VulnerableCode Vulnerability Details

Staging Environment: Content and features may be unstable or change without notice.

Search for vulnerabilities

Vulnerability details: VCID-re7t-zcdz-8qhc

Essentials
Severities (13)
References (19)
Severity details (8)
Exploits (0)
EPSS
History (1)

Vulnerability ID	VCID-re7t-zcdz-8qhc
Aliases	CVE-2023-22044
Summary	OpenJDK: modulo operator array indexing issue (8304460)
Status	Published
Exploitability	0.5
Weighted Severity	3.3
Risk	1.6
Affected and Fixed Packages	Package Details

Weaknesses (1)

CWE-125

Out-of-bounds Read

System	Score	Found at
cvssv3	3.7	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-22044.json
epss	0.0013	https://api.first.org/data/v1/epss?cve=CVE-2023-22044
epss	0.0013	https://api.first.org/data/v1/epss?cve=CVE-2023-22044
epss	0.0013	https://api.first.org/data/v1/epss?cve=CVE-2023-22044
epss	0.0013	https://api.first.org/data/v1/epss?cve=CVE-2023-22044
epss	0.0013	https://api.first.org/data/v1/epss?cve=CVE-2023-22044
cvssv3.1	3.7	https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
cvssv3.1	3.7	https://security.netapp.com/advisory/ntap-20230725-0006/
ssvc	Track	https://security.netapp.com/advisory/ntap-20230725-0006/
cvssv3.1	3.7	https://www.debian.org/security/2023/dsa-5458
ssvc	Track	https://www.debian.org/security/2023/dsa-5458
cvssv3.1	3.7	https://www.oracle.com/security-alerts/cpujul2023.html
ssvc	Track	https://www.oracle.com/security-alerts/cpujul2023.html

Reference id	Reference type	URL
		https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-22044.json
		https://api.first.org/data/v1/epss?cve=CVE-2023-22044
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22044
		https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
2221642		https://bugzilla.redhat.com/show_bug.cgi?id=2221642
cpujul2023.html		https://www.oracle.com/security-alerts/cpujul2023.html
dsa-5458		https://www.debian.org/security/2023/dsa-5458
GLSA-202407-24		https://security.gentoo.org/glsa/202407-24
GLSA-202412-07		https://security.gentoo.org/glsa/202412-07
ntap-20230725-0006		https://security.netapp.com/advisory/ntap-20230725-0006/
RHSA-2023:4159		https://access.redhat.com/errata/RHSA-2023:4159
RHSA-2023:4169		https://access.redhat.com/errata/RHSA-2023:4169
RHSA-2023:4170		https://access.redhat.com/errata/RHSA-2023:4170
RHSA-2023:4171		https://access.redhat.com/errata/RHSA-2023:4171
RHSA-2023:4177		https://access.redhat.com/errata/RHSA-2023:4177
RHSA-2023:4210		https://access.redhat.com/errata/RHSA-2023:4210
RHSA-2023:4211		https://access.redhat.com/errata/RHSA-2023:4211
USN-6263-1		https://usn.ubuntu.com/6263-1/
USN-6272-1		https://usn.ubuntu.com/6272-1/

No exploits are available.

Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N Found at https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-22044.json

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N Found at https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N Found at https://security.netapp.com/advisory/ntap-20230725-0006/

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-13T16:29:00Z/ Found at https://security.netapp.com/advisory/ntap-20230725-0006/

Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N Found at https://www.debian.org/security/2023/dsa-5458

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-13T16:29:00Z/ Found at https://www.debian.org/security/2023/dsa-5458

Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N Found at https://www.oracle.com/security-alerts/cpujul2023.html

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-13T16:29:00Z/ Found at https://www.oracle.com/security-alerts/cpujul2023.html

Exploit Prediction Scoring System (EPSS)

Percentile	0.32029
EPSS Score	0.0013
Published At	June 4, 2026, 12:55 p.m.

Date	Actor	Action	Source	VulnerableCode Version
2026-06-04T17:04:21.834421+00:00	RedHat Importer	Import	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-22044.json	38.6.0