{"url":"http://public2.vulnerablecode.io/api/packages/95693?format=json","purl":"pkg:rpm/redhat/java-1.8.0-ibm@1:1.8.0.8.5-1?arch=el8_8","type":"rpm","namespace":"redhat","name":"java-1.8.0-ibm","version":"1:1.8.0.8.5-1","qualifiers":{"arch":"el8_8"},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":null,"latest_non_vulnerable_version":null,"affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/78232?format=json","vulnerability_id":"VCID-2kgp-whsb-d3hr","summary":"JDK: unsafe deserialization flaw in the Object Request Broker (ORB)","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-40609.json","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-40609.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-40609","reference_id":"","reference_type":"","scores":[{"value":"0.00546","scoring_system":"epss","scoring_elements":"0.67794","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00546","scoring_system":"epss","scoring_elements":"0.67832","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00546","scoring_system":"epss","scoring_elements":"0.67793","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00546","scoring_system":"epss","scoring_elements":"0.67844","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00546","scoring_system":"epss","scoring_elements":"0.67858","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00546","scoring_system":"epss","scoring_elements":"0.67882","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00546","scoring_system":"epss","scoring_elements":"0.67868","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00546","scoring_system":"epss","scoring_elements":"0.67814","published_at":"2026-04-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-40609"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2228078","reference_id":"2228078","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2228078"},{"reference_url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/236069","reference_id":"236069","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-17T18:51:14Z/"}],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/236069"},{"reference_url":"https://www.ibm.com/support/pages/node/7017032","reference_id":"7017032","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-17T18:51:14Z/"}],"url":"https://www.ibm.com/support/pages/node/7017032"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4103","reference_id":"RHSA-2023:4103","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4103"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4160","reference_id":"RHSA-2023:4160","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4160"}],"fixed_packages":[],"aliases":["CVE-2022-40609"],"risk_score":3.6,"exploitability":"0.5","weighted_severity":"7.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2kgp-whsb-d3hr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/78480?format=json","vulnerability_id":"VCID-8wud-7t2q-xfa3","summary":"OpenJDK: missing check for slash characters in URI-to-path conversion (8298667)","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-21968.json","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-21968.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-21968","reference_id":"","reference_type":"","scores":[{"value":"0.0008","scoring_system":"epss","scoring_elements":"0.23735","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0008","scoring_system":"epss","scoring_elements":"0.23693","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00088","scoring_system":"epss","scoring_elements":"0.25179","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00088","scoring_system":"epss","scoring_elements":"0.25193","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00088","scoring_system":"epss","scoring_elements":"0.2515","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00088","scoring_system":"epss","scoring_elements":"0.25098","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00088","scoring_system":"epss","scoring_elements":"0.25064","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00088","scoring_system":"epss","scoring_elements":"0.25134","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-21968"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21930","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21930"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21937","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21937"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21938","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21938"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21939","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21939"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21954","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21954"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21967","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21967"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21968","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21968"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22006","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22006"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22036","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22036"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22041","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22041"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22045","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22045"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22049","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22049"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1035957","reference_id":"1035957","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1035957"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036280","reference_id":"1036280","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036280"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2187802","reference_id":"2187802","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2187802"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1875","reference_id":"RHSA-2023:1875","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1875"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1877","reference_id":"RHSA-2023:1877","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1877"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1878","reference_id":"RHSA-2023:1878","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1878"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1879","reference_id":"RHSA-2023:1879","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1879"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1880","reference_id":"RHSA-2023:1880","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1880"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1882","reference_id":"RHSA-2023:1882","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1882"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1883","reference_id":"RHSA-2023:1883","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1883"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1884","reference_id":"RHSA-2023:1884","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1884"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1885","reference_id":"RHSA-2023:1885","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1885"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1889","reference_id":"RHSA-2023:1889","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1889"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1890","reference_id":"RHSA-2023:1890","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1890"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1891","reference_id":"RHSA-2023:1891","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1891"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1892","reference_id":"RHSA-2023:1892","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1892"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1895","reference_id":"RHSA-2023:1895","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1895"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1898","reference_id":"RHSA-2023:1898","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1898"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1899","reference_id":"RHSA-2023:1899","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1899"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1900","reference_id":"RHSA-2023:1900","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1900"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1903","reference_id":"RHSA-2023:1903","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1903"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1904","reference_id":"RHSA-2023:1904","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1904"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1905","reference_id":"RHSA-2023:1905","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1905"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1906","reference_id":"RHSA-2023:1906","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1906"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1907","reference_id":"RHSA-2023:1907","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1907"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1908","reference_id":"RHSA-2023:1908","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1908"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1909","reference_id":"RHSA-2023:1909","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1909"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1910","reference_id":"RHSA-2023:1910","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1910"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1911","reference_id":"RHSA-2023:1911","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1911"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1912","reference_id":"RHSA-2023:1912","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1912"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4103","reference_id":"RHSA-2023:4103","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4103"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4160","reference_id":"RHSA-2023:4160","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4160"},{"reference_url":"https://usn.ubuntu.com/6077-1/","reference_id":"USN-6077-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6077-1/"}],"fixed_packages":[],"aliases":["CVE-2023-21968"],"risk_score":1.6,"exploitability":"0.5","weighted_severity":"3.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8wud-7t2q-xfa3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/78477?format=json","vulnerability_id":"VCID-9uzg-sja9-hkcy","summary":"OpenJDK: Swing HTML parsing issue (8296832)","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-21939.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-21939.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-21939","reference_id":"","reference_type":"","scores":[{"value":"0.01861","scoring_system":"epss","scoring_elements":"0.83001","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01861","scoring_system":"epss","scoring_elements":"0.83048","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01861","scoring_system":"epss","scoring_elements":"0.83014","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01861","scoring_system":"epss","scoring_elements":"0.83012","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01861","scoring_system":"epss","scoring_elements":"0.83037","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01861","scoring_system":"epss","scoring_elements":"0.83044","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01861","scoring_system":"epss","scoring_elements":"0.83059","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01861","scoring_system":"epss","scoring_elements":"0.83053","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-21939"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21930","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21930"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21937","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21937"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21938","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21938"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21939","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21939"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21954","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21954"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21967","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21967"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21968","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21968"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22006","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22006"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22036","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22036"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22041","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22041"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22045","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22045"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22049","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22049"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1035957","reference_id":"1035957","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1035957"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036280","reference_id":"1036280","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036280"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2187724","reference_id":"2187724","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2187724"},{"reference_url":"https://www.debian.org/security/2023/dsa-5430","reference_id":"dsa-5430","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-05T19:26:29Z/"}],"url":"https://www.debian.org/security/2023/dsa-5430"},{"reference_url":"https://www.debian.org/security/2023/dsa-5478","reference_id":"dsa-5478","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-05T19:26:29Z/"}],"url":"https://www.debian.org/security/2023/dsa-5478"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2023/09/msg00018.html","reference_id":"msg00018.html","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-05T19:26:29Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2023/09/msg00018.html"},{"reference_url":"https://security.netapp.com/advisory/ntap-20230427-0008/","reference_id":"ntap-20230427-0008","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-05T19:26:29Z/"}],"url":"https://security.netapp.com/advisory/ntap-20230427-0008/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1875","reference_id":"RHSA-2023:1875","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1875"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1877","reference_id":"RHSA-2023:1877","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1877"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1878","reference_id":"RHSA-2023:1878","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1878"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1879","reference_id":"RHSA-2023:1879","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1879"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1880","reference_id":"RHSA-2023:1880","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1880"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1882","reference_id":"RHSA-2023:1882","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1882"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1883","reference_id":"RHSA-2023:1883","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1883"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1884","reference_id":"RHSA-2023:1884","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1884"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1885","reference_id":"RHSA-2023:1885","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1885"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1889","reference_id":"RHSA-2023:1889","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1889"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1890","reference_id":"RHSA-2023:1890","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1890"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1891","reference_id":"RHSA-2023:1891","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1891"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1892","reference_id":"RHSA-2023:1892","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1892"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1895","reference_id":"RHSA-2023:1895","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1895"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1898","reference_id":"RHSA-2023:1898","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1898"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1899","reference_id":"RHSA-2023:1899","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1899"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1900","reference_id":"RHSA-2023:1900","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1900"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1903","reference_id":"RHSA-2023:1903","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1903"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1904","reference_id":"RHSA-2023:1904","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1904"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1905","reference_id":"RHSA-2023:1905","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1905"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1906","reference_id":"RHSA-2023:1906","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1906"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1907","reference_id":"RHSA-2023:1907","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1907"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1908","reference_id":"RHSA-2023:1908","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1908"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1909","reference_id":"RHSA-2023:1909","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1909"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1910","reference_id":"RHSA-2023:1910","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1910"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1911","reference_id":"RHSA-2023:1911","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1911"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1912","reference_id":"RHSA-2023:1912","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1912"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4103","reference_id":"RHSA-2023:4103","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4103"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4160","reference_id":"RHSA-2023:4160","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4160"},{"reference_url":"https://usn.ubuntu.com/6077-1/","reference_id":"USN-6077-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6077-1/"}],"fixed_packages":[],"aliases":["CVE-2023-21939"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9uzg-sja9-hkcy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/78479?format=json","vulnerability_id":"VCID-dwh6-xw5k-mqg8","summary":"OpenJDK: missing string checks for NULL characters (8296622)","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-21937.json","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-21937.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-21937","reference_id":"","reference_type":"","scores":[{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.25149","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.24993","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.25188","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.2496","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.25029","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.25073","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.25087","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.25047","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-21937"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21930","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21930"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21937","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21937"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21938","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21938"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21939","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21939"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21954","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21954"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21967","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21967"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21968","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21968"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22006","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22006"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22036","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22036"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22041","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22041"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22045","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22045"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22049","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22049"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1035957","reference_id":"1035957","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1035957"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036280","reference_id":"1036280","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036280"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2187790","reference_id":"2187790","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2187790"},{"reference_url":"https://www.debian.org/security/2023/dsa-5430","reference_id":"dsa-5430","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-17T13:34:57Z/"}],"url":"https://www.debian.org/security/2023/dsa-5430"},{"reference_url":"https://www.debian.org/security/2023/dsa-5478","reference_id":"dsa-5478","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-17T13:34:57Z/"}],"url":"https://www.debian.org/security/2023/dsa-5478"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2023/09/msg00018.html","reference_id":"msg00018.html","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-17T13:34:57Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2023/09/msg00018.html"},{"reference_url":"https://security.netapp.com/advisory/ntap-20230427-0008/","reference_id":"ntap-20230427-0008","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-17T13:34:57Z/"}],"url":"https://security.netapp.com/advisory/ntap-20230427-0008/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1875","reference_id":"RHSA-2023:1875","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1875"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1877","reference_id":"RHSA-2023:1877","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1877"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1878","reference_id":"RHSA-2023:1878","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1878"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1879","reference_id":"RHSA-2023:1879","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1879"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1880","reference_id":"RHSA-2023:1880","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1880"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1882","reference_id":"RHSA-2023:1882","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1882"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1883","reference_id":"RHSA-2023:1883","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1883"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1884","reference_id":"RHSA-2023:1884","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1884"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1885","reference_id":"RHSA-2023:1885","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1885"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1889","reference_id":"RHSA-2023:1889","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1889"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1890","reference_id":"RHSA-2023:1890","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1890"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1891","reference_id":"RHSA-2023:1891","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1891"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1892","reference_id":"RHSA-2023:1892","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1892"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1895","reference_id":"RHSA-2023:1895","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1895"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1898","reference_id":"RHSA-2023:1898","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1898"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1899","reference_id":"RHSA-2023:1899","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1899"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1900","reference_id":"RHSA-2023:1900","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1900"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1903","reference_id":"RHSA-2023:1903","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1903"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1904","reference_id":"RHSA-2023:1904","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1904"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1905","reference_id":"RHSA-2023:1905","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1905"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1906","reference_id":"RHSA-2023:1906","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1906"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1907","reference_id":"RHSA-2023:1907","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1907"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1908","reference_id":"RHSA-2023:1908","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1908"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1909","reference_id":"RHSA-2023:1909","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1909"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1910","reference_id":"RHSA-2023:1910","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1910"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1911","reference_id":"RHSA-2023:1911","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1911"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1912","reference_id":"RHSA-2023:1912","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1912"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4103","reference_id":"RHSA-2023:4103","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4103"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4160","reference_id":"RHSA-2023:4160","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4160"},{"reference_url":"https://usn.ubuntu.com/6077-1/","reference_id":"USN-6077-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6077-1/"}],"fixed_packages":[],"aliases":["CVE-2023-21937"],"risk_score":1.6,"exploitability":"0.5","weighted_severity":"3.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-dwh6-xw5k-mqg8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/78474?format=json","vulnerability_id":"VCID-kq78-adbv-67a7","summary":"OpenJDK: improper connection handling during TLS handshake (8294474)","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-21930.json","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-21930.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-21930","reference_id":"","reference_type":"","scores":[{"value":"0.00155","scoring_system":"epss","scoring_elements":"0.36214","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00155","scoring_system":"epss","scoring_elements":"0.36276","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00155","scoring_system":"epss","scoring_elements":"0.36239","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00159","scoring_system":"epss","scoring_elements":"0.36941","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00159","scoring_system":"epss","scoring_elements":"0.36908","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00159","scoring_system":"epss","scoring_elements":"0.36839","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00159","scoring_system":"epss","scoring_elements":"0.36824","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00159","scoring_system":"epss","scoring_elements":"0.36774","published_at":"2026-04-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-21930"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21930","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21930"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21937","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21937"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21938","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21938"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21939","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21939"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21954","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21954"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21967","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21967"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21968","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21968"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22006","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22006"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22036","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22036"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22041","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22041"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22045","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22045"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22049","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22049"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1035957","reference_id":"1035957","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1035957"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036280","reference_id":"1036280","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036280"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2187435","reference_id":"2187435","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2187435"},{"reference_url":"https://www.debian.org/security/2023/dsa-5430","reference_id":"dsa-5430","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-22T19:44:31Z/"}],"url":"https://www.debian.org/security/2023/dsa-5430"},{"reference_url":"https://www.debian.org/security/2023/dsa-5478","reference_id":"dsa-5478","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-22T19:44:31Z/"}],"url":"https://www.debian.org/security/2023/dsa-5478"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2023/09/msg00018.html","reference_id":"msg00018.html","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-22T19:44:31Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2023/09/msg00018.html"},{"reference_url":"https://security.netapp.com/advisory/ntap-20230427-0008/","reference_id":"ntap-20230427-0008","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-22T19:44:31Z/"}],"url":"https://security.netapp.com/advisory/ntap-20230427-0008/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1875","reference_id":"RHSA-2023:1875","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1875"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1877","reference_id":"RHSA-2023:1877","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1877"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1878","reference_id":"RHSA-2023:1878","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1878"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1879","reference_id":"RHSA-2023:1879","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1879"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1880","reference_id":"RHSA-2023:1880","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1880"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1882","reference_id":"RHSA-2023:1882","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1882"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1883","reference_id":"RHSA-2023:1883","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1883"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1884","reference_id":"RHSA-2023:1884","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1884"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1885","reference_id":"RHSA-2023:1885","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1885"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1889","reference_id":"RHSA-2023:1889","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1889"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1890","reference_id":"RHSA-2023:1890","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1890"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1891","reference_id":"RHSA-2023:1891","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1891"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1892","reference_id":"RHSA-2023:1892","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1892"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1895","reference_id":"RHSA-2023:1895","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1895"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1898","reference_id":"RHSA-2023:1898","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1898"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1899","reference_id":"RHSA-2023:1899","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1899"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1900","reference_id":"RHSA-2023:1900","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1900"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1903","reference_id":"RHSA-2023:1903","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1903"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1904","reference_id":"RHSA-2023:1904","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1904"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1905","reference_id":"RHSA-2023:1905","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1905"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1906","reference_id":"RHSA-2023:1906","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1906"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1907","reference_id":"RHSA-2023:1907","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1907"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1908","reference_id":"RHSA-2023:1908","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1908"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1909","reference_id":"RHSA-2023:1909","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1909"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1910","reference_id":"RHSA-2023:1910","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1910"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1911","reference_id":"RHSA-2023:1911","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1911"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1912","reference_id":"RHSA-2023:1912","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1912"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4103","reference_id":"RHSA-2023:4103","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4103"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4160","reference_id":"RHSA-2023:4160","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4160"},{"reference_url":"https://usn.ubuntu.com/6077-1/","reference_id":"USN-6077-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6077-1/"}],"fixed_packages":[],"aliases":["CVE-2023-21930"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-kq78-adbv-67a7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/78478?format=json","vulnerability_id":"VCID-q5gr-6u92-6ybk","summary":"OpenJDK: incorrect handling of NULL characters in ProcessBuilder (8295304)","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-21938.json","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-21938.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-21938","reference_id":"","reference_type":"","scores":[{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.25149","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.24993","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.25188","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.2496","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.25029","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.25073","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.25087","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.25047","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-21938"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21930","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21930"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21937","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21937"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21938","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21938"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21939","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21939"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21954","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21954"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21967","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21967"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21968","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21968"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22006","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22006"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22036","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22036"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22041","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22041"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22045","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22045"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22049","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22049"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1035957","reference_id":"1035957","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1035957"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036280","reference_id":"1036280","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036280"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2187758","reference_id":"2187758","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2187758"},{"reference_url":"https://www.debian.org/security/2023/dsa-5430","reference_id":"dsa-5430","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-16T14:39:35Z/"}],"url":"https://www.debian.org/security/2023/dsa-5430"},{"reference_url":"https://www.debian.org/security/2023/dsa-5478","reference_id":"dsa-5478","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-16T14:39:35Z/"}],"url":"https://www.debian.org/security/2023/dsa-5478"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2023/09/msg00018.html","reference_id":"msg00018.html","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-16T14:39:35Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2023/09/msg00018.html"},{"reference_url":"https://security.netapp.com/advisory/ntap-20230427-0008/","reference_id":"ntap-20230427-0008","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-16T14:39:35Z/"}],"url":"https://security.netapp.com/advisory/ntap-20230427-0008/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1875","reference_id":"RHSA-2023:1875","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1875"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1877","reference_id":"RHSA-2023:1877","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1877"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1878","reference_id":"RHSA-2023:1878","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1878"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1879","reference_id":"RHSA-2023:1879","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1879"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1880","reference_id":"RHSA-2023:1880","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1880"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1882","reference_id":"RHSA-2023:1882","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1882"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1883","reference_id":"RHSA-2023:1883","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1883"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1884","reference_id":"RHSA-2023:1884","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1884"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1885","reference_id":"RHSA-2023:1885","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1885"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1889","reference_id":"RHSA-2023:1889","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1889"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1890","reference_id":"RHSA-2023:1890","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1890"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1891","reference_id":"RHSA-2023:1891","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1891"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1892","reference_id":"RHSA-2023:1892","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1892"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1895","reference_id":"RHSA-2023:1895","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1895"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1898","reference_id":"RHSA-2023:1898","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1898"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1899","reference_id":"RHSA-2023:1899","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1899"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1900","reference_id":"RHSA-2023:1900","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1900"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1903","reference_id":"RHSA-2023:1903","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1903"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1904","reference_id":"RHSA-2023:1904","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1904"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1905","reference_id":"RHSA-2023:1905","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1905"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1906","reference_id":"RHSA-2023:1906","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1906"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1907","reference_id":"RHSA-2023:1907","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1907"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1908","reference_id":"RHSA-2023:1908","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1908"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1909","reference_id":"RHSA-2023:1909","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1909"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1910","reference_id":"RHSA-2023:1910","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1910"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1911","reference_id":"RHSA-2023:1911","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1911"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1912","reference_id":"RHSA-2023:1912","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1912"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4103","reference_id":"RHSA-2023:4103","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4103"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4160","reference_id":"RHSA-2023:4160","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4160"},{"reference_url":"https://usn.ubuntu.com/6077-1/","reference_id":"USN-6077-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6077-1/"}],"fixed_packages":[],"aliases":["CVE-2023-21938"],"risk_score":1.6,"exploitability":"0.5","weighted_severity":"3.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-q5gr-6u92-6ybk"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/78476?format=json","vulnerability_id":"VCID-xk2v-7cgk-13ex","summary":"OpenJDK: certificate validation issue in TLS session negotiation (8298310)","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-21967.json","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-21967.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-21967","reference_id":"","reference_type":"","scores":[{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.2175","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.21607","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.21805","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.21556","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.21633","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.21691","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.21702","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.21664","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-21967"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21930","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21930"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21937","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21937"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21938","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21938"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21939","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21939"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21954","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21954"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21967","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21967"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21968","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21968"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22006","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22006"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22036","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22036"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22041","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22041"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22045","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22045"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22049","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22049"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1035957","reference_id":"1035957","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1035957"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036280","reference_id":"1036280","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036280"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2187704","reference_id":"2187704","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2187704"},{"reference_url":"https://www.debian.org/security/2023/dsa-5430","reference_id":"dsa-5430","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-17T13:34:32Z/"}],"url":"https://www.debian.org/security/2023/dsa-5430"},{"reference_url":"https://www.debian.org/security/2023/dsa-5478","reference_id":"dsa-5478","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-17T13:34:32Z/"}],"url":"https://www.debian.org/security/2023/dsa-5478"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2023/09/msg00018.html","reference_id":"msg00018.html","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-17T13:34:32Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2023/09/msg00018.html"},{"reference_url":"https://security.netapp.com/advisory/ntap-20230427-0008/","reference_id":"ntap-20230427-0008","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-17T13:34:32Z/"}],"url":"https://security.netapp.com/advisory/ntap-20230427-0008/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1875","reference_id":"RHSA-2023:1875","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1875"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1877","reference_id":"RHSA-2023:1877","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1877"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1878","reference_id":"RHSA-2023:1878","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1878"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1879","reference_id":"RHSA-2023:1879","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1879"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1880","reference_id":"RHSA-2023:1880","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1880"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1882","reference_id":"RHSA-2023:1882","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1882"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1883","reference_id":"RHSA-2023:1883","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1883"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1884","reference_id":"RHSA-2023:1884","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1884"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1885","reference_id":"RHSA-2023:1885","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1885"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1889","reference_id":"RHSA-2023:1889","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1889"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1890","reference_id":"RHSA-2023:1890","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1890"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1891","reference_id":"RHSA-2023:1891","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1891"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1892","reference_id":"RHSA-2023:1892","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1892"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1895","reference_id":"RHSA-2023:1895","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1895"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1898","reference_id":"RHSA-2023:1898","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1898"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1899","reference_id":"RHSA-2023:1899","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1899"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1900","reference_id":"RHSA-2023:1900","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1900"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1903","reference_id":"RHSA-2023:1903","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1903"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1904","reference_id":"RHSA-2023:1904","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1904"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1905","reference_id":"RHSA-2023:1905","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1905"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1906","reference_id":"RHSA-2023:1906","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1906"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1907","reference_id":"RHSA-2023:1907","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1907"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1908","reference_id":"RHSA-2023:1908","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1908"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1909","reference_id":"RHSA-2023:1909","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1909"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1910","reference_id":"RHSA-2023:1910","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1910"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1911","reference_id":"RHSA-2023:1911","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1911"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1912","reference_id":"RHSA-2023:1912","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1912"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4103","reference_id":"RHSA-2023:4103","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4103"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4160","reference_id":"RHSA-2023:4160","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4160"},{"reference_url":"https://usn.ubuntu.com/6077-1/","reference_id":"USN-6077-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6077-1/"}],"fixed_packages":[],"aliases":["CVE-2023-21967"],"risk_score":2.6,"exploitability":"0.5","weighted_severity":"5.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xk2v-7cgk-13ex"}],"fixing_vulnerabilities":[],"risk_score":"3.6","resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/java-1.8.0-ibm@1:1.8.0.8.5-1%3Farch=el8_8"}