Staging Environment: Content and features may be unstable or change without notice.
Search for vulnerabilities
Vulnerability details: VCID-76rb-sg3r-bqce
Vulnerability ID VCID-76rb-sg3r-bqce
Aliases CVE-2024-21131
Summary OpenJDK: potential UTF8 size overflow (8314794)
Status Published
Exploitability 0.5
Weighted Severity 3.3
Risk 1.6
Affected and Fixed Packages Package Details
Weaknesses (0)
There are no known CWE.
System Score Found at
cvssv3 3.7 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21131.json
epss 0.00442 https://api.first.org/data/v1/epss?cve=CVE-2024-21131
epss 0.00442 https://api.first.org/data/v1/epss?cve=CVE-2024-21131
epss 0.00442 https://api.first.org/data/v1/epss?cve=CVE-2024-21131
epss 0.00442 https://api.first.org/data/v1/epss?cve=CVE-2024-21131
epss 0.00442 https://api.first.org/data/v1/epss?cve=CVE-2024-21131
epss 0.00442 https://api.first.org/data/v1/epss?cve=CVE-2024-21131
epss 0.00442 https://api.first.org/data/v1/epss?cve=CVE-2024-21131
epss 0.00442 https://api.first.org/data/v1/epss?cve=CVE-2024-21131
cvssv3.1 3.7 https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
cvssv3.1 3.7 https://security.netapp.com/advisory/ntap-20240719-0008/
ssvc Track https://security.netapp.com/advisory/ntap-20240719-0008/
cvssv3.1 3.7 https://www.oracle.com/security-alerts/cpujul2024.html
ssvc Track https://www.oracle.com/security-alerts/cpujul2024.html
Reference id Reference type URL
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21131.json
https://api.first.org/data/v1/epss?cve=CVE-2024-21131
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21131
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21138
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21140
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21144
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21145
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21147
https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
2297961 https://bugzilla.redhat.com/show_bug.cgi?id=2297961
cpujul2024.html https://www.oracle.com/security-alerts/cpujul2024.html
ntap-20240719-0008 https://security.netapp.com/advisory/ntap-20240719-0008/
RHSA-2024:4560 https://access.redhat.com/errata/RHSA-2024:4560
RHSA-2024:4561 https://access.redhat.com/errata/RHSA-2024:4561
RHSA-2024:4562 https://access.redhat.com/errata/RHSA-2024:4562
RHSA-2024:4563 https://access.redhat.com/errata/RHSA-2024:4563
RHSA-2024:4564 https://access.redhat.com/errata/RHSA-2024:4564
RHSA-2024:4565 https://access.redhat.com/errata/RHSA-2024:4565
RHSA-2024:4566 https://access.redhat.com/errata/RHSA-2024:4566
RHSA-2024:4567 https://access.redhat.com/errata/RHSA-2024:4567
RHSA-2024:4568 https://access.redhat.com/errata/RHSA-2024:4568
RHSA-2024:4569 https://access.redhat.com/errata/RHSA-2024:4569
RHSA-2024:4570 https://access.redhat.com/errata/RHSA-2024:4570
RHSA-2024:4571 https://access.redhat.com/errata/RHSA-2024:4571
RHSA-2024:4572 https://access.redhat.com/errata/RHSA-2024:4572
RHSA-2024:4573 https://access.redhat.com/errata/RHSA-2024:4573
USN-6929-1 https://usn.ubuntu.com/6929-1/
USN-6930-1 https://usn.ubuntu.com/6930-1/
USN-6931-1 https://usn.ubuntu.com/6931-1/
USN-6932-1 https://usn.ubuntu.com/6932-1/
USN-7096-1 https://usn.ubuntu.com/7096-1/
USN-7097-1 https://usn.ubuntu.com/7097-1/
USN-7098-1 https://usn.ubuntu.com/7098-1/
No exploits are available.
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N Found at https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21131.json
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N Found at https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N Found at https://security.netapp.com/advisory/ntap-20240719-0008/
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-17T13:34:16Z/ Found at https://security.netapp.com/advisory/ntap-20240719-0008/
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N Found at https://www.oracle.com/security-alerts/cpujul2024.html
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-17T13:34:16Z/ Found at https://www.oracle.com/security-alerts/cpujul2024.html
Exploit Prediction Scoring System (EPSS)
Percentile 0.63258
EPSS Score 0.00442
Published At April 2, 2026, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
2026-04-01T13:46:10.464812+00:00 RedHat Importer Import https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21131.json 38.0.0