"},{"reference_url":"http://www.securityfocus.com/bid/77223","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/77223"},{"reference_url":"http://www.securitytracker.com/id/1033884","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1033884"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1273863","reference_id":"1273863","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1273863"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=823622","reference_id":"823622","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=823622"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:javafx:2.2.85:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:javafx:2.2.85:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:javafx:2.2.85:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.8.0:update60:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:jdk:1.8.0:update60:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.8.0:update60:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.8.0:update_60:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:jre:1.8.0:update_60:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.8.0:update_60:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2015-4908","reference_id":"CVE-2015-4908","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:N/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2015-4908"},{"reference_url":"https://security.gentoo.org/glsa/201603-11","reference_id":"GLSA-201603-11","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201603-11"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:1926","reference_id":"RHSA-2015:1926","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:1926"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/933720?format=json","purl":"pkg:deb/debian/openjfx@8u91-b14-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjfx@8u91-b14-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933721?format=json","purl":"pkg:deb/debian/openjfx@11.0.11%2B0-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjfx@11.0.11%252B0-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933719?format=json","purl":"pkg:deb/debian/openjfx@11.0.11%2B1-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjfx@11.0.11%252B1-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933722?format=json","purl":"pkg:deb/debian/openjfx@11.0.11%2B1-7?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjfx@11.0.11%252B1-7%3Fdistro=trixie"}],"aliases":["CVE-2015-4908"],"risk_score":2.2,"exploitability":"0.5","weighted_severity":"4.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-u4vm-t9jm-2yfv"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/267344?format=json","vulnerability_id":"VCID-vb15-km37-3ud9","summary":"Vulnerability in Oracle Java SE (component: JavaFX).  Supported versions that are affected are Oracle Java SE: 8u471-b50. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE.  Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in  unauthorized update, insert or delete access to some of Oracle Java SE accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.1 Base Score 3.1 (Integrity impacts).  CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N).","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-21947","reference_id":"","reference_type":"","scores":[{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.11021","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.11224","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.11194","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.11129","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.11084","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.11287","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.11102","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.11182","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.11239","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.11248","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.11216","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.1119","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.11054","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.11062","published_at":"2026-04-18T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-21947"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://www.oracle.com/security-alerts/cpujan2026.html","reference_id":"cpujan2026.html","reference_type":"","scores":[{"value":"3.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-21T15:08:23Z/"}],"url":"https://www.oracle.com/security-alerts/cpujan2026.html"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/933727?format=json","purl":"pkg:deb/debian/openjfx@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjfx@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933721?format=json","purl":"pkg:deb/debian/openjfx@11.0.11%2B0-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjfx@11.0.11%252B0-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933719?format=json","purl":"pkg:deb/debian/openjfx@11.0.11%2B1-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjfx@11.0.11%252B1-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933722?format=json","purl":"pkg:deb/debian/openjfx@11.0.11%2B1-7?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjfx@11.0.11%252B1-7%3Fdistro=trixie"}],"aliases":["CVE-2026-21947"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vb15-km37-3ud9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/241372?format=json","vulnerability_id":"VCID-wcrz-y3gd-bueb","summary":"Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JavaFX).  Supported versions that are affected are Oracle Java SE: 8u391; Oracle GraalVM Enterprise Edition: 20.3.12 and  21.3.8. Difficult to exploit vulnerability allows unauthenticated attacker with logon to the infrastructure where Oracle Java SE, Oracle GraalVM Enterprise Edition executes to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition.  Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in  unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.1 Base Score 2.5 (Integrity impacts).  CVSS Vector: (CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N).","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-20922","reference_id":"","reference_type":"","scores":[{"value":"0.00056","scoring_system":"epss","scoring_elements":"0.17284","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00056","scoring_system":"epss","scoring_elements":"0.17427","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00056","scoring_system":"epss","scoring_elements":"0.17462","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00056","scoring_system":"epss","scoring_elements":"0.17374","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00056","scoring_system":"epss","scoring_elements":"0.17351","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00056","scoring_system":"epss","scoring_elements":"0.17644","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00056","scoring_system":"epss","scoring_elements":"0.1769","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00056","scoring_system":"epss","scoring_elements":"0.17409","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00056","scoring_system":"epss","scoring_elements":"0.17501","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00056","scoring_system":"epss","scoring_elements":"0.17562","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00056","scoring_system":"epss","scoring_elements":"0.17575","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00056","scoring_system":"epss","scoring_elements":"0.17528","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00056","scoring_system":"epss","scoring_elements":"0.17475","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00056","scoring_system":"epss","scoring_elements":"0.17417","published_at":"2026-04-16T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-20922"},{"reference_url":"https://security.netapp.com/advisory/ntap-20240201-0002/","reference_id":"ntap-20240201-0002","reference_type":"","scores":[{"value":"2.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-08T15:54:33Z/"}],"url":"https://security.netapp.com/advisory/ntap-20240201-0002/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/933727?format=json","purl":"pkg:deb/debian/openjfx@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjfx@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933721?format=json","purl":"pkg:deb/debian/openjfx@11.0.11%2B0-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjfx@11.0.11%252B0-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933719?format=json","purl":"pkg:deb/debian/openjfx@11.0.11%2B1-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjfx@11.0.11%252B1-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933722?format=json","purl":"pkg:deb/debian/openjfx@11.0.11%2B1-7?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjfx@11.0.11%252B1-7%3Fdistro=trixie"}],"aliases":["CVE-2024-20922"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wcrz-y3gd-bueb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/45881?format=json","vulnerability_id":"VCID-yptm-3aag-fqbj","summary":"Multiple vulnerabilities have been found in OpenJDK and IcedTea,\n    the worst of which could result in the arbitrary execution of code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-2585.json","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-2585.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-2585","reference_id":"","reference_type":"","scores":[{"value":"0.01206","scoring_system":"epss","scoring_elements":"0.78913","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01206","scoring_system":"epss","scoring_elements":"0.78919","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01206","scoring_system":"epss","scoring_elements":"0.79037","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01206","scoring_system":"epss","scoring_elements":"0.7893","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01206","scoring_system":"epss","scoring_elements":"0.78955","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01206","scoring_system":"epss","scoring_elements":"0.78961","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01206","scoring_system":"epss","scoring_elements":"0.78984","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01206","scoring_system":"epss","scoring_elements":"0.78969","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01206","scoring_system":"epss","scoring_elements":"0.78959","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01206","scoring_system":"epss","scoring_elements":"0.78988","published_at":"2026-04-16T12:55:00Z"},{"value":"0.01206","scoring_system":"epss","scoring_elements":"0.79014","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01206","scoring_system":"epss","scoring_elements":"0.79021","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01206","scoring_system":"epss","scoring_elements":"0.78947","published_at":"2026-04-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-2585"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-2585","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-2585"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1807936","reference_id":"1807936","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1807936"},{"reference_url":"https://security.gentoo.org/glsa/202006-22","reference_id":"GLSA-202006-22","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-30T15:04:50Z/"}],"url":"https://security.gentoo.org/glsa/202006-22"},{"reference_url":"https://security.gentoo.org/glsa/202209-15","reference_id":"GLSA-202209-15","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-30T15:04:50Z/"}],"url":"https://security.gentoo.org/glsa/202209-15"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/933726?format=json","purl":"pkg:deb/debian/openjfx@11%2B26-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjfx@11%252B26-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933721?format=json","purl":"pkg:deb/debian/openjfx@11.0.11%2B0-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjfx@11.0.11%252B0-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933719?format=json","purl":"pkg:deb/debian/openjfx@11.0.11%2B1-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjfx@11.0.11%252B1-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933722?format=json","purl":"pkg:deb/debian/openjfx@11.0.11%2B1-7?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjfx@11.0.11%252B1-7%3Fdistro=trixie"}],"aliases":["CVE-2020-2585"],"risk_score":2.6,"exploitability":"0.5","weighted_severity":"5.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-yptm-3aag-fqbj"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjfx@11.0.11%252B1-3%3Fdistro=trixie"}