Staging Environment: Content and features may be unstable or change without notice.
Search for vulnerabilities
Vulnerability details: VCID-rggy-f3va-mfay
Vulnerability ID VCID-rggy-f3va-mfay
Aliases CVE-2024-21147
Summary OpenJDK: RangeCheckElimination array index overflow (8323231)
Status Published
Exploitability 0.5
Weighted Severity 6.7
Risk 3.4
Affected and Fixed Packages Package Details
Weaknesses (0)
There are no known CWE.
System Score Found at
cvssv3 7.4 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21147.json
epss 0.00721 https://api.first.org/data/v1/epss?cve=CVE-2024-21147
epss 0.00721 https://api.first.org/data/v1/epss?cve=CVE-2024-21147
epss 0.00721 https://api.first.org/data/v1/epss?cve=CVE-2024-21147
epss 0.00721 https://api.first.org/data/v1/epss?cve=CVE-2024-21147
epss 0.00721 https://api.first.org/data/v1/epss?cve=CVE-2024-21147
epss 0.00721 https://api.first.org/data/v1/epss?cve=CVE-2024-21147
epss 0.00721 https://api.first.org/data/v1/epss?cve=CVE-2024-21147
epss 0.00721 https://api.first.org/data/v1/epss?cve=CVE-2024-21147
cvssv3.1 7.4 https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
cvssv3.1 7.4 https://security.netapp.com/advisory/ntap-20240719-0008/
ssvc Track https://security.netapp.com/advisory/ntap-20240719-0008/
cvssv3.1 7.4 https://www.oracle.com/security-alerts/cpujul2024.html
ssvc Track https://www.oracle.com/security-alerts/cpujul2024.html
Reference id Reference type URL
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21147.json
https://api.first.org/data/v1/epss?cve=CVE-2024-21147
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21131
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21138
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21140
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21144
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21145
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21147
https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
2297977 https://bugzilla.redhat.com/show_bug.cgi?id=2297977
cpujul2024.html https://www.oracle.com/security-alerts/cpujul2024.html
ntap-20240719-0008 https://security.netapp.com/advisory/ntap-20240719-0008/
RHSA-2024:4560 https://access.redhat.com/errata/RHSA-2024:4560
RHSA-2024:4561 https://access.redhat.com/errata/RHSA-2024:4561
RHSA-2024:4562 https://access.redhat.com/errata/RHSA-2024:4562
RHSA-2024:4563 https://access.redhat.com/errata/RHSA-2024:4563
RHSA-2024:4564 https://access.redhat.com/errata/RHSA-2024:4564
RHSA-2024:4565 https://access.redhat.com/errata/RHSA-2024:4565
RHSA-2024:4566 https://access.redhat.com/errata/RHSA-2024:4566
RHSA-2024:4567 https://access.redhat.com/errata/RHSA-2024:4567
RHSA-2024:4568 https://access.redhat.com/errata/RHSA-2024:4568
RHSA-2024:4569 https://access.redhat.com/errata/RHSA-2024:4569
RHSA-2024:4570 https://access.redhat.com/errata/RHSA-2024:4570
RHSA-2024:4571 https://access.redhat.com/errata/RHSA-2024:4571
RHSA-2024:4572 https://access.redhat.com/errata/RHSA-2024:4572
RHSA-2024:4573 https://access.redhat.com/errata/RHSA-2024:4573
USN-6929-1 https://usn.ubuntu.com/6929-1/
USN-6930-1 https://usn.ubuntu.com/6930-1/
USN-6931-1 https://usn.ubuntu.com/6931-1/
USN-6932-1 https://usn.ubuntu.com/6932-1/
USN-7096-1 https://usn.ubuntu.com/7096-1/
USN-7097-1 https://usn.ubuntu.com/7097-1/
USN-7098-1 https://usn.ubuntu.com/7098-1/
No exploits are available.
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N Found at https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21147.json
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N Found at https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N Found at https://security.netapp.com/advisory/ntap-20240719-0008/
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-17T13:58:31Z/ Found at https://security.netapp.com/advisory/ntap-20240719-0008/
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N Found at https://www.oracle.com/security-alerts/cpujul2024.html
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-17T13:58:31Z/ Found at https://www.oracle.com/security-alerts/cpujul2024.html
Exploit Prediction Scoring System (EPSS)
Percentile 0.7244
EPSS Score 0.00721
Published At April 2, 2026, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
2026-04-01T13:46:13.541143+00:00 RedHat Importer Import https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21147.json 38.0.0