Staging Environment: Content and features may be unstable or change without notice.
Search for vulnerabilities
Vulnerability details: VCID-3b1m-995s-r7a8
Vulnerability ID VCID-3b1m-995s-r7a8
Aliases CVE-2021-2369
Summary Multiple vulnerabilities have been found in OpenJDK, the worst of which could result in denial of service.
Status Published
Exploitability 0.5
Weighted Severity 8.0
Risk 4.0
Affected and Fixed Packages Package Details
Weaknesses (1)
CWE-347 Improper Verification of Cryptographic Signature
System Score Found at
cvssv3 4.3 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-2369.json
epss 0.0034 https://api.first.org/data/v1/epss?cve=CVE-2021-2369
epss 0.0034 https://api.first.org/data/v1/epss?cve=CVE-2021-2369
epss 0.0034 https://api.first.org/data/v1/epss?cve=CVE-2021-2369
epss 0.0034 https://api.first.org/data/v1/epss?cve=CVE-2021-2369
epss 0.0034 https://api.first.org/data/v1/epss?cve=CVE-2021-2369
epss 0.0034 https://api.first.org/data/v1/epss?cve=CVE-2021-2369
epss 0.0034 https://api.first.org/data/v1/epss?cve=CVE-2021-2369
epss 0.0034 https://api.first.org/data/v1/epss?cve=CVE-2021-2369
epss 0.0034 https://api.first.org/data/v1/epss?cve=CVE-2021-2369
cvssv3.1 4.3 https://bugzilla.redhat.com/show_bug.cgi?id=1982879
ssvc Track https://bugzilla.redhat.com/show_bug.cgi?id=1982879
cvssv3.1 4.3 https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
cvssv3.1 4.3 https://lists.debian.org/debian-lts-announce/2021/08/msg00011.html
ssvc Track https://lists.debian.org/debian-lts-announce/2021/08/msg00011.html
archlinux High https://security.archlinux.org/AVG-2188
archlinux High https://security.archlinux.org/AVG-2189
archlinux High https://security.archlinux.org/AVG-2190
cvssv3.1 4.3 https://security.gentoo.org/glsa/202209-05
ssvc Track https://security.gentoo.org/glsa/202209-05
cvssv3.1 4.3 https://security.netapp.com/advisory/ntap-20210723-0002/
ssvc Track https://security.netapp.com/advisory/ntap-20210723-0002/
cvssv3.1 4.3 https://www.debian.org/security/2021/dsa-4946
ssvc Track https://www.debian.org/security/2021/dsa-4946
cvssv3.1 4.3 https://www.oracle.com/security-alerts/cpujul2021.html
ssvc Track https://www.oracle.com/security-alerts/cpujul2021.html
cvssv3.1 4.3 https://www.oracle.com/security-alerts/cpuoct2021.html
ssvc Track https://www.oracle.com/security-alerts/cpuoct2021.html
Reference id Reference type URL
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-2369.json
https://api.first.org/data/v1/epss?cve=CVE-2021-2369
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-2341
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-2369
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-2388
https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
1982879 https://bugzilla.redhat.com/show_bug.cgi?id=1982879
ASA-202107-53 https://security.archlinux.org/ASA-202107-53
ASA-202107-54 https://security.archlinux.org/ASA-202107-54
ASA-202107-65 https://security.archlinux.org/ASA-202107-65
ASA-202107-66 https://security.archlinux.org/ASA-202107-66
AVG-2188 https://security.archlinux.org/AVG-2188
AVG-2189 https://security.archlinux.org/AVG-2189
AVG-2190 https://security.archlinux.org/AVG-2190
dsa-4946 https://www.debian.org/security/2021/dsa-4946
GLSA-202209-05 https://security.gentoo.org/glsa/202209-05
GLSA-202409-26 https://security.gentoo.org/glsa/202409-26
msg00011.html https://lists.debian.org/debian-lts-announce/2021/08/msg00011.html
ntap-20210723-0002 https://security.netapp.com/advisory/ntap-20210723-0002/
RHSA-2021:2774 https://access.redhat.com/errata/RHSA-2021:2774
RHSA-2021:2775 https://access.redhat.com/errata/RHSA-2021:2775
RHSA-2021:2776 https://access.redhat.com/errata/RHSA-2021:2776
RHSA-2021:2777 https://access.redhat.com/errata/RHSA-2021:2777
RHSA-2021:2778 https://access.redhat.com/errata/RHSA-2021:2778
RHSA-2021:2779 https://access.redhat.com/errata/RHSA-2021:2779
RHSA-2021:2780 https://access.redhat.com/errata/RHSA-2021:2780
RHSA-2021:2781 https://access.redhat.com/errata/RHSA-2021:2781
RHSA-2021:2782 https://access.redhat.com/errata/RHSA-2021:2782
RHSA-2021:2783 https://access.redhat.com/errata/RHSA-2021:2783
RHSA-2021:2784 https://access.redhat.com/errata/RHSA-2021:2784
RHSA-2021:2845 https://access.redhat.com/errata/RHSA-2021:2845
RHSA-2021:3292 https://access.redhat.com/errata/RHSA-2021:3292
RHSA-2021:3293 https://access.redhat.com/errata/RHSA-2021:3293
RHSA-2021:4089 https://access.redhat.com/errata/RHSA-2021:4089
USN-5202-1 https://usn.ubuntu.com/5202-1/
No exploits are available.
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N Found at https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-2369.json
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N Found at https://bugzilla.redhat.com/show_bug.cgi?id=1982879
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T13:52:28Z/ Found at https://bugzilla.redhat.com/show_bug.cgi?id=1982879
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N Found at https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N Found at https://lists.debian.org/debian-lts-announce/2021/08/msg00011.html
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T13:52:28Z/ Found at https://lists.debian.org/debian-lts-announce/2021/08/msg00011.html
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N Found at https://security.gentoo.org/glsa/202209-05
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T13:52:28Z/ Found at https://security.gentoo.org/glsa/202209-05
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N Found at https://security.netapp.com/advisory/ntap-20210723-0002/
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T13:52:28Z/ Found at https://security.netapp.com/advisory/ntap-20210723-0002/
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N Found at https://www.debian.org/security/2021/dsa-4946
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T13:52:28Z/ Found at https://www.debian.org/security/2021/dsa-4946
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N Found at https://www.oracle.com/security-alerts/cpujul2021.html
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T13:52:28Z/ Found at https://www.oracle.com/security-alerts/cpujul2021.html
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N Found at https://www.oracle.com/security-alerts/cpuoct2021.html
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T13:52:28Z/ Found at https://www.oracle.com/security-alerts/cpuoct2021.html
Exploit Prediction Scoring System (EPSS)
Percentile 0.56676
EPSS Score 0.0034
Published At April 1, 2026, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
2026-04-01T13:00:37.633023+00:00 Gentoo Importer Import https://security.gentoo.org/glsa/202209-05 38.0.0