Search for vulnerabilities
Vulnerability details: VCID-rvs5-1p62-aaah
Vulnerability ID VCID-rvs5-1p62-aaah
Aliases CVE-2024-21138
Summary OpenJDK: Excessive symbol length can lead to infinite loop (8319859)
Status Published
Exploitability 0.5
Weighted Severity 3.3
Risk 1.6
Affected and Fixed Packages Package Details
Weaknesses (1)
CWE-835 Loop with Unreachable Exit Condition ('Infinite Loop')
System Score Found at
cvssv3 3.7 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21138.json
epss 0.00043 https://api.first.org/data/v1/epss?cve=CVE-2024-21138
epss 0.00043 https://api.first.org/data/v1/epss?cve=CVE-2024-21138
epss 0.00043 https://api.first.org/data/v1/epss?cve=CVE-2024-21138
epss 0.00043 https://api.first.org/data/v1/epss?cve=CVE-2024-21138
epss 0.00046 https://api.first.org/data/v1/epss?cve=CVE-2024-21138
epss 0.00046 https://api.first.org/data/v1/epss?cve=CVE-2024-21138
epss 0.00046 https://api.first.org/data/v1/epss?cve=CVE-2024-21138
epss 0.00046 https://api.first.org/data/v1/epss?cve=CVE-2024-21138
epss 0.00046 https://api.first.org/data/v1/epss?cve=CVE-2024-21138
epss 0.00046 https://api.first.org/data/v1/epss?cve=CVE-2024-21138
epss 0.00046 https://api.first.org/data/v1/epss?cve=CVE-2024-21138
epss 0.00046 https://api.first.org/data/v1/epss?cve=CVE-2024-21138
epss 0.00046 https://api.first.org/data/v1/epss?cve=CVE-2024-21138
epss 0.00046 https://api.first.org/data/v1/epss?cve=CVE-2024-21138
epss 0.00046 https://api.first.org/data/v1/epss?cve=CVE-2024-21138
epss 0.00046 https://api.first.org/data/v1/epss?cve=CVE-2024-21138
epss 0.00149 https://api.first.org/data/v1/epss?cve=CVE-2024-21138
epss 0.00149 https://api.first.org/data/v1/epss?cve=CVE-2024-21138
epss 0.00149 https://api.first.org/data/v1/epss?cve=CVE-2024-21138
epss 0.00149 https://api.first.org/data/v1/epss?cve=CVE-2024-21138
epss 0.00149 https://api.first.org/data/v1/epss?cve=CVE-2024-21138
epss 0.00149 https://api.first.org/data/v1/epss?cve=CVE-2024-21138
epss 0.00149 https://api.first.org/data/v1/epss?cve=CVE-2024-21138
epss 0.00152 https://api.first.org/data/v1/epss?cve=CVE-2024-21138
epss 0.00152 https://api.first.org/data/v1/epss?cve=CVE-2024-21138
epss 0.00166 https://api.first.org/data/v1/epss?cve=CVE-2024-21138
epss 0.00166 https://api.first.org/data/v1/epss?cve=CVE-2024-21138
epss 0.00166 https://api.first.org/data/v1/epss?cve=CVE-2024-21138
epss 0.00166 https://api.first.org/data/v1/epss?cve=CVE-2024-21138
epss 0.00166 https://api.first.org/data/v1/epss?cve=CVE-2024-21138
epss 0.00166 https://api.first.org/data/v1/epss?cve=CVE-2024-21138
epss 0.00166 https://api.first.org/data/v1/epss?cve=CVE-2024-21138
epss 0.00166 https://api.first.org/data/v1/epss?cve=CVE-2024-21138
epss 0.00166 https://api.first.org/data/v1/epss?cve=CVE-2024-21138
epss 0.00166 https://api.first.org/data/v1/epss?cve=CVE-2024-21138
epss 0.00166 https://api.first.org/data/v1/epss?cve=CVE-2024-21138
epss 0.00166 https://api.first.org/data/v1/epss?cve=CVE-2024-21138
epss 0.00166 https://api.first.org/data/v1/epss?cve=CVE-2024-21138
epss 0.00166 https://api.first.org/data/v1/epss?cve=CVE-2024-21138
epss 0.00166 https://api.first.org/data/v1/epss?cve=CVE-2024-21138
epss 0.00166 https://api.first.org/data/v1/epss?cve=CVE-2024-21138
epss 0.00166 https://api.first.org/data/v1/epss?cve=CVE-2024-21138
epss 0.00166 https://api.first.org/data/v1/epss?cve=CVE-2024-21138
epss 0.00179 https://api.first.org/data/v1/epss?cve=CVE-2024-21138
epss 0.00179 https://api.first.org/data/v1/epss?cve=CVE-2024-21138
epss 0.00179 https://api.first.org/data/v1/epss?cve=CVE-2024-21138
epss 0.00179 https://api.first.org/data/v1/epss?cve=CVE-2024-21138
epss 0.00179 https://api.first.org/data/v1/epss?cve=CVE-2024-21138
epss 0.00179 https://api.first.org/data/v1/epss?cve=CVE-2024-21138
epss 0.00179 https://api.first.org/data/v1/epss?cve=CVE-2024-21138
epss 0.00179 https://api.first.org/data/v1/epss?cve=CVE-2024-21138
epss 0.0018 https://api.first.org/data/v1/epss?cve=CVE-2024-21138
epss 0.00193 https://api.first.org/data/v1/epss?cve=CVE-2024-21138
epss 0.00193 https://api.first.org/data/v1/epss?cve=CVE-2024-21138
epss 0.0021 https://api.first.org/data/v1/epss?cve=CVE-2024-21138
epss 0.0021 https://api.first.org/data/v1/epss?cve=CVE-2024-21138
epss 0.0021 https://api.first.org/data/v1/epss?cve=CVE-2024-21138
epss 0.0021 https://api.first.org/data/v1/epss?cve=CVE-2024-21138
epss 0.0021 https://api.first.org/data/v1/epss?cve=CVE-2024-21138
epss 0.0021 https://api.first.org/data/v1/epss?cve=CVE-2024-21138
epss 0.0021 https://api.first.org/data/v1/epss?cve=CVE-2024-21138
epss 0.0021 https://api.first.org/data/v1/epss?cve=CVE-2024-21138
epss 0.0021 https://api.first.org/data/v1/epss?cve=CVE-2024-21138
epss 0.0021 https://api.first.org/data/v1/epss?cve=CVE-2024-21138
epss 0.0021 https://api.first.org/data/v1/epss?cve=CVE-2024-21138
epss 0.0021 https://api.first.org/data/v1/epss?cve=CVE-2024-21138
epss 0.0021 https://api.first.org/data/v1/epss?cve=CVE-2024-21138
epss 0.0021 https://api.first.org/data/v1/epss?cve=CVE-2024-21138
epss 0.0021 https://api.first.org/data/v1/epss?cve=CVE-2024-21138
epss 0.0021 https://api.first.org/data/v1/epss?cve=CVE-2024-21138
epss 0.0021 https://api.first.org/data/v1/epss?cve=CVE-2024-21138
epss 0.0021 https://api.first.org/data/v1/epss?cve=CVE-2024-21138
epss 0.0021 https://api.first.org/data/v1/epss?cve=CVE-2024-21138
epss 0.0021 https://api.first.org/data/v1/epss?cve=CVE-2024-21138
epss 0.0021 https://api.first.org/data/v1/epss?cve=CVE-2024-21138
epss 0.0021 https://api.first.org/data/v1/epss?cve=CVE-2024-21138
epss 0.0021 https://api.first.org/data/v1/epss?cve=CVE-2024-21138
epss 0.0021 https://api.first.org/data/v1/epss?cve=CVE-2024-21138
epss 0.0021 https://api.first.org/data/v1/epss?cve=CVE-2024-21138
epss 0.0021 https://api.first.org/data/v1/epss?cve=CVE-2024-21138
epss 0.0021 https://api.first.org/data/v1/epss?cve=CVE-2024-21138
epss 0.0021 https://api.first.org/data/v1/epss?cve=CVE-2024-21138
epss 0.0021 https://api.first.org/data/v1/epss?cve=CVE-2024-21138
epss 0.0066 https://api.first.org/data/v1/epss?cve=CVE-2024-21138
cvssv3.1 3.7 https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
cvssv3 3.7 https://nvd.nist.gov/vuln/detail/CVE-2024-21138
cvssv3.1 3.7 https://nvd.nist.gov/vuln/detail/CVE-2024-21138
Reference id Reference type URL
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21138.json
https://api.first.org/data/v1/epss?cve=CVE-2024-21138
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21131
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21138
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21140
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21144
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21145
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21147
https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
https://security.netapp.com/advisory/ntap-20240719-0008/
https://www.oracle.com/security-alerts/cpujul2024.html
2297962 https://bugzilla.redhat.com/show_bug.cgi?id=2297962
cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:*
cpe:2.3:a:netapp:bluexp:-:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:bluexp:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:data_infrastructure_insights_storage_workload_security_agent:-:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:data_infrastructure_insights_storage_workload_security_agent:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:oncommand_workflow_automation:-:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:oncommand_workflow_automation:-:*:*:*:*:*:*:*
cpe:2.3:a:oracle:graalvm:20.3.14:*:*:*:enterprise:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm:20.3.14:*:*:*:enterprise:*:*:*
cpe:2.3:a:oracle:graalvm:21.3.10:*:*:*:enterprise:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm:21.3.10:*:*:*:enterprise:*:*:*
cpe:2.3:a:oracle:graalvm_for_jdk:17.0.11:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:17.0.11:*:*:*:*:*:*:*
cpe:2.3:a:oracle:graalvm_for_jdk:21.0.3:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:21.0.3:*:*:*:*:*:*:*
cpe:2.3:a:oracle:graalvm_for_jdk:22.0.1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:22.0.1:*:*:*:*:*:*:*
cpe:2.3:a:oracle:jdk:11.0.23:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:11.0.23:*:*:*:*:*:*:*
cpe:2.3:a:oracle:jdk:17.0.11:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:17.0.11:*:*:*:*:*:*:*
cpe:2.3:a:oracle:jdk:1.8.0:update411:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.8.0:update411:*:*:*:*:*:*
cpe:2.3:a:oracle:jdk:1.8.0:update411:*:*:enterprise_performance_pack:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.8.0:update411:*:*:enterprise_performance_pack:*:*:*
cpe:2.3:a:oracle:jdk:21.0.3:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:21.0.3:*:*:*:*:*:*:*
cpe:2.3:a:oracle:jdk:22.0.1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:22.0.1:*:*:*:*:*:*:*
cpe:2.3:a:oracle:jre:11.0.23:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:11.0.23:*:*:*:*:*:*:*
cpe:2.3:a:oracle:jre:17.0.11:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:17.0.11:*:*:*:*:*:*:*
cpe:2.3:a:oracle:jre:1.8.0:update411:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.8.0:update411:*:*:*:*:*:*
cpe:2.3:a:oracle:jre:1.8.0:update411:*:*:enterprise_performance_pack:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.8.0:update411:*:*:enterprise_performance_pack:*:*:*
cpe:2.3:a:oracle:jre:21.0.3:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:21.0.3:*:*:*:*:*:*:*
cpe:2.3:a:oracle:jre:22.0.1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:22.0.1:*:*:*:*:*:*:*
CVE-2024-21138 https://nvd.nist.gov/vuln/detail/CVE-2024-21138
RHSA-2024:4560 https://access.redhat.com/errata/RHSA-2024:4560
RHSA-2024:4561 https://access.redhat.com/errata/RHSA-2024:4561
RHSA-2024:4562 https://access.redhat.com/errata/RHSA-2024:4562
RHSA-2024:4563 https://access.redhat.com/errata/RHSA-2024:4563
RHSA-2024:4564 https://access.redhat.com/errata/RHSA-2024:4564
RHSA-2024:4565 https://access.redhat.com/errata/RHSA-2024:4565
RHSA-2024:4566 https://access.redhat.com/errata/RHSA-2024:4566
RHSA-2024:4567 https://access.redhat.com/errata/RHSA-2024:4567
RHSA-2024:4568 https://access.redhat.com/errata/RHSA-2024:4568
RHSA-2024:4569 https://access.redhat.com/errata/RHSA-2024:4569
RHSA-2024:4570 https://access.redhat.com/errata/RHSA-2024:4570
RHSA-2024:4571 https://access.redhat.com/errata/RHSA-2024:4571
RHSA-2024:4572 https://access.redhat.com/errata/RHSA-2024:4572
RHSA-2024:4573 https://access.redhat.com/errata/RHSA-2024:4573
USN-6929-1 https://usn.ubuntu.com/6929-1/
USN-6930-1 https://usn.ubuntu.com/6930-1/
USN-6931-1 https://usn.ubuntu.com/6931-1/
USN-6932-1 https://usn.ubuntu.com/6932-1/
USN-7096-1 https://usn.ubuntu.com/7096-1/
USN-7097-1 https://usn.ubuntu.com/7097-1/
USN-7098-1 https://usn.ubuntu.com/7098-1/
No exploits are available.
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L Found at https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21138.json
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L Found at https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L Found at https://nvd.nist.gov/vuln/detail/CVE-2024-21138
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L Found at https://nvd.nist.gov/vuln/detail/CVE-2024-21138
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Exploit Prediction Scoring System (EPSS)
Percentile 0.11374
EPSS Score 0.00043
Published At Dec. 17, 2024, midnight
Date Actor Action Source VulnerableCode Version
2024-07-17T05:52:31.260766+00:00 RedHat Importer Import https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21138.json 34.0.0rc4