Action not permitted
Modal body text goes here.
Modal Title
Modal Body
usn-6660-1
Vulnerability from osv_ubuntu
Yi Yang discovered that the Hotspot component of OpenJDK 11 incorrectly handled array accesses in the C1 compiler. An attacker could possibly use this issue to cause a denial of service, execute arbitrary code or bypass Java sandbox restrictions. (CVE-2024-20918)
It was discovered that the Hotspot component of OpenJDK 11 did not properly verify bytecode in certain situations. An attacker could possibly use this issue to bypass Java sandbox restrictions. (CVE-2024-20919)
It was discovered that the Hotspot component of OpenJDK 11 had an optimization flaw when generating range check loop predicates. An attacker could possibly use this issue to cause a denial of service, execute arbitrary code or bypass Java sandbox restrictions. (CVE-2024-20921)
Valentin Eudeline discovered that OpenJDK 11 incorrectly handled certain options in the Nashorn JavaScript subcomponent. An attacker could possibly use this issue to execute arbitrary code. (CVE-2024-20926)
It was discovered that OpenJDK 11 could produce debug logs that contained private keys used for digital signatures. An attacker could possibly use this issue to obtain sensitive information. (CVE-2024-20945)
Hubert Kario discovered that the TLS implementation in OpenJDK 11 had a timing side-channel and incorrectly handled RSA padding. A remote attacker could possibly use this issue to recover sensitive information. (CVE-2024-20952)
{
"affected": [
{
"database_specific": {
"cves_map": {
"cves": [
{
"id": "CVE-2024-20918",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"type": "CVSS_V3"
},
{
"score": "medium",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2024-20919",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
"type": "CVSS_V3"
},
{
"score": "medium",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2024-20921",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
},
{
"score": "medium",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2024-20926",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
},
{
"score": "medium",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2024-20945",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
},
{
"score": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
},
{
"score": "medium",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2024-20952",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"type": "CVSS_V3"
},
{
"score": "medium",
"type": "Ubuntu"
}
]
}
],
"ecosystem": "Ubuntu:Pro:18.04:LTS"
}
},
"ecosystem_specific": {
"availability": "Available with Ubuntu Pro (Infra-only): https://ubuntu.com/pro",
"binaries": [
{
"binary_name": "openjdk-11-demo",
"binary_version": "11.0.22+7-0ubuntu2~18.04.1"
},
{
"binary_name": "openjdk-11-jdk",
"binary_version": "11.0.22+7-0ubuntu2~18.04.1"
},
{
"binary_name": "openjdk-11-jdk-headless",
"binary_version": "11.0.22+7-0ubuntu2~18.04.1"
},
{
"binary_name": "openjdk-11-jre",
"binary_version": "11.0.22+7-0ubuntu2~18.04.1"
},
{
"binary_name": "openjdk-11-jre-headless",
"binary_version": "11.0.22+7-0ubuntu2~18.04.1"
},
{
"binary_name": "openjdk-11-jre-zero",
"binary_version": "11.0.22+7-0ubuntu2~18.04.1"
},
{
"binary_name": "openjdk-11-source",
"binary_version": "11.0.22+7-0ubuntu2~18.04.1"
}
]
},
"package": {
"ecosystem": "Ubuntu:Pro:18.04:LTS",
"name": "openjdk-lts",
"purl": "pkg:deb/ubuntu/openjdk-lts@11.0.22+7-0ubuntu2~18.04.1?arch=source\u0026distro=esm-infra/bionic"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "11.0.22+7-0ubuntu2~18.04.1"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"9.0.4+12-2ubuntu4",
"9.0.4+12-4ubuntu1",
"10~46-4ubuntu1",
"10~46-5ubuntu1",
"10.0.1+10-1ubuntu2",
"10.0.1+10-3ubuntu1",
"10.0.2+13-1ubuntu0.18.04.1",
"10.0.2+13-1ubuntu0.18.04.2",
"10.0.2+13-1ubuntu0.18.04.3",
"10.0.2+13-1ubuntu0.18.04.4",
"11.0.2+9-3ubuntu1~18.04.3",
"11.0.3+7-1ubuntu2~18.04.1",
"11.0.4+11-1ubuntu2~18.04.3",
"11.0.5+10-0ubuntu1.1~18.04",
"11.0.6+10-1ubuntu1~18.04.1",
"11.0.7+10-2ubuntu2~18.04",
"11.0.8+10-0ubuntu1~18.04.1",
"11.0.9+11-0ubuntu1~18.04.1",
"11.0.9.1+1-0ubuntu1~18.04",
"11.0.10+9-0ubuntu1~18.04",
"11.0.11+9-0ubuntu2~18.04",
"11.0.13+8-0ubuntu1~18.04",
"11.0.14+9-0ubuntu2~18.04",
"11.0.14.1+1-0ubuntu1~18.04",
"11.0.15+10-0ubuntu0.18.04.1",
"11.0.16+8-0ubuntu1~18.04",
"11.0.17+8-1ubuntu2~18.04",
"11.0.18+10-0ubuntu1~18.04.1",
"11.0.19+7~us1-0ubuntu1~18.04.1",
"11.0.20+8-1ubuntu1~18.04",
"11.0.20.1+1-0ubuntu1~18.04",
"11.0.21+9-0ubuntu1~18.04"
]
},
{
"database_specific": {
"cves_map": {
"cves": [
{
"id": "CVE-2024-20918",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"type": "CVSS_V3"
},
{
"score": "medium",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2024-20919",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
"type": "CVSS_V3"
},
{
"score": "medium",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2024-20921",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
},
{
"score": "medium",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2024-20926",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
},
{
"score": "medium",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2024-20945",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
},
{
"score": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
},
{
"score": "medium",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2024-20952",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"type": "CVSS_V3"
},
{
"score": "medium",
"type": "Ubuntu"
}
]
}
],
"ecosystem": "Ubuntu:20.04:LTS"
}
},
"ecosystem_specific": {
"availability": "No subscription required",
"binaries": [
{
"binary_name": "openjdk-11-demo",
"binary_version": "11.0.22+7-0ubuntu2~20.04.1"
},
{
"binary_name": "openjdk-11-jdk",
"binary_version": "11.0.22+7-0ubuntu2~20.04.1"
},
{
"binary_name": "openjdk-11-jdk-headless",
"binary_version": "11.0.22+7-0ubuntu2~20.04.1"
},
{
"binary_name": "openjdk-11-jre",
"binary_version": "11.0.22+7-0ubuntu2~20.04.1"
},
{
"binary_name": "openjdk-11-jre-headless",
"binary_version": "11.0.22+7-0ubuntu2~20.04.1"
},
{
"binary_name": "openjdk-11-jre-zero",
"binary_version": "11.0.22+7-0ubuntu2~20.04.1"
},
{
"binary_name": "openjdk-11-source",
"binary_version": "11.0.22+7-0ubuntu2~20.04.1"
}
]
},
"package": {
"ecosystem": "Ubuntu:20.04:LTS",
"name": "openjdk-lts",
"purl": "pkg:deb/ubuntu/openjdk-lts@11.0.22+7-0ubuntu2~20.04.1?arch=source\u0026distro=focal"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "11.0.22+7-0ubuntu2~20.04.1"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"11.0.5+10-0ubuntu1",
"11.0.5+10-2ubuntu1",
"11.0.6+10-1ubuntu1",
"11.0.6+10-2ubuntu2",
"11.0.7+9-1ubuntu1",
"11.0.7+10-2ubuntu1",
"11.0.7+10-3ubuntu1",
"11.0.8+10-0ubuntu1~20.04",
"11.0.9+11-0ubuntu1~20.04",
"11.0.9.1+1-0ubuntu1~20.04",
"11.0.10+9-0ubuntu1~20.04",
"11.0.11+9-0ubuntu2~20.04",
"11.0.13+8-0ubuntu1~20.04",
"11.0.14+9-0ubuntu2~20.04",
"11.0.14.1+1-0ubuntu1~20.04",
"11.0.15+10-0ubuntu0.20.04.1",
"11.0.16+8-0ubuntu1~20.04",
"11.0.17+8-1ubuntu2~20.04",
"11.0.18+10-0ubuntu1~20.04.1",
"11.0.19+7~us1-0ubuntu1~20.04.1",
"11.0.20+8-1ubuntu1~20.04",
"11.0.20.1+1-0ubuntu1~20.04",
"11.0.21+9-0ubuntu1~20.04"
]
},
{
"database_specific": {
"cves_map": {
"cves": [
{
"id": "CVE-2024-20918",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"type": "CVSS_V3"
},
{
"score": "medium",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2024-20919",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
"type": "CVSS_V3"
},
{
"score": "medium",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2024-20921",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
},
{
"score": "medium",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2024-20926",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
},
{
"score": "medium",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2024-20945",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
},
{
"score": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
},
{
"score": "medium",
"type": "Ubuntu"
}
]
},
{
"id": "CVE-2024-20952",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"type": "CVSS_V3"
},
{
"score": "medium",
"type": "Ubuntu"
}
]
}
],
"ecosystem": "Ubuntu:22.04:LTS"
}
},
"ecosystem_specific": {
"availability": "No subscription required",
"binaries": [
{
"binary_name": "openjdk-11-demo",
"binary_version": "11.0.22+7-0ubuntu2~22.04.1"
},
{
"binary_name": "openjdk-11-jdk",
"binary_version": "11.0.22+7-0ubuntu2~22.04.1"
},
{
"binary_name": "openjdk-11-jdk-headless",
"binary_version": "11.0.22+7-0ubuntu2~22.04.1"
},
{
"binary_name": "openjdk-11-jre",
"binary_version": "11.0.22+7-0ubuntu2~22.04.1"
},
{
"binary_name": "openjdk-11-jre-headless",
"binary_version": "11.0.22+7-0ubuntu2~22.04.1"
},
{
"binary_name": "openjdk-11-jre-zero",
"binary_version": "11.0.22+7-0ubuntu2~22.04.1"
},
{
"binary_name": "openjdk-11-source",
"binary_version": "11.0.22+7-0ubuntu2~22.04.1"
}
]
},
"package": {
"ecosystem": "Ubuntu:22.04:LTS",
"name": "openjdk-lts",
"purl": "pkg:deb/ubuntu/openjdk-lts@11.0.22+7-0ubuntu2~22.04.1?arch=source\u0026distro=jammy"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "11.0.22+7-0ubuntu2~22.04.1"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"11.0.12+7-0ubuntu3",
"11.0.13+8-0ubuntu1",
"11.0.14+9-0ubuntu2",
"11.0.14.1+1-0ubuntu1",
"11.0.15+10-0ubuntu0.22.04.1",
"11.0.16+8-0ubuntu1~22.04",
"11.0.17+8-1ubuntu2~22.04",
"11.0.18+10-0ubuntu1~22.04",
"11.0.19+7~us1-0ubuntu1~22.04.1",
"11.0.20+8-1ubuntu1~22.04",
"11.0.20.1+1-0ubuntu1~22.04",
"11.0.21+9-0ubuntu1~22.04"
]
}
],
"aliases": [],
"details": "Yi Yang discovered that the Hotspot component of OpenJDK 11 incorrectly\nhandled array accesses in the C1 compiler. An attacker could possibly\nuse this issue to cause a denial of service, execute arbitrary code or\nbypass Java sandbox restrictions. (CVE-2024-20918)\n\nIt was discovered that the Hotspot component of OpenJDK 11 did not\nproperly verify bytecode in certain situations. An attacker could\npossibly use this issue to bypass Java sandbox restrictions.\n(CVE-2024-20919)\n\nIt was discovered that the Hotspot component of OpenJDK 11 had an\noptimization flaw when generating range check loop predicates. An attacker\ncould possibly use this issue to cause a denial of service, execute\narbitrary code or bypass Java sandbox restrictions. (CVE-2024-20921)\n\nValentin Eudeline discovered that OpenJDK 11 incorrectly handled certain\noptions in the Nashorn JavaScript subcomponent. An attacker could\npossibly use this issue to execute arbitrary code. (CVE-2024-20926)\n\nIt was discovered that OpenJDK 11 could produce debug logs that contained\nprivate keys used for digital signatures. An attacker could possibly use\nthis issue to obtain sensitive information. (CVE-2024-20945)\n\nHubert Kario discovered that the TLS implementation in OpenJDK 11 had a\ntiming side-channel and incorrectly handled RSA padding. A remote attacker\ncould possibly use this issue to recover sensitive information.\n(CVE-2024-20952)\n",
"id": "USN-6660-1",
"modified": "2026-04-27T14:11:32Z",
"published": "2024-02-27T02:36:42Z",
"references": [
{
"type": "ADVISORY",
"url": "https://ubuntu.com/security/notices/USN-6660-1"
},
{
"type": "REPORT",
"url": "https://ubuntu.com/security/CVE-2024-20918"
},
{
"type": "REPORT",
"url": "https://ubuntu.com/security/CVE-2024-20919"
},
{
"type": "REPORT",
"url": "https://ubuntu.com/security/CVE-2024-20921"
},
{
"type": "REPORT",
"url": "https://ubuntu.com/security/CVE-2024-20926"
},
{
"type": "REPORT",
"url": "https://ubuntu.com/security/CVE-2024-20945"
},
{
"type": "REPORT",
"url": "https://ubuntu.com/security/CVE-2024-20952"
}
],
"related": [],
"schema_version": "1.7.0",
"summary": "openjdk-lts vulnerabilities",
"upstream": [
"UBUNTU-CVE-2024-20918",
"UBUNTU-CVE-2024-20919",
"UBUNTU-CVE-2024-20921",
"UBUNTU-CVE-2024-20926",
"UBUNTU-CVE-2024-20945",
"UBUNTU-CVE-2024-20952"
]
}
ubuntu-cve-2024-20918
Vulnerability from osv_ubuntu
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u391, 8u391-perf, 11.0.21, 17.0.9, 21.0.1; Oracle GraalVM for JDK: 17.0.9, 21.0.1; Oracle GraalVM Enterprise Edition: 20.3.12, 21.3.8 and 22.3.4. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data as well as unauthorized access to critical data or complete access to all Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. CVSS 3.1 Base Score 7.4 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N).
| URL | Type | |||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
{
"affected": [
{
"ecosystem_specific": {
"availability": "Available with Ubuntu Pro (Infra-only): https://ubuntu.com/pro",
"binaries": [
{
"binary_name": "openjdk-8-demo",
"binary_version": "8u432-ga~us1-0ubuntu2~16.04.4"
},
{
"binary_name": "openjdk-8-jdk",
"binary_version": "8u432-ga~us1-0ubuntu2~16.04.4"
},
{
"binary_name": "openjdk-8-jdk-headless",
"binary_version": "8u432-ga~us1-0ubuntu2~16.04.4"
},
{
"binary_name": "openjdk-8-jre",
"binary_version": "8u432-ga~us1-0ubuntu2~16.04.4"
},
{
"binary_name": "openjdk-8-jre-headless",
"binary_version": "8u432-ga~us1-0ubuntu2~16.04.4"
},
{
"binary_name": "openjdk-8-jre-jamvm",
"binary_version": "8u432-ga~us1-0ubuntu2~16.04.4"
},
{
"binary_name": "openjdk-8-jre-zero",
"binary_version": "8u432-ga~us1-0ubuntu2~16.04.4"
},
{
"binary_name": "openjdk-8-source",
"binary_version": "8u432-ga~us1-0ubuntu2~16.04.4"
}
]
},
"package": {
"ecosystem": "Ubuntu:Pro:16.04:LTS",
"name": "openjdk-8",
"purl": "pkg:deb/ubuntu/openjdk-8@8u432-ga~us1-0ubuntu2~16.04.4?arch=source\u0026distro=esm-infra/xenial"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "8u432-ga~us1-0ubuntu2~16.04.4"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"8u66-b01-5",
"8u72-b05-1ubuntu1",
"8u72-b05-5",
"8u72-b05-6",
"8u72-b15-1",
"8u72-b15-2ubuntu1",
"8u72-b15-2ubuntu3",
"8u72-b15-3ubuntu1",
"8u77-b03-1ubuntu2",
"8u77-b03-3ubuntu1",
"8u77-b03-3ubuntu2",
"8u77-b03-3ubuntu3",
"8u91-b14-0ubuntu4~16.04.1",
"8u91-b14-3ubuntu1~16.04.1",
"8u111-b14-2ubuntu0.16.04.2",
"8u121-b13-0ubuntu1.16.04.2",
"8u131-b11-0ubuntu1.16.04.2",
"8u131-b11-2ubuntu1.16.04.2",
"8u131-b11-2ubuntu1.16.04.3",
"8u151-b12-0ubuntu0.16.04.2",
"8u162-b12-0ubuntu0.16.04.2",
"8u171-b11-0ubuntu0.16.04.1",
"8u181-b13-0ubuntu0.16.04.1",
"8u181-b13-1ubuntu0.16.04.1",
"8u191-b12-0ubuntu0.16.04.1",
"8u191-b12-2ubuntu0.16.04.1",
"8u212-b03-0ubuntu1.16.04.1",
"8u222-b10-1ubuntu1~16.04.1",
"8u232-b09-0ubuntu1~16.04.1",
"8u242-b08-0ubuntu3~16.04",
"8u252-b09-1~16.04",
"8u265-b01-0ubuntu2~16.04",
"8u272-b10-0ubuntu1~16.04",
"8u275-b01-0ubuntu1~16.04",
"8u282-b08-0ubuntu1~16.04",
"8u292-b10-0ubuntu1~16.04.1",
"8u312-b07-0ubuntu1~16.04",
"8u342-b07-0ubuntu1~16.04",
"8u352-ga-1~16.04",
"8u362-ga-0ubuntu1~16.04.1",
"8u372-ga~us1-0ubuntu1~16.04",
"8u382-ga-1~16.04.1",
"8u392-ga-1~16.04"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "openjdk-9-demo",
"binary_version": "9~b114-0ubuntu1"
},
{
"binary_name": "openjdk-9-jdk",
"binary_version": "9~b114-0ubuntu1"
},
{
"binary_name": "openjdk-9-jdk-headless",
"binary_version": "9~b114-0ubuntu1"
},
{
"binary_name": "openjdk-9-jre",
"binary_version": "9~b114-0ubuntu1"
},
{
"binary_name": "openjdk-9-jre-headless",
"binary_version": "9~b114-0ubuntu1"
},
{
"binary_name": "openjdk-9-source",
"binary_version": "9~b114-0ubuntu1"
}
]
},
"package": {
"ecosystem": "Ubuntu:16.04:LTS",
"name": "openjdk-9",
"purl": "pkg:deb/ubuntu/openjdk-9@9~b114-0ubuntu1?arch=source\u0026distro=xenial"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"9~b88-1",
"9~b101-2ubuntu2",
"9~b102-1",
"9~b113-0ubuntu1",
"9~b114-0ubuntu1"
]
},
{
"ecosystem_specific": {
"availability": "Available with Ubuntu Pro (Infra-only): https://ubuntu.com/pro",
"binaries": [
{
"binary_name": "openjdk-11-demo",
"binary_version": "11.0.22+7-0ubuntu2~18.04.1"
},
{
"binary_name": "openjdk-11-jdk",
"binary_version": "11.0.22+7-0ubuntu2~18.04.1"
},
{
"binary_name": "openjdk-11-jdk-headless",
"binary_version": "11.0.22+7-0ubuntu2~18.04.1"
},
{
"binary_name": "openjdk-11-jre",
"binary_version": "11.0.22+7-0ubuntu2~18.04.1"
},
{
"binary_name": "openjdk-11-jre-headless",
"binary_version": "11.0.22+7-0ubuntu2~18.04.1"
},
{
"binary_name": "openjdk-11-jre-zero",
"binary_version": "11.0.22+7-0ubuntu2~18.04.1"
},
{
"binary_name": "openjdk-11-source",
"binary_version": "11.0.22+7-0ubuntu2~18.04.1"
}
]
},
"package": {
"ecosystem": "Ubuntu:Pro:18.04:LTS",
"name": "openjdk-lts",
"purl": "pkg:deb/ubuntu/openjdk-lts@11.0.22+7-0ubuntu2~18.04.1?arch=source\u0026distro=esm-infra/bionic"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "11.0.22+7-0ubuntu2~18.04.1"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"9.0.4+12-2ubuntu4",
"9.0.4+12-4ubuntu1",
"10~46-4ubuntu1",
"10~46-5ubuntu1",
"10.0.1+10-1ubuntu2",
"10.0.1+10-3ubuntu1",
"10.0.2+13-1ubuntu0.18.04.1",
"10.0.2+13-1ubuntu0.18.04.2",
"10.0.2+13-1ubuntu0.18.04.3",
"10.0.2+13-1ubuntu0.18.04.4",
"11.0.2+9-3ubuntu1~18.04.3",
"11.0.3+7-1ubuntu2~18.04.1",
"11.0.4+11-1ubuntu2~18.04.3",
"11.0.5+10-0ubuntu1.1~18.04",
"11.0.6+10-1ubuntu1~18.04.1",
"11.0.7+10-2ubuntu2~18.04",
"11.0.8+10-0ubuntu1~18.04.1",
"11.0.9+11-0ubuntu1~18.04.1",
"11.0.9.1+1-0ubuntu1~18.04",
"11.0.10+9-0ubuntu1~18.04",
"11.0.11+9-0ubuntu2~18.04",
"11.0.13+8-0ubuntu1~18.04",
"11.0.14+9-0ubuntu2~18.04",
"11.0.14.1+1-0ubuntu1~18.04",
"11.0.15+10-0ubuntu0.18.04.1",
"11.0.16+8-0ubuntu1~18.04",
"11.0.17+8-1ubuntu2~18.04",
"11.0.18+10-0ubuntu1~18.04.1",
"11.0.19+7~us1-0ubuntu1~18.04.1",
"11.0.20+8-1ubuntu1~18.04",
"11.0.20.1+1-0ubuntu1~18.04",
"11.0.21+9-0ubuntu1~18.04"
]
},
{
"ecosystem_specific": {
"availability": "Available with Ubuntu Pro: https://ubuntu.com/pro",
"binaries": [
{
"binary_name": "openjdk-17-demo",
"binary_version": "17.0.10+7-1~18.04.1"
},
{
"binary_name": "openjdk-17-jdk",
"binary_version": "17.0.10+7-1~18.04.1"
},
{
"binary_name": "openjdk-17-jdk-headless",
"binary_version": "17.0.10+7-1~18.04.1"
},
{
"binary_name": "openjdk-17-jre",
"binary_version": "17.0.10+7-1~18.04.1"
},
{
"binary_name": "openjdk-17-jre-headless",
"binary_version": "17.0.10+7-1~18.04.1"
},
{
"binary_name": "openjdk-17-jre-zero",
"binary_version": "17.0.10+7-1~18.04.1"
},
{
"binary_name": "openjdk-17-source",
"binary_version": "17.0.10+7-1~18.04.1"
}
]
},
"package": {
"ecosystem": "Ubuntu:Pro:18.04:LTS",
"name": "openjdk-17",
"purl": "pkg:deb/ubuntu/openjdk-17@17.0.10+7-1~18.04.1?arch=source\u0026distro=esm-apps/bionic"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "17.0.10+7-1~18.04.1"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"17+35-1~18.04",
"17.0.1+12-1~18.04",
"17.0.2+8-1~18.04",
"17.0.3+7-0ubuntu0.18.04.1",
"17.0.4+8-1~18.04",
"17.0.5+8-2ubuntu1~18.04",
"17.0.6+10-0ubuntu1~18.04.1",
"17.0.7+7~us1-0ubuntu1~18.04",
"17.0.8+7-1~18.04",
"17.0.8.1+1~us1-0ubuntu1~18.04",
"17.0.9+9-1~18.04"
]
},
{
"ecosystem_specific": {
"availability": "Available with Ubuntu Pro: https://ubuntu.com/pro",
"binaries": [
{
"binary_name": "openjdk-8-demo",
"binary_version": "8u402-ga-2ubuntu1~18.04"
},
{
"binary_name": "openjdk-8-jdk",
"binary_version": "8u402-ga-2ubuntu1~18.04"
},
{
"binary_name": "openjdk-8-jdk-headless",
"binary_version": "8u402-ga-2ubuntu1~18.04"
},
{
"binary_name": "openjdk-8-jre",
"binary_version": "8u402-ga-2ubuntu1~18.04"
},
{
"binary_name": "openjdk-8-jre-headless",
"binary_version": "8u402-ga-2ubuntu1~18.04"
},
{
"binary_name": "openjdk-8-jre-zero",
"binary_version": "8u402-ga-2ubuntu1~18.04"
},
{
"binary_name": "openjdk-8-source",
"binary_version": "8u402-ga-2ubuntu1~18.04"
}
]
},
"package": {
"ecosystem": "Ubuntu:Pro:18.04:LTS",
"name": "openjdk-8",
"purl": "pkg:deb/ubuntu/openjdk-8@8u402-ga-2ubuntu1~18.04?arch=source\u0026distro=esm-apps/bionic"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "8u402-ga-2ubuntu1~18.04"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"8u144-b01-2",
"8u151-b12-1",
"8u162-b12-1",
"8u171-b11-0ubuntu0.18.04.1",
"8u181-b13-0ubuntu0.18.04.1",
"8u181-b13-1ubuntu0.18.04.1",
"8u191-b12-0ubuntu0.18.04.1",
"8u191-b12-2ubuntu0.18.04.1",
"8u212-b03-0ubuntu1.18.04.1",
"8u222-b10-1ubuntu1~18.04.1",
"8u232-b09-0ubuntu1~18.04.1",
"8u242-b08-0ubuntu3~18.04",
"8u252-b09-1~18.04",
"8u265-b01-0ubuntu2~18.04",
"8u272-b10-0ubuntu1~18.04",
"8u275-b01-0ubuntu1~18.04",
"8u282-b08-0ubuntu1~18.04",
"8u292-b10-0ubuntu1~18.04",
"8u312-b07-0ubuntu1~18.04",
"8u342-b07-0ubuntu1~18.04",
"8u352-ga-1~18.04",
"8u362-ga-0ubuntu1~18.04.1",
"8u372-ga~us1-0ubuntu1~18.04",
"8u382-ga-1~18.04.1",
"8u392-ga-1~18.04"
]
},
{
"ecosystem_specific": {
"availability": "No subscription required",
"binaries": [
{
"binary_name": "openjdk-17-demo",
"binary_version": "17.0.10+7-1~20.04.1"
},
{
"binary_name": "openjdk-17-jdk",
"binary_version": "17.0.10+7-1~20.04.1"
},
{
"binary_name": "openjdk-17-jdk-headless",
"binary_version": "17.0.10+7-1~20.04.1"
},
{
"binary_name": "openjdk-17-jre",
"binary_version": "17.0.10+7-1~20.04.1"
},
{
"binary_name": "openjdk-17-jre-headless",
"binary_version": "17.0.10+7-1~20.04.1"
},
{
"binary_name": "openjdk-17-jre-zero",
"binary_version": "17.0.10+7-1~20.04.1"
},
{
"binary_name": "openjdk-17-source",
"binary_version": "17.0.10+7-1~20.04.1"
}
]
},
"package": {
"ecosystem": "Ubuntu:20.04:LTS",
"name": "openjdk-17",
"purl": "pkg:deb/ubuntu/openjdk-17@17.0.10+7-1~20.04.1?arch=source\u0026distro=focal"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "17.0.10+7-1~20.04.1"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"17+35-1~20.04",
"17.0.1+12-1~20.04",
"17.0.2+8-1~20.04",
"17.0.3+7-0ubuntu0.20.04.1",
"17.0.4+8-1~20.04",
"17.0.5+8-2ubuntu1~20.04",
"17.0.6+10-0ubuntu1~20.04.1",
"17.0.7+7~us1-0ubuntu1~20.04",
"17.0.8+7-1~20.04.2",
"17.0.8.1+1~us1-0ubuntu1~20.04",
"17.0.9+9-1~20.04"
]
},
{
"ecosystem_specific": {
"availability": "No subscription required",
"binaries": [
{
"binary_name": "openjdk-21-demo",
"binary_version": "21.0.2+13-1~20.04.1"
},
{
"binary_name": "openjdk-21-jdk",
"binary_version": "21.0.2+13-1~20.04.1"
},
{
"binary_name": "openjdk-21-jdk-headless",
"binary_version": "21.0.2+13-1~20.04.1"
},
{
"binary_name": "openjdk-21-jre",
"binary_version": "21.0.2+13-1~20.04.1"
},
{
"binary_name": "openjdk-21-jre-headless",
"binary_version": "21.0.2+13-1~20.04.1"
},
{
"binary_name": "openjdk-21-jre-zero",
"binary_version": "21.0.2+13-1~20.04.1"
},
{
"binary_name": "openjdk-21-source",
"binary_version": "21.0.2+13-1~20.04.1"
}
]
},
"package": {
"ecosystem": "Ubuntu:20.04:LTS",
"name": "openjdk-21",
"purl": "pkg:deb/ubuntu/openjdk-21@21.0.2+13-1~20.04.1?arch=source\u0026distro=focal"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "21.0.2+13-1~20.04.1"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"21.0.1+12-2~20.04.1"
]
},
{
"ecosystem_specific": {
"availability": "No subscription required",
"binaries": [
{
"binary_name": "openjdk-8-demo",
"binary_version": "8u402-ga-2ubuntu1~20.04"
},
{
"binary_name": "openjdk-8-jdk",
"binary_version": "8u402-ga-2ubuntu1~20.04"
},
{
"binary_name": "openjdk-8-jdk-headless",
"binary_version": "8u402-ga-2ubuntu1~20.04"
},
{
"binary_name": "openjdk-8-jre",
"binary_version": "8u402-ga-2ubuntu1~20.04"
},
{
"binary_name": "openjdk-8-jre-headless",
"binary_version": "8u402-ga-2ubuntu1~20.04"
},
{
"binary_name": "openjdk-8-jre-zero",
"binary_version": "8u402-ga-2ubuntu1~20.04"
},
{
"binary_name": "openjdk-8-source",
"binary_version": "8u402-ga-2ubuntu1~20.04"
}
]
},
"package": {
"ecosystem": "Ubuntu:20.04:LTS",
"name": "openjdk-8",
"purl": "pkg:deb/ubuntu/openjdk-8@8u402-ga-2ubuntu1~20.04?arch=source\u0026distro=focal"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "8u402-ga-2ubuntu1~20.04"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"8u232-b09-0ubuntu1",
"8u232-b09-1",
"8u242-b04-1",
"8u242-b08-0ubuntu3",
"8u252-b07-1",
"8u252-b09-1ubuntu1",
"8u265-b01-0ubuntu2~20.04",
"8u272-b10-0ubuntu1~20.04",
"8u275-b01-0ubuntu1~20.04",
"8u282-b08-0ubuntu1~20.04",
"8u292-b10-0ubuntu1~20.04",
"8u312-b07-0ubuntu1~20.04",
"8u342-b07-0ubuntu1~20.04",
"8u352-ga-1~20.04",
"8u362-ga-0ubuntu1~20.04.1",
"8u372-ga~us1-0ubuntu1~20.04",
"8u382-ga-1~20.04.1",
"8u392-ga-1~20.04"
]
},
{
"ecosystem_specific": {
"availability": "No subscription required",
"binaries": [
{
"binary_name": "openjdk-11-demo",
"binary_version": "11.0.22+7-0ubuntu2~20.04.1"
},
{
"binary_name": "openjdk-11-jdk",
"binary_version": "11.0.22+7-0ubuntu2~20.04.1"
},
{
"binary_name": "openjdk-11-jdk-headless",
"binary_version": "11.0.22+7-0ubuntu2~20.04.1"
},
{
"binary_name": "openjdk-11-jre",
"binary_version": "11.0.22+7-0ubuntu2~20.04.1"
},
{
"binary_name": "openjdk-11-jre-headless",
"binary_version": "11.0.22+7-0ubuntu2~20.04.1"
},
{
"binary_name": "openjdk-11-jre-zero",
"binary_version": "11.0.22+7-0ubuntu2~20.04.1"
},
{
"binary_name": "openjdk-11-source",
"binary_version": "11.0.22+7-0ubuntu2~20.04.1"
}
]
},
"package": {
"ecosystem": "Ubuntu:20.04:LTS",
"name": "openjdk-lts",
"purl": "pkg:deb/ubuntu/openjdk-lts@11.0.22+7-0ubuntu2~20.04.1?arch=source\u0026distro=focal"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "11.0.22+7-0ubuntu2~20.04.1"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"11.0.5+10-0ubuntu1",
"11.0.5+10-2ubuntu1",
"11.0.6+10-1ubuntu1",
"11.0.6+10-2ubuntu2",
"11.0.7+9-1ubuntu1",
"11.0.7+10-2ubuntu1",
"11.0.7+10-3ubuntu1",
"11.0.8+10-0ubuntu1~20.04",
"11.0.9+11-0ubuntu1~20.04",
"11.0.9.1+1-0ubuntu1~20.04",
"11.0.10+9-0ubuntu1~20.04",
"11.0.11+9-0ubuntu2~20.04",
"11.0.13+8-0ubuntu1~20.04",
"11.0.14+9-0ubuntu2~20.04",
"11.0.14.1+1-0ubuntu1~20.04",
"11.0.15+10-0ubuntu0.20.04.1",
"11.0.16+8-0ubuntu1~20.04",
"11.0.17+8-1ubuntu2~20.04",
"11.0.18+10-0ubuntu1~20.04.1",
"11.0.19+7~us1-0ubuntu1~20.04.1",
"11.0.20+8-1ubuntu1~20.04",
"11.0.20.1+1-0ubuntu1~20.04",
"11.0.21+9-0ubuntu1~20.04"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "openjdk-13-demo",
"binary_version": "13.0.7+5-0ubuntu1~20.04"
},
{
"binary_name": "openjdk-13-jdk",
"binary_version": "13.0.7+5-0ubuntu1~20.04"
},
{
"binary_name": "openjdk-13-jdk-headless",
"binary_version": "13.0.7+5-0ubuntu1~20.04"
},
{
"binary_name": "openjdk-13-jre",
"binary_version": "13.0.7+5-0ubuntu1~20.04"
},
{
"binary_name": "openjdk-13-jre-headless",
"binary_version": "13.0.7+5-0ubuntu1~20.04"
},
{
"binary_name": "openjdk-13-jre-zero",
"binary_version": "13.0.7+5-0ubuntu1~20.04"
},
{
"binary_name": "openjdk-13-source",
"binary_version": "13.0.7+5-0ubuntu1~20.04"
}
]
},
"package": {
"ecosystem": "Ubuntu:20.04:LTS",
"name": "openjdk-13",
"purl": "pkg:deb/ubuntu/openjdk-13@13.0.7+5-0ubuntu1~20.04?arch=source\u0026distro=focal"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"13+33-1",
"13.0.1+9-2",
"13.0.2+8-1",
"13.0.2+8-2",
"13.0.3+3-1ubuntu2",
"13.0.4+8-1~20.04",
"13.0.7+5-0ubuntu1~20.04"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "openjdk-16-demo",
"binary_version": "16.0.1+9-1~20.04"
},
{
"binary_name": "openjdk-16-jdk",
"binary_version": "16.0.1+9-1~20.04"
},
{
"binary_name": "openjdk-16-jdk-headless",
"binary_version": "16.0.1+9-1~20.04"
},
{
"binary_name": "openjdk-16-jre",
"binary_version": "16.0.1+9-1~20.04"
},
{
"binary_name": "openjdk-16-jre-headless",
"binary_version": "16.0.1+9-1~20.04"
},
{
"binary_name": "openjdk-16-jre-zero",
"binary_version": "16.0.1+9-1~20.04"
},
{
"binary_name": "openjdk-16-source",
"binary_version": "16.0.1+9-1~20.04"
}
]
},
"package": {
"ecosystem": "Ubuntu:20.04:LTS",
"name": "openjdk-16",
"purl": "pkg:deb/ubuntu/openjdk-16@16.0.1+9-1~20.04?arch=source\u0026distro=focal"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"16.0.1+9-1~20.04"
]
},
{
"ecosystem_specific": {
"availability": "No subscription required",
"binaries": [
{
"binary_name": "openjdk-17-demo",
"binary_version": "17.0.10+7-1~22.04.1"
},
{
"binary_name": "openjdk-17-jdk",
"binary_version": "17.0.10+7-1~22.04.1"
},
{
"binary_name": "openjdk-17-jdk-headless",
"binary_version": "17.0.10+7-1~22.04.1"
},
{
"binary_name": "openjdk-17-jre",
"binary_version": "17.0.10+7-1~22.04.1"
},
{
"binary_name": "openjdk-17-jre-headless",
"binary_version": "17.0.10+7-1~22.04.1"
},
{
"binary_name": "openjdk-17-jre-zero",
"binary_version": "17.0.10+7-1~22.04.1"
},
{
"binary_name": "openjdk-17-source",
"binary_version": "17.0.10+7-1~22.04.1"
}
]
},
"package": {
"ecosystem": "Ubuntu:22.04:LTS",
"name": "openjdk-17",
"purl": "pkg:deb/ubuntu/openjdk-17@17.0.10+7-1~22.04.1?arch=source\u0026distro=jammy"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "17.0.10+7-1~22.04.1"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"17+35-1",
"17.0.1+12-1",
"17.0.2+8-1",
"17.0.3+7-0ubuntu0.22.04.1",
"17.0.4+8-1~22.04",
"17.0.5+8-2ubuntu1~22.04",
"17.0.6+10-0ubuntu1~22.04",
"17.0.7+7~us1-0ubuntu1~22.04.2",
"17.0.8+7-1~22.04",
"17.0.8.1+1~us1-0ubuntu1~22.04",
"17.0.9+9-1~22.04"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "openjdk-18-demo",
"binary_version": "18.0.2+9-2~22.04"
},
{
"binary_name": "openjdk-18-jdk",
"binary_version": "18.0.2+9-2~22.04"
},
{
"binary_name": "openjdk-18-jdk-headless",
"binary_version": "18.0.2+9-2~22.04"
},
{
"binary_name": "openjdk-18-jre",
"binary_version": "18.0.2+9-2~22.04"
},
{
"binary_name": "openjdk-18-jre-headless",
"binary_version": "18.0.2+9-2~22.04"
},
{
"binary_name": "openjdk-18-jre-zero",
"binary_version": "18.0.2+9-2~22.04"
},
{
"binary_name": "openjdk-18-source",
"binary_version": "18.0.2+9-2~22.04"
}
]
},
"package": {
"ecosystem": "Ubuntu:22.04:LTS",
"name": "openjdk-18",
"purl": "pkg:deb/ubuntu/openjdk-18@18.0.2+9-2~22.04?arch=source\u0026distro=jammy"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"18~15ea-4",
"18~20ea-1",
"18~32ea-1",
"18~36ea-1",
"18.0.2+9-2~22.04"
]
},
{
"ecosystem_specific": {
"availability": "No subscription required",
"binaries": [
{
"binary_name": "openjdk-21-demo",
"binary_version": "21.0.2+13-1~22.04.1"
},
{
"binary_name": "openjdk-21-jdk",
"binary_version": "21.0.2+13-1~22.04.1"
},
{
"binary_name": "openjdk-21-jdk-headless",
"binary_version": "21.0.2+13-1~22.04.1"
},
{
"binary_name": "openjdk-21-jre",
"binary_version": "21.0.2+13-1~22.04.1"
},
{
"binary_name": "openjdk-21-jre-headless",
"binary_version": "21.0.2+13-1~22.04.1"
},
{
"binary_name": "openjdk-21-jre-zero",
"binary_version": "21.0.2+13-1~22.04.1"
},
{
"binary_name": "openjdk-21-source",
"binary_version": "21.0.2+13-1~22.04.1"
}
]
},
"package": {
"ecosystem": "Ubuntu:22.04:LTS",
"name": "openjdk-21",
"purl": "pkg:deb/ubuntu/openjdk-21@21.0.2+13-1~22.04.1?arch=source\u0026distro=jammy"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "21.0.2+13-1~22.04.1"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"21.0.1+12-2~22.04"
]
},
{
"ecosystem_specific": {
"availability": "No subscription required",
"binaries": [
{
"binary_name": "openjdk-8-demo",
"binary_version": "8u402-ga-2ubuntu1~22.04"
},
{
"binary_name": "openjdk-8-jdk",
"binary_version": "8u402-ga-2ubuntu1~22.04"
},
{
"binary_name": "openjdk-8-jdk-headless",
"binary_version": "8u402-ga-2ubuntu1~22.04"
},
{
"binary_name": "openjdk-8-jre",
"binary_version": "8u402-ga-2ubuntu1~22.04"
},
{
"binary_name": "openjdk-8-jre-headless",
"binary_version": "8u402-ga-2ubuntu1~22.04"
},
{
"binary_name": "openjdk-8-jre-zero",
"binary_version": "8u402-ga-2ubuntu1~22.04"
},
{
"binary_name": "openjdk-8-source",
"binary_version": "8u402-ga-2ubuntu1~22.04"
}
]
},
"package": {
"ecosystem": "Ubuntu:22.04:LTS",
"name": "openjdk-8",
"purl": "pkg:deb/ubuntu/openjdk-8@8u402-ga-2ubuntu1~22.04?arch=source\u0026distro=jammy"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "8u402-ga-2ubuntu1~22.04"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"8u302-b08-0ubuntu2",
"8u312-b07-0ubuntu1",
"8u342-b07-0ubuntu1~22.04",
"8u352-ga-1~22.04",
"8u362-ga-0ubuntu1~22.04",
"8u372-ga~us1-0ubuntu1~22.04",
"8u382-ga-1~22.04.1",
"8u392-ga-1~22.04"
]
},
{
"ecosystem_specific": {
"availability": "No subscription required",
"binaries": [
{
"binary_name": "openjdk-11-demo",
"binary_version": "11.0.22+7-0ubuntu2~22.04.1"
},
{
"binary_name": "openjdk-11-jdk",
"binary_version": "11.0.22+7-0ubuntu2~22.04.1"
},
{
"binary_name": "openjdk-11-jdk-headless",
"binary_version": "11.0.22+7-0ubuntu2~22.04.1"
},
{
"binary_name": "openjdk-11-jre",
"binary_version": "11.0.22+7-0ubuntu2~22.04.1"
},
{
"binary_name": "openjdk-11-jre-headless",
"binary_version": "11.0.22+7-0ubuntu2~22.04.1"
},
{
"binary_name": "openjdk-11-jre-zero",
"binary_version": "11.0.22+7-0ubuntu2~22.04.1"
},
{
"binary_name": "openjdk-11-source",
"binary_version": "11.0.22+7-0ubuntu2~22.04.1"
}
]
},
"package": {
"ecosystem": "Ubuntu:22.04:LTS",
"name": "openjdk-lts",
"purl": "pkg:deb/ubuntu/openjdk-lts@11.0.22+7-0ubuntu2~22.04.1?arch=source\u0026distro=jammy"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "11.0.22+7-0ubuntu2~22.04.1"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"11.0.12+7-0ubuntu3",
"11.0.13+8-0ubuntu1",
"11.0.14+9-0ubuntu2",
"11.0.14.1+1-0ubuntu1",
"11.0.15+10-0ubuntu0.22.04.1",
"11.0.16+8-0ubuntu1~22.04",
"11.0.17+8-1ubuntu2~22.04",
"11.0.18+10-0ubuntu1~22.04",
"11.0.19+7~us1-0ubuntu1~22.04.1",
"11.0.20+8-1ubuntu1~22.04",
"11.0.20.1+1-0ubuntu1~22.04",
"11.0.21+9-0ubuntu1~22.04"
]
}
],
"aliases": [],
"details": "Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u391, 8u391-perf, 11.0.21, 17.0.9, 21.0.1; Oracle GraalVM for JDK: 17.0.9, 21.0.1; Oracle GraalVM Enterprise Edition: 20.3.12, 21.3.8 and 22.3.4. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data as well as unauthorized access to critical data or complete access to all Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. CVSS 3.1 Base Score 7.4 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N).",
"id": "UBUNTU-CVE-2024-20918",
"modified": "2025-12-02T05:09:59Z",
"published": "2024-01-16T22:15:00Z",
"references": [
{
"type": "REPORT",
"url": "https://ubuntu.com/security/CVE-2024-20918"
},
{
"type": "REPORT",
"url": "https://www.oracle.com/security-alerts/cpujan2024.html"
},
{
"type": "ADVISORY",
"url": "https://ubuntu.com/security/notices/USN-6660-1"
},
{
"type": "ADVISORY",
"url": "https://ubuntu.com/security/notices/USN-6661-1"
},
{
"type": "ADVISORY",
"url": "https://ubuntu.com/security/notices/USN-6662-1"
},
{
"type": "ADVISORY",
"url": "https://ubuntu.com/security/notices/USN-6696-1"
},
{
"type": "REPORT",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20918"
},
{
"type": "ADVISORY",
"url": "https://ubuntu.com/security/notices/USN-7096-1"
}
],
"related": [
"USN-6660-1",
"USN-6661-1",
"USN-6662-1",
"USN-6696-1",
"USN-7096-1"
],
"schema_version": "1.7.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"type": "CVSS_V3"
},
{
"score": "medium",
"type": "Ubuntu"
}
],
"upstream": [
"CVE-2024-20918"
]
}
ubuntu-cve-2024-20919
Vulnerability from osv_ubuntu
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u391, 8u391-perf, 11.0.21, 17.0.9, 21.0.1; Oracle GraalVM for JDK: 17.0.9, 21.0.1; Oracle GraalVM Enterprise Edition: 20.3.12, 21.3.8 and 22.3.4. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability can only be exploited by supplying data to APIs in the specified Component without using Untrusted Java Web Start applications or Untrusted Java applets, such as through a web service. CVSS 3.1 Base Score 5.9 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N).
| URL | Type | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"affected": [
{
"ecosystem_specific": {
"availability": "Available with Ubuntu Pro (Infra-only): https://ubuntu.com/pro",
"binaries": [
{
"binary_name": "openjdk-8-demo",
"binary_version": "8u432-ga~us1-0ubuntu2~16.04.4"
},
{
"binary_name": "openjdk-8-jdk",
"binary_version": "8u432-ga~us1-0ubuntu2~16.04.4"
},
{
"binary_name": "openjdk-8-jdk-headless",
"binary_version": "8u432-ga~us1-0ubuntu2~16.04.4"
},
{
"binary_name": "openjdk-8-jre",
"binary_version": "8u432-ga~us1-0ubuntu2~16.04.4"
},
{
"binary_name": "openjdk-8-jre-headless",
"binary_version": "8u432-ga~us1-0ubuntu2~16.04.4"
},
{
"binary_name": "openjdk-8-jre-jamvm",
"binary_version": "8u432-ga~us1-0ubuntu2~16.04.4"
},
{
"binary_name": "openjdk-8-jre-zero",
"binary_version": "8u432-ga~us1-0ubuntu2~16.04.4"
},
{
"binary_name": "openjdk-8-source",
"binary_version": "8u432-ga~us1-0ubuntu2~16.04.4"
}
]
},
"package": {
"ecosystem": "Ubuntu:Pro:16.04:LTS",
"name": "openjdk-8",
"purl": "pkg:deb/ubuntu/openjdk-8@8u432-ga~us1-0ubuntu2~16.04.4?arch=source\u0026distro=esm-infra/xenial"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "8u432-ga~us1-0ubuntu2~16.04.4"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"8u66-b01-5",
"8u72-b05-1ubuntu1",
"8u72-b05-5",
"8u72-b05-6",
"8u72-b15-1",
"8u72-b15-2ubuntu1",
"8u72-b15-2ubuntu3",
"8u72-b15-3ubuntu1",
"8u77-b03-1ubuntu2",
"8u77-b03-3ubuntu1",
"8u77-b03-3ubuntu2",
"8u77-b03-3ubuntu3",
"8u91-b14-0ubuntu4~16.04.1",
"8u91-b14-3ubuntu1~16.04.1",
"8u111-b14-2ubuntu0.16.04.2",
"8u121-b13-0ubuntu1.16.04.2",
"8u131-b11-0ubuntu1.16.04.2",
"8u131-b11-2ubuntu1.16.04.2",
"8u131-b11-2ubuntu1.16.04.3",
"8u151-b12-0ubuntu0.16.04.2",
"8u162-b12-0ubuntu0.16.04.2",
"8u171-b11-0ubuntu0.16.04.1",
"8u181-b13-0ubuntu0.16.04.1",
"8u181-b13-1ubuntu0.16.04.1",
"8u191-b12-0ubuntu0.16.04.1",
"8u191-b12-2ubuntu0.16.04.1",
"8u212-b03-0ubuntu1.16.04.1",
"8u222-b10-1ubuntu1~16.04.1",
"8u232-b09-0ubuntu1~16.04.1",
"8u242-b08-0ubuntu3~16.04",
"8u252-b09-1~16.04",
"8u265-b01-0ubuntu2~16.04",
"8u272-b10-0ubuntu1~16.04",
"8u275-b01-0ubuntu1~16.04",
"8u282-b08-0ubuntu1~16.04",
"8u292-b10-0ubuntu1~16.04.1",
"8u312-b07-0ubuntu1~16.04",
"8u342-b07-0ubuntu1~16.04",
"8u352-ga-1~16.04",
"8u362-ga-0ubuntu1~16.04.1",
"8u372-ga~us1-0ubuntu1~16.04",
"8u382-ga-1~16.04.1",
"8u392-ga-1~16.04"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "openjdk-9-demo",
"binary_version": "9~b114-0ubuntu1"
},
{
"binary_name": "openjdk-9-jdk",
"binary_version": "9~b114-0ubuntu1"
},
{
"binary_name": "openjdk-9-jdk-headless",
"binary_version": "9~b114-0ubuntu1"
},
{
"binary_name": "openjdk-9-jre",
"binary_version": "9~b114-0ubuntu1"
},
{
"binary_name": "openjdk-9-jre-headless",
"binary_version": "9~b114-0ubuntu1"
},
{
"binary_name": "openjdk-9-source",
"binary_version": "9~b114-0ubuntu1"
}
]
},
"package": {
"ecosystem": "Ubuntu:16.04:LTS",
"name": "openjdk-9",
"purl": "pkg:deb/ubuntu/openjdk-9@9~b114-0ubuntu1?arch=source\u0026distro=xenial"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"9~b88-1",
"9~b101-2ubuntu2",
"9~b102-1",
"9~b113-0ubuntu1",
"9~b114-0ubuntu1"
]
},
{
"ecosystem_specific": {
"availability": "Available with Ubuntu Pro (Infra-only): https://ubuntu.com/pro",
"binaries": [
{
"binary_name": "openjdk-11-demo",
"binary_version": "11.0.22+7-0ubuntu2~18.04.1"
},
{
"binary_name": "openjdk-11-jdk",
"binary_version": "11.0.22+7-0ubuntu2~18.04.1"
},
{
"binary_name": "openjdk-11-jdk-headless",
"binary_version": "11.0.22+7-0ubuntu2~18.04.1"
},
{
"binary_name": "openjdk-11-jre",
"binary_version": "11.0.22+7-0ubuntu2~18.04.1"
},
{
"binary_name": "openjdk-11-jre-headless",
"binary_version": "11.0.22+7-0ubuntu2~18.04.1"
},
{
"binary_name": "openjdk-11-jre-zero",
"binary_version": "11.0.22+7-0ubuntu2~18.04.1"
},
{
"binary_name": "openjdk-11-source",
"binary_version": "11.0.22+7-0ubuntu2~18.04.1"
}
]
},
"package": {
"ecosystem": "Ubuntu:Pro:18.04:LTS",
"name": "openjdk-lts",
"purl": "pkg:deb/ubuntu/openjdk-lts@11.0.22+7-0ubuntu2~18.04.1?arch=source\u0026distro=esm-infra/bionic"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "11.0.22+7-0ubuntu2~18.04.1"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"9.0.4+12-2ubuntu4",
"9.0.4+12-4ubuntu1",
"10~46-4ubuntu1",
"10~46-5ubuntu1",
"10.0.1+10-1ubuntu2",
"10.0.1+10-3ubuntu1",
"10.0.2+13-1ubuntu0.18.04.1",
"10.0.2+13-1ubuntu0.18.04.2",
"10.0.2+13-1ubuntu0.18.04.3",
"10.0.2+13-1ubuntu0.18.04.4",
"11.0.2+9-3ubuntu1~18.04.3",
"11.0.3+7-1ubuntu2~18.04.1",
"11.0.4+11-1ubuntu2~18.04.3",
"11.0.5+10-0ubuntu1.1~18.04",
"11.0.6+10-1ubuntu1~18.04.1",
"11.0.7+10-2ubuntu2~18.04",
"11.0.8+10-0ubuntu1~18.04.1",
"11.0.9+11-0ubuntu1~18.04.1",
"11.0.9.1+1-0ubuntu1~18.04",
"11.0.10+9-0ubuntu1~18.04",
"11.0.11+9-0ubuntu2~18.04",
"11.0.13+8-0ubuntu1~18.04",
"11.0.14+9-0ubuntu2~18.04",
"11.0.14.1+1-0ubuntu1~18.04",
"11.0.15+10-0ubuntu0.18.04.1",
"11.0.16+8-0ubuntu1~18.04",
"11.0.17+8-1ubuntu2~18.04",
"11.0.18+10-0ubuntu1~18.04.1",
"11.0.19+7~us1-0ubuntu1~18.04.1",
"11.0.20+8-1ubuntu1~18.04",
"11.0.20.1+1-0ubuntu1~18.04",
"11.0.21+9-0ubuntu1~18.04"
]
},
{
"ecosystem_specific": {
"availability": "Available with Ubuntu Pro: https://ubuntu.com/pro",
"binaries": [
{
"binary_name": "openjdk-17-demo",
"binary_version": "17.0.10+7-1~18.04.1"
},
{
"binary_name": "openjdk-17-jdk",
"binary_version": "17.0.10+7-1~18.04.1"
},
{
"binary_name": "openjdk-17-jdk-headless",
"binary_version": "17.0.10+7-1~18.04.1"
},
{
"binary_name": "openjdk-17-jre",
"binary_version": "17.0.10+7-1~18.04.1"
},
{
"binary_name": "openjdk-17-jre-headless",
"binary_version": "17.0.10+7-1~18.04.1"
},
{
"binary_name": "openjdk-17-jre-zero",
"binary_version": "17.0.10+7-1~18.04.1"
},
{
"binary_name": "openjdk-17-source",
"binary_version": "17.0.10+7-1~18.04.1"
}
]
},
"package": {
"ecosystem": "Ubuntu:Pro:18.04:LTS",
"name": "openjdk-17",
"purl": "pkg:deb/ubuntu/openjdk-17@17.0.10+7-1~18.04.1?arch=source\u0026distro=esm-apps/bionic"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "17.0.10+7-1~18.04.1"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"17+35-1~18.04",
"17.0.1+12-1~18.04",
"17.0.2+8-1~18.04",
"17.0.3+7-0ubuntu0.18.04.1",
"17.0.4+8-1~18.04",
"17.0.5+8-2ubuntu1~18.04",
"17.0.6+10-0ubuntu1~18.04.1",
"17.0.7+7~us1-0ubuntu1~18.04",
"17.0.8+7-1~18.04",
"17.0.8.1+1~us1-0ubuntu1~18.04",
"17.0.9+9-1~18.04"
]
},
{
"ecosystem_specific": {
"availability": "Available with Ubuntu Pro: https://ubuntu.com/pro",
"binaries": [
{
"binary_name": "openjdk-8-demo",
"binary_version": "8u402-ga-2ubuntu1~18.04"
},
{
"binary_name": "openjdk-8-jdk",
"binary_version": "8u402-ga-2ubuntu1~18.04"
},
{
"binary_name": "openjdk-8-jdk-headless",
"binary_version": "8u402-ga-2ubuntu1~18.04"
},
{
"binary_name": "openjdk-8-jre",
"binary_version": "8u402-ga-2ubuntu1~18.04"
},
{
"binary_name": "openjdk-8-jre-headless",
"binary_version": "8u402-ga-2ubuntu1~18.04"
},
{
"binary_name": "openjdk-8-jre-zero",
"binary_version": "8u402-ga-2ubuntu1~18.04"
},
{
"binary_name": "openjdk-8-source",
"binary_version": "8u402-ga-2ubuntu1~18.04"
}
]
},
"package": {
"ecosystem": "Ubuntu:Pro:18.04:LTS",
"name": "openjdk-8",
"purl": "pkg:deb/ubuntu/openjdk-8@8u402-ga-2ubuntu1~18.04?arch=source\u0026distro=esm-apps/bionic"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "8u402-ga-2ubuntu1~18.04"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"8u144-b01-2",
"8u151-b12-1",
"8u162-b12-1",
"8u171-b11-0ubuntu0.18.04.1",
"8u181-b13-0ubuntu0.18.04.1",
"8u181-b13-1ubuntu0.18.04.1",
"8u191-b12-0ubuntu0.18.04.1",
"8u191-b12-2ubuntu0.18.04.1",
"8u212-b03-0ubuntu1.18.04.1",
"8u222-b10-1ubuntu1~18.04.1",
"8u232-b09-0ubuntu1~18.04.1",
"8u242-b08-0ubuntu3~18.04",
"8u252-b09-1~18.04",
"8u265-b01-0ubuntu2~18.04",
"8u272-b10-0ubuntu1~18.04",
"8u275-b01-0ubuntu1~18.04",
"8u282-b08-0ubuntu1~18.04",
"8u292-b10-0ubuntu1~18.04",
"8u312-b07-0ubuntu1~18.04",
"8u342-b07-0ubuntu1~18.04",
"8u352-ga-1~18.04",
"8u362-ga-0ubuntu1~18.04.1",
"8u372-ga~us1-0ubuntu1~18.04",
"8u382-ga-1~18.04.1",
"8u392-ga-1~18.04"
]
},
{
"ecosystem_specific": {
"availability": "No subscription required",
"binaries": [
{
"binary_name": "openjdk-17-demo",
"binary_version": "17.0.10+7-1~20.04.1"
},
{
"binary_name": "openjdk-17-jdk",
"binary_version": "17.0.10+7-1~20.04.1"
},
{
"binary_name": "openjdk-17-jdk-headless",
"binary_version": "17.0.10+7-1~20.04.1"
},
{
"binary_name": "openjdk-17-jre",
"binary_version": "17.0.10+7-1~20.04.1"
},
{
"binary_name": "openjdk-17-jre-headless",
"binary_version": "17.0.10+7-1~20.04.1"
},
{
"binary_name": "openjdk-17-jre-zero",
"binary_version": "17.0.10+7-1~20.04.1"
},
{
"binary_name": "openjdk-17-source",
"binary_version": "17.0.10+7-1~20.04.1"
}
]
},
"package": {
"ecosystem": "Ubuntu:20.04:LTS",
"name": "openjdk-17",
"purl": "pkg:deb/ubuntu/openjdk-17@17.0.10+7-1~20.04.1?arch=source\u0026distro=focal"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "17.0.10+7-1~20.04.1"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"17+35-1~20.04",
"17.0.1+12-1~20.04",
"17.0.2+8-1~20.04",
"17.0.3+7-0ubuntu0.20.04.1",
"17.0.4+8-1~20.04",
"17.0.5+8-2ubuntu1~20.04",
"17.0.6+10-0ubuntu1~20.04.1",
"17.0.7+7~us1-0ubuntu1~20.04",
"17.0.8+7-1~20.04.2",
"17.0.8.1+1~us1-0ubuntu1~20.04",
"17.0.9+9-1~20.04"
]
},
{
"ecosystem_specific": {
"availability": "No subscription required",
"binaries": [
{
"binary_name": "openjdk-21-demo",
"binary_version": "21.0.2+13-1~20.04.1"
},
{
"binary_name": "openjdk-21-jdk",
"binary_version": "21.0.2+13-1~20.04.1"
},
{
"binary_name": "openjdk-21-jdk-headless",
"binary_version": "21.0.2+13-1~20.04.1"
},
{
"binary_name": "openjdk-21-jre",
"binary_version": "21.0.2+13-1~20.04.1"
},
{
"binary_name": "openjdk-21-jre-headless",
"binary_version": "21.0.2+13-1~20.04.1"
},
{
"binary_name": "openjdk-21-jre-zero",
"binary_version": "21.0.2+13-1~20.04.1"
},
{
"binary_name": "openjdk-21-source",
"binary_version": "21.0.2+13-1~20.04.1"
}
]
},
"package": {
"ecosystem": "Ubuntu:20.04:LTS",
"name": "openjdk-21",
"purl": "pkg:deb/ubuntu/openjdk-21@21.0.2+13-1~20.04.1?arch=source\u0026distro=focal"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "21.0.2+13-1~20.04.1"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"21.0.1+12-2~20.04.1"
]
},
{
"ecosystem_specific": {
"availability": "No subscription required",
"binaries": [
{
"binary_name": "openjdk-8-demo",
"binary_version": "8u402-ga-2ubuntu1~20.04"
},
{
"binary_name": "openjdk-8-jdk",
"binary_version": "8u402-ga-2ubuntu1~20.04"
},
{
"binary_name": "openjdk-8-jdk-headless",
"binary_version": "8u402-ga-2ubuntu1~20.04"
},
{
"binary_name": "openjdk-8-jre",
"binary_version": "8u402-ga-2ubuntu1~20.04"
},
{
"binary_name": "openjdk-8-jre-headless",
"binary_version": "8u402-ga-2ubuntu1~20.04"
},
{
"binary_name": "openjdk-8-jre-zero",
"binary_version": "8u402-ga-2ubuntu1~20.04"
},
{
"binary_name": "openjdk-8-source",
"binary_version": "8u402-ga-2ubuntu1~20.04"
}
]
},
"package": {
"ecosystem": "Ubuntu:20.04:LTS",
"name": "openjdk-8",
"purl": "pkg:deb/ubuntu/openjdk-8@8u402-ga-2ubuntu1~20.04?arch=source\u0026distro=focal"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "8u402-ga-2ubuntu1~20.04"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"8u232-b09-0ubuntu1",
"8u232-b09-1",
"8u242-b04-1",
"8u242-b08-0ubuntu3",
"8u252-b07-1",
"8u252-b09-1ubuntu1",
"8u265-b01-0ubuntu2~20.04",
"8u272-b10-0ubuntu1~20.04",
"8u275-b01-0ubuntu1~20.04",
"8u282-b08-0ubuntu1~20.04",
"8u292-b10-0ubuntu1~20.04",
"8u312-b07-0ubuntu1~20.04",
"8u342-b07-0ubuntu1~20.04",
"8u352-ga-1~20.04",
"8u362-ga-0ubuntu1~20.04.1",
"8u372-ga~us1-0ubuntu1~20.04",
"8u382-ga-1~20.04.1",
"8u392-ga-1~20.04"
]
},
{
"ecosystem_specific": {
"availability": "No subscription required",
"binaries": [
{
"binary_name": "openjdk-11-demo",
"binary_version": "11.0.22+7-0ubuntu2~20.04.1"
},
{
"binary_name": "openjdk-11-jdk",
"binary_version": "11.0.22+7-0ubuntu2~20.04.1"
},
{
"binary_name": "openjdk-11-jdk-headless",
"binary_version": "11.0.22+7-0ubuntu2~20.04.1"
},
{
"binary_name": "openjdk-11-jre",
"binary_version": "11.0.22+7-0ubuntu2~20.04.1"
},
{
"binary_name": "openjdk-11-jre-headless",
"binary_version": "11.0.22+7-0ubuntu2~20.04.1"
},
{
"binary_name": "openjdk-11-jre-zero",
"binary_version": "11.0.22+7-0ubuntu2~20.04.1"
},
{
"binary_name": "openjdk-11-source",
"binary_version": "11.0.22+7-0ubuntu2~20.04.1"
}
]
},
"package": {
"ecosystem": "Ubuntu:20.04:LTS",
"name": "openjdk-lts",
"purl": "pkg:deb/ubuntu/openjdk-lts@11.0.22+7-0ubuntu2~20.04.1?arch=source\u0026distro=focal"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "11.0.22+7-0ubuntu2~20.04.1"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"11.0.5+10-0ubuntu1",
"11.0.5+10-2ubuntu1",
"11.0.6+10-1ubuntu1",
"11.0.6+10-2ubuntu2",
"11.0.7+9-1ubuntu1",
"11.0.7+10-2ubuntu1",
"11.0.7+10-3ubuntu1",
"11.0.8+10-0ubuntu1~20.04",
"11.0.9+11-0ubuntu1~20.04",
"11.0.9.1+1-0ubuntu1~20.04",
"11.0.10+9-0ubuntu1~20.04",
"11.0.11+9-0ubuntu2~20.04",
"11.0.13+8-0ubuntu1~20.04",
"11.0.14+9-0ubuntu2~20.04",
"11.0.14.1+1-0ubuntu1~20.04",
"11.0.15+10-0ubuntu0.20.04.1",
"11.0.16+8-0ubuntu1~20.04",
"11.0.17+8-1ubuntu2~20.04",
"11.0.18+10-0ubuntu1~20.04.1",
"11.0.19+7~us1-0ubuntu1~20.04.1",
"11.0.20+8-1ubuntu1~20.04",
"11.0.20.1+1-0ubuntu1~20.04",
"11.0.21+9-0ubuntu1~20.04"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "openjdk-13-demo",
"binary_version": "13.0.7+5-0ubuntu1~20.04"
},
{
"binary_name": "openjdk-13-jdk",
"binary_version": "13.0.7+5-0ubuntu1~20.04"
},
{
"binary_name": "openjdk-13-jdk-headless",
"binary_version": "13.0.7+5-0ubuntu1~20.04"
},
{
"binary_name": "openjdk-13-jre",
"binary_version": "13.0.7+5-0ubuntu1~20.04"
},
{
"binary_name": "openjdk-13-jre-headless",
"binary_version": "13.0.7+5-0ubuntu1~20.04"
},
{
"binary_name": "openjdk-13-jre-zero",
"binary_version": "13.0.7+5-0ubuntu1~20.04"
},
{
"binary_name": "openjdk-13-source",
"binary_version": "13.0.7+5-0ubuntu1~20.04"
}
]
},
"package": {
"ecosystem": "Ubuntu:20.04:LTS",
"name": "openjdk-13",
"purl": "pkg:deb/ubuntu/openjdk-13@13.0.7+5-0ubuntu1~20.04?arch=source\u0026distro=focal"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"13+33-1",
"13.0.1+9-2",
"13.0.2+8-1",
"13.0.2+8-2",
"13.0.3+3-1ubuntu2",
"13.0.4+8-1~20.04",
"13.0.7+5-0ubuntu1~20.04"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "openjdk-16-demo",
"binary_version": "16.0.1+9-1~20.04"
},
{
"binary_name": "openjdk-16-jdk",
"binary_version": "16.0.1+9-1~20.04"
},
{
"binary_name": "openjdk-16-jdk-headless",
"binary_version": "16.0.1+9-1~20.04"
},
{
"binary_name": "openjdk-16-jre",
"binary_version": "16.0.1+9-1~20.04"
},
{
"binary_name": "openjdk-16-jre-headless",
"binary_version": "16.0.1+9-1~20.04"
},
{
"binary_name": "openjdk-16-jre-zero",
"binary_version": "16.0.1+9-1~20.04"
},
{
"binary_name": "openjdk-16-source",
"binary_version": "16.0.1+9-1~20.04"
}
]
},
"package": {
"ecosystem": "Ubuntu:20.04:LTS",
"name": "openjdk-16",
"purl": "pkg:deb/ubuntu/openjdk-16@16.0.1+9-1~20.04?arch=source\u0026distro=focal"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"16.0.1+9-1~20.04"
]
},
{
"ecosystem_specific": {
"availability": "No subscription required",
"binaries": [
{
"binary_name": "openjdk-17-demo",
"binary_version": "17.0.10+7-1~22.04.1"
},
{
"binary_name": "openjdk-17-jdk",
"binary_version": "17.0.10+7-1~22.04.1"
},
{
"binary_name": "openjdk-17-jdk-headless",
"binary_version": "17.0.10+7-1~22.04.1"
},
{
"binary_name": "openjdk-17-jre",
"binary_version": "17.0.10+7-1~22.04.1"
},
{
"binary_name": "openjdk-17-jre-headless",
"binary_version": "17.0.10+7-1~22.04.1"
},
{
"binary_name": "openjdk-17-jre-zero",
"binary_version": "17.0.10+7-1~22.04.1"
},
{
"binary_name": "openjdk-17-source",
"binary_version": "17.0.10+7-1~22.04.1"
}
]
},
"package": {
"ecosystem": "Ubuntu:22.04:LTS",
"name": "openjdk-17",
"purl": "pkg:deb/ubuntu/openjdk-17@17.0.10+7-1~22.04.1?arch=source\u0026distro=jammy"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "17.0.10+7-1~22.04.1"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"17+35-1",
"17.0.1+12-1",
"17.0.2+8-1",
"17.0.3+7-0ubuntu0.22.04.1",
"17.0.4+8-1~22.04",
"17.0.5+8-2ubuntu1~22.04",
"17.0.6+10-0ubuntu1~22.04",
"17.0.7+7~us1-0ubuntu1~22.04.2",
"17.0.8+7-1~22.04",
"17.0.8.1+1~us1-0ubuntu1~22.04",
"17.0.9+9-1~22.04"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "openjdk-18-demo",
"binary_version": "18.0.2+9-2~22.04"
},
{
"binary_name": "openjdk-18-jdk",
"binary_version": "18.0.2+9-2~22.04"
},
{
"binary_name": "openjdk-18-jdk-headless",
"binary_version": "18.0.2+9-2~22.04"
},
{
"binary_name": "openjdk-18-jre",
"binary_version": "18.0.2+9-2~22.04"
},
{
"binary_name": "openjdk-18-jre-headless",
"binary_version": "18.0.2+9-2~22.04"
},
{
"binary_name": "openjdk-18-jre-zero",
"binary_version": "18.0.2+9-2~22.04"
},
{
"binary_name": "openjdk-18-source",
"binary_version": "18.0.2+9-2~22.04"
}
]
},
"package": {
"ecosystem": "Ubuntu:22.04:LTS",
"name": "openjdk-18",
"purl": "pkg:deb/ubuntu/openjdk-18@18.0.2+9-2~22.04?arch=source\u0026distro=jammy"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"18~15ea-4",
"18~20ea-1",
"18~32ea-1",
"18~36ea-1",
"18.0.2+9-2~22.04"
]
},
{
"ecosystem_specific": {
"availability": "No subscription required",
"binaries": [
{
"binary_name": "openjdk-21-demo",
"binary_version": "21.0.2+13-1~22.04.1"
},
{
"binary_name": "openjdk-21-jdk",
"binary_version": "21.0.2+13-1~22.04.1"
},
{
"binary_name": "openjdk-21-jdk-headless",
"binary_version": "21.0.2+13-1~22.04.1"
},
{
"binary_name": "openjdk-21-jre",
"binary_version": "21.0.2+13-1~22.04.1"
},
{
"binary_name": "openjdk-21-jre-headless",
"binary_version": "21.0.2+13-1~22.04.1"
},
{
"binary_name": "openjdk-21-jre-zero",
"binary_version": "21.0.2+13-1~22.04.1"
},
{
"binary_name": "openjdk-21-source",
"binary_version": "21.0.2+13-1~22.04.1"
}
]
},
"package": {
"ecosystem": "Ubuntu:22.04:LTS",
"name": "openjdk-21",
"purl": "pkg:deb/ubuntu/openjdk-21@21.0.2+13-1~22.04.1?arch=source\u0026distro=jammy"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "21.0.2+13-1~22.04.1"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"21.0.1+12-2~22.04"
]
},
{
"ecosystem_specific": {
"availability": "No subscription required",
"binaries": [
{
"binary_name": "openjdk-8-demo",
"binary_version": "8u402-ga-2ubuntu1~22.04"
},
{
"binary_name": "openjdk-8-jdk",
"binary_version": "8u402-ga-2ubuntu1~22.04"
},
{
"binary_name": "openjdk-8-jdk-headless",
"binary_version": "8u402-ga-2ubuntu1~22.04"
},
{
"binary_name": "openjdk-8-jre",
"binary_version": "8u402-ga-2ubuntu1~22.04"
},
{
"binary_name": "openjdk-8-jre-headless",
"binary_version": "8u402-ga-2ubuntu1~22.04"
},
{
"binary_name": "openjdk-8-jre-zero",
"binary_version": "8u402-ga-2ubuntu1~22.04"
},
{
"binary_name": "openjdk-8-source",
"binary_version": "8u402-ga-2ubuntu1~22.04"
}
]
},
"package": {
"ecosystem": "Ubuntu:22.04:LTS",
"name": "openjdk-8",
"purl": "pkg:deb/ubuntu/openjdk-8@8u402-ga-2ubuntu1~22.04?arch=source\u0026distro=jammy"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "8u402-ga-2ubuntu1~22.04"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"8u302-b08-0ubuntu2",
"8u312-b07-0ubuntu1",
"8u342-b07-0ubuntu1~22.04",
"8u352-ga-1~22.04",
"8u362-ga-0ubuntu1~22.04",
"8u372-ga~us1-0ubuntu1~22.04",
"8u382-ga-1~22.04.1",
"8u392-ga-1~22.04"
]
},
{
"ecosystem_specific": {
"availability": "No subscription required",
"binaries": [
{
"binary_name": "openjdk-11-demo",
"binary_version": "11.0.22+7-0ubuntu2~22.04.1"
},
{
"binary_name": "openjdk-11-jdk",
"binary_version": "11.0.22+7-0ubuntu2~22.04.1"
},
{
"binary_name": "openjdk-11-jdk-headless",
"binary_version": "11.0.22+7-0ubuntu2~22.04.1"
},
{
"binary_name": "openjdk-11-jre",
"binary_version": "11.0.22+7-0ubuntu2~22.04.1"
},
{
"binary_name": "openjdk-11-jre-headless",
"binary_version": "11.0.22+7-0ubuntu2~22.04.1"
},
{
"binary_name": "openjdk-11-jre-zero",
"binary_version": "11.0.22+7-0ubuntu2~22.04.1"
},
{
"binary_name": "openjdk-11-source",
"binary_version": "11.0.22+7-0ubuntu2~22.04.1"
}
]
},
"package": {
"ecosystem": "Ubuntu:22.04:LTS",
"name": "openjdk-lts",
"purl": "pkg:deb/ubuntu/openjdk-lts@11.0.22+7-0ubuntu2~22.04.1?arch=source\u0026distro=jammy"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "11.0.22+7-0ubuntu2~22.04.1"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"11.0.12+7-0ubuntu3",
"11.0.13+8-0ubuntu1",
"11.0.14+9-0ubuntu2",
"11.0.14.1+1-0ubuntu1",
"11.0.15+10-0ubuntu0.22.04.1",
"11.0.16+8-0ubuntu1~22.04",
"11.0.17+8-1ubuntu2~22.04",
"11.0.18+10-0ubuntu1~22.04",
"11.0.19+7~us1-0ubuntu1~22.04.1",
"11.0.20+8-1ubuntu1~22.04",
"11.0.20.1+1-0ubuntu1~22.04",
"11.0.21+9-0ubuntu1~22.04"
]
}
],
"aliases": [],
"details": "Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u391, 8u391-perf, 11.0.21, 17.0.9, 21.0.1; Oracle GraalVM for JDK: 17.0.9, 21.0.1; Oracle GraalVM Enterprise Edition: 20.3.12, 21.3.8 and 22.3.4. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability can only be exploited by supplying data to APIs in the specified Component without using Untrusted Java Web Start applications or Untrusted Java applets, such as through a web service. CVSS 3.1 Base Score 5.9 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N).",
"id": "UBUNTU-CVE-2024-20919",
"modified": "2025-12-02T05:09:59Z",
"published": "2024-02-17T02:15:00Z",
"references": [
{
"type": "REPORT",
"url": "https://ubuntu.com/security/CVE-2024-20919"
},
{
"type": "ADVISORY",
"url": "https://ubuntu.com/security/notices/USN-6660-1"
},
{
"type": "ADVISORY",
"url": "https://ubuntu.com/security/notices/USN-6661-1"
},
{
"type": "ADVISORY",
"url": "https://ubuntu.com/security/notices/USN-6662-1"
},
{
"type": "ADVISORY",
"url": "https://ubuntu.com/security/notices/USN-6696-1"
},
{
"type": "REPORT",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20919"
},
{
"type": "ADVISORY",
"url": "https://ubuntu.com/security/notices/USN-7096-1"
}
],
"related": [
"USN-6660-1",
"USN-6661-1",
"USN-6662-1",
"USN-6696-1",
"USN-7096-1"
],
"schema_version": "1.7.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
"type": "CVSS_V3"
},
{
"score": "medium",
"type": "Ubuntu"
}
],
"upstream": [
"CVE-2024-20919"
]
}
ubuntu-cve-2024-20921
Vulnerability from osv_ubuntu
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u391, 8u391-perf, 11.0.21, 17.0.9, 21.0.1; Oracle GraalVM for JDK: 17.0.9, 21.0.1; Oracle GraalVM Enterprise Edition: 20.3.12, 21.3.8 and 22.3.4. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. CVSS 3.1 Base Score 5.9 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N).
| URL | Type | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"affected": [
{
"ecosystem_specific": {
"availability": "Available with Ubuntu Pro (Infra-only): https://ubuntu.com/pro",
"binaries": [
{
"binary_name": "openjdk-8-demo",
"binary_version": "8u432-ga~us1-0ubuntu2~16.04.4"
},
{
"binary_name": "openjdk-8-jdk",
"binary_version": "8u432-ga~us1-0ubuntu2~16.04.4"
},
{
"binary_name": "openjdk-8-jdk-headless",
"binary_version": "8u432-ga~us1-0ubuntu2~16.04.4"
},
{
"binary_name": "openjdk-8-jre",
"binary_version": "8u432-ga~us1-0ubuntu2~16.04.4"
},
{
"binary_name": "openjdk-8-jre-headless",
"binary_version": "8u432-ga~us1-0ubuntu2~16.04.4"
},
{
"binary_name": "openjdk-8-jre-jamvm",
"binary_version": "8u432-ga~us1-0ubuntu2~16.04.4"
},
{
"binary_name": "openjdk-8-jre-zero",
"binary_version": "8u432-ga~us1-0ubuntu2~16.04.4"
},
{
"binary_name": "openjdk-8-source",
"binary_version": "8u432-ga~us1-0ubuntu2~16.04.4"
}
]
},
"package": {
"ecosystem": "Ubuntu:Pro:16.04:LTS",
"name": "openjdk-8",
"purl": "pkg:deb/ubuntu/openjdk-8@8u432-ga~us1-0ubuntu2~16.04.4?arch=source\u0026distro=esm-infra/xenial"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "8u432-ga~us1-0ubuntu2~16.04.4"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"8u66-b01-5",
"8u72-b05-1ubuntu1",
"8u72-b05-5",
"8u72-b05-6",
"8u72-b15-1",
"8u72-b15-2ubuntu1",
"8u72-b15-2ubuntu3",
"8u72-b15-3ubuntu1",
"8u77-b03-1ubuntu2",
"8u77-b03-3ubuntu1",
"8u77-b03-3ubuntu2",
"8u77-b03-3ubuntu3",
"8u91-b14-0ubuntu4~16.04.1",
"8u91-b14-3ubuntu1~16.04.1",
"8u111-b14-2ubuntu0.16.04.2",
"8u121-b13-0ubuntu1.16.04.2",
"8u131-b11-0ubuntu1.16.04.2",
"8u131-b11-2ubuntu1.16.04.2",
"8u131-b11-2ubuntu1.16.04.3",
"8u151-b12-0ubuntu0.16.04.2",
"8u162-b12-0ubuntu0.16.04.2",
"8u171-b11-0ubuntu0.16.04.1",
"8u181-b13-0ubuntu0.16.04.1",
"8u181-b13-1ubuntu0.16.04.1",
"8u191-b12-0ubuntu0.16.04.1",
"8u191-b12-2ubuntu0.16.04.1",
"8u212-b03-0ubuntu1.16.04.1",
"8u222-b10-1ubuntu1~16.04.1",
"8u232-b09-0ubuntu1~16.04.1",
"8u242-b08-0ubuntu3~16.04",
"8u252-b09-1~16.04",
"8u265-b01-0ubuntu2~16.04",
"8u272-b10-0ubuntu1~16.04",
"8u275-b01-0ubuntu1~16.04",
"8u282-b08-0ubuntu1~16.04",
"8u292-b10-0ubuntu1~16.04.1",
"8u312-b07-0ubuntu1~16.04",
"8u342-b07-0ubuntu1~16.04",
"8u352-ga-1~16.04",
"8u362-ga-0ubuntu1~16.04.1",
"8u372-ga~us1-0ubuntu1~16.04",
"8u382-ga-1~16.04.1",
"8u392-ga-1~16.04"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "openjdk-9-demo",
"binary_version": "9~b114-0ubuntu1"
},
{
"binary_name": "openjdk-9-jdk",
"binary_version": "9~b114-0ubuntu1"
},
{
"binary_name": "openjdk-9-jdk-headless",
"binary_version": "9~b114-0ubuntu1"
},
{
"binary_name": "openjdk-9-jre",
"binary_version": "9~b114-0ubuntu1"
},
{
"binary_name": "openjdk-9-jre-headless",
"binary_version": "9~b114-0ubuntu1"
},
{
"binary_name": "openjdk-9-source",
"binary_version": "9~b114-0ubuntu1"
}
]
},
"package": {
"ecosystem": "Ubuntu:16.04:LTS",
"name": "openjdk-9",
"purl": "pkg:deb/ubuntu/openjdk-9@9~b114-0ubuntu1?arch=source\u0026distro=xenial"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"9~b88-1",
"9~b101-2ubuntu2",
"9~b102-1",
"9~b113-0ubuntu1",
"9~b114-0ubuntu1"
]
},
{
"ecosystem_specific": {
"availability": "Available with Ubuntu Pro (Infra-only): https://ubuntu.com/pro",
"binaries": [
{
"binary_name": "openjdk-11-demo",
"binary_version": "11.0.22+7-0ubuntu2~18.04.1"
},
{
"binary_name": "openjdk-11-jdk",
"binary_version": "11.0.22+7-0ubuntu2~18.04.1"
},
{
"binary_name": "openjdk-11-jdk-headless",
"binary_version": "11.0.22+7-0ubuntu2~18.04.1"
},
{
"binary_name": "openjdk-11-jre",
"binary_version": "11.0.22+7-0ubuntu2~18.04.1"
},
{
"binary_name": "openjdk-11-jre-headless",
"binary_version": "11.0.22+7-0ubuntu2~18.04.1"
},
{
"binary_name": "openjdk-11-jre-zero",
"binary_version": "11.0.22+7-0ubuntu2~18.04.1"
},
{
"binary_name": "openjdk-11-source",
"binary_version": "11.0.22+7-0ubuntu2~18.04.1"
}
]
},
"package": {
"ecosystem": "Ubuntu:Pro:18.04:LTS",
"name": "openjdk-lts",
"purl": "pkg:deb/ubuntu/openjdk-lts@11.0.22+7-0ubuntu2~18.04.1?arch=source\u0026distro=esm-infra/bionic"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "11.0.22+7-0ubuntu2~18.04.1"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"9.0.4+12-2ubuntu4",
"9.0.4+12-4ubuntu1",
"10~46-4ubuntu1",
"10~46-5ubuntu1",
"10.0.1+10-1ubuntu2",
"10.0.1+10-3ubuntu1",
"10.0.2+13-1ubuntu0.18.04.1",
"10.0.2+13-1ubuntu0.18.04.2",
"10.0.2+13-1ubuntu0.18.04.3",
"10.0.2+13-1ubuntu0.18.04.4",
"11.0.2+9-3ubuntu1~18.04.3",
"11.0.3+7-1ubuntu2~18.04.1",
"11.0.4+11-1ubuntu2~18.04.3",
"11.0.5+10-0ubuntu1.1~18.04",
"11.0.6+10-1ubuntu1~18.04.1",
"11.0.7+10-2ubuntu2~18.04",
"11.0.8+10-0ubuntu1~18.04.1",
"11.0.9+11-0ubuntu1~18.04.1",
"11.0.9.1+1-0ubuntu1~18.04",
"11.0.10+9-0ubuntu1~18.04",
"11.0.11+9-0ubuntu2~18.04",
"11.0.13+8-0ubuntu1~18.04",
"11.0.14+9-0ubuntu2~18.04",
"11.0.14.1+1-0ubuntu1~18.04",
"11.0.15+10-0ubuntu0.18.04.1",
"11.0.16+8-0ubuntu1~18.04",
"11.0.17+8-1ubuntu2~18.04",
"11.0.18+10-0ubuntu1~18.04.1",
"11.0.19+7~us1-0ubuntu1~18.04.1",
"11.0.20+8-1ubuntu1~18.04",
"11.0.20.1+1-0ubuntu1~18.04",
"11.0.21+9-0ubuntu1~18.04"
]
},
{
"ecosystem_specific": {
"availability": "Available with Ubuntu Pro: https://ubuntu.com/pro",
"binaries": [
{
"binary_name": "openjdk-17-demo",
"binary_version": "17.0.10+7-1~18.04.1"
},
{
"binary_name": "openjdk-17-jdk",
"binary_version": "17.0.10+7-1~18.04.1"
},
{
"binary_name": "openjdk-17-jdk-headless",
"binary_version": "17.0.10+7-1~18.04.1"
},
{
"binary_name": "openjdk-17-jre",
"binary_version": "17.0.10+7-1~18.04.1"
},
{
"binary_name": "openjdk-17-jre-headless",
"binary_version": "17.0.10+7-1~18.04.1"
},
{
"binary_name": "openjdk-17-jre-zero",
"binary_version": "17.0.10+7-1~18.04.1"
},
{
"binary_name": "openjdk-17-source",
"binary_version": "17.0.10+7-1~18.04.1"
}
]
},
"package": {
"ecosystem": "Ubuntu:Pro:18.04:LTS",
"name": "openjdk-17",
"purl": "pkg:deb/ubuntu/openjdk-17@17.0.10+7-1~18.04.1?arch=source\u0026distro=esm-apps/bionic"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "17.0.10+7-1~18.04.1"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"17+35-1~18.04",
"17.0.1+12-1~18.04",
"17.0.2+8-1~18.04",
"17.0.3+7-0ubuntu0.18.04.1",
"17.0.4+8-1~18.04",
"17.0.5+8-2ubuntu1~18.04",
"17.0.6+10-0ubuntu1~18.04.1",
"17.0.7+7~us1-0ubuntu1~18.04",
"17.0.8+7-1~18.04",
"17.0.8.1+1~us1-0ubuntu1~18.04",
"17.0.9+9-1~18.04"
]
},
{
"ecosystem_specific": {
"availability": "Available with Ubuntu Pro: https://ubuntu.com/pro",
"binaries": [
{
"binary_name": "openjdk-8-demo",
"binary_version": "8u402-ga-2ubuntu1~18.04"
},
{
"binary_name": "openjdk-8-jdk",
"binary_version": "8u402-ga-2ubuntu1~18.04"
},
{
"binary_name": "openjdk-8-jdk-headless",
"binary_version": "8u402-ga-2ubuntu1~18.04"
},
{
"binary_name": "openjdk-8-jre",
"binary_version": "8u402-ga-2ubuntu1~18.04"
},
{
"binary_name": "openjdk-8-jre-headless",
"binary_version": "8u402-ga-2ubuntu1~18.04"
},
{
"binary_name": "openjdk-8-jre-zero",
"binary_version": "8u402-ga-2ubuntu1~18.04"
},
{
"binary_name": "openjdk-8-source",
"binary_version": "8u402-ga-2ubuntu1~18.04"
}
]
},
"package": {
"ecosystem": "Ubuntu:Pro:18.04:LTS",
"name": "openjdk-8",
"purl": "pkg:deb/ubuntu/openjdk-8@8u402-ga-2ubuntu1~18.04?arch=source\u0026distro=esm-apps/bionic"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "8u402-ga-2ubuntu1~18.04"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"8u144-b01-2",
"8u151-b12-1",
"8u162-b12-1",
"8u171-b11-0ubuntu0.18.04.1",
"8u181-b13-0ubuntu0.18.04.1",
"8u181-b13-1ubuntu0.18.04.1",
"8u191-b12-0ubuntu0.18.04.1",
"8u191-b12-2ubuntu0.18.04.1",
"8u212-b03-0ubuntu1.18.04.1",
"8u222-b10-1ubuntu1~18.04.1",
"8u232-b09-0ubuntu1~18.04.1",
"8u242-b08-0ubuntu3~18.04",
"8u252-b09-1~18.04",
"8u265-b01-0ubuntu2~18.04",
"8u272-b10-0ubuntu1~18.04",
"8u275-b01-0ubuntu1~18.04",
"8u282-b08-0ubuntu1~18.04",
"8u292-b10-0ubuntu1~18.04",
"8u312-b07-0ubuntu1~18.04",
"8u342-b07-0ubuntu1~18.04",
"8u352-ga-1~18.04",
"8u362-ga-0ubuntu1~18.04.1",
"8u372-ga~us1-0ubuntu1~18.04",
"8u382-ga-1~18.04.1",
"8u392-ga-1~18.04"
]
},
{
"ecosystem_specific": {
"availability": "No subscription required",
"binaries": [
{
"binary_name": "openjdk-17-demo",
"binary_version": "17.0.10+7-1~20.04.1"
},
{
"binary_name": "openjdk-17-jdk",
"binary_version": "17.0.10+7-1~20.04.1"
},
{
"binary_name": "openjdk-17-jdk-headless",
"binary_version": "17.0.10+7-1~20.04.1"
},
{
"binary_name": "openjdk-17-jre",
"binary_version": "17.0.10+7-1~20.04.1"
},
{
"binary_name": "openjdk-17-jre-headless",
"binary_version": "17.0.10+7-1~20.04.1"
},
{
"binary_name": "openjdk-17-jre-zero",
"binary_version": "17.0.10+7-1~20.04.1"
},
{
"binary_name": "openjdk-17-source",
"binary_version": "17.0.10+7-1~20.04.1"
}
]
},
"package": {
"ecosystem": "Ubuntu:20.04:LTS",
"name": "openjdk-17",
"purl": "pkg:deb/ubuntu/openjdk-17@17.0.10+7-1~20.04.1?arch=source\u0026distro=focal"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "17.0.10+7-1~20.04.1"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"17+35-1~20.04",
"17.0.1+12-1~20.04",
"17.0.2+8-1~20.04",
"17.0.3+7-0ubuntu0.20.04.1",
"17.0.4+8-1~20.04",
"17.0.5+8-2ubuntu1~20.04",
"17.0.6+10-0ubuntu1~20.04.1",
"17.0.7+7~us1-0ubuntu1~20.04",
"17.0.8+7-1~20.04.2",
"17.0.8.1+1~us1-0ubuntu1~20.04",
"17.0.9+9-1~20.04"
]
},
{
"ecosystem_specific": {
"availability": "No subscription required",
"binaries": [
{
"binary_name": "openjdk-21-demo",
"binary_version": "21.0.2+13-1~20.04.1"
},
{
"binary_name": "openjdk-21-jdk",
"binary_version": "21.0.2+13-1~20.04.1"
},
{
"binary_name": "openjdk-21-jdk-headless",
"binary_version": "21.0.2+13-1~20.04.1"
},
{
"binary_name": "openjdk-21-jre",
"binary_version": "21.0.2+13-1~20.04.1"
},
{
"binary_name": "openjdk-21-jre-headless",
"binary_version": "21.0.2+13-1~20.04.1"
},
{
"binary_name": "openjdk-21-jre-zero",
"binary_version": "21.0.2+13-1~20.04.1"
},
{
"binary_name": "openjdk-21-source",
"binary_version": "21.0.2+13-1~20.04.1"
}
]
},
"package": {
"ecosystem": "Ubuntu:20.04:LTS",
"name": "openjdk-21",
"purl": "pkg:deb/ubuntu/openjdk-21@21.0.2+13-1~20.04.1?arch=source\u0026distro=focal"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "21.0.2+13-1~20.04.1"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"21.0.1+12-2~20.04.1"
]
},
{
"ecosystem_specific": {
"availability": "No subscription required",
"binaries": [
{
"binary_name": "openjdk-8-demo",
"binary_version": "8u402-ga-2ubuntu1~20.04"
},
{
"binary_name": "openjdk-8-jdk",
"binary_version": "8u402-ga-2ubuntu1~20.04"
},
{
"binary_name": "openjdk-8-jdk-headless",
"binary_version": "8u402-ga-2ubuntu1~20.04"
},
{
"binary_name": "openjdk-8-jre",
"binary_version": "8u402-ga-2ubuntu1~20.04"
},
{
"binary_name": "openjdk-8-jre-headless",
"binary_version": "8u402-ga-2ubuntu1~20.04"
},
{
"binary_name": "openjdk-8-jre-zero",
"binary_version": "8u402-ga-2ubuntu1~20.04"
},
{
"binary_name": "openjdk-8-source",
"binary_version": "8u402-ga-2ubuntu1~20.04"
}
]
},
"package": {
"ecosystem": "Ubuntu:20.04:LTS",
"name": "openjdk-8",
"purl": "pkg:deb/ubuntu/openjdk-8@8u402-ga-2ubuntu1~20.04?arch=source\u0026distro=focal"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "8u402-ga-2ubuntu1~20.04"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"8u232-b09-0ubuntu1",
"8u232-b09-1",
"8u242-b04-1",
"8u242-b08-0ubuntu3",
"8u252-b07-1",
"8u252-b09-1ubuntu1",
"8u265-b01-0ubuntu2~20.04",
"8u272-b10-0ubuntu1~20.04",
"8u275-b01-0ubuntu1~20.04",
"8u282-b08-0ubuntu1~20.04",
"8u292-b10-0ubuntu1~20.04",
"8u312-b07-0ubuntu1~20.04",
"8u342-b07-0ubuntu1~20.04",
"8u352-ga-1~20.04",
"8u362-ga-0ubuntu1~20.04.1",
"8u372-ga~us1-0ubuntu1~20.04",
"8u382-ga-1~20.04.1",
"8u392-ga-1~20.04"
]
},
{
"ecosystem_specific": {
"availability": "No subscription required",
"binaries": [
{
"binary_name": "openjdk-11-demo",
"binary_version": "11.0.22+7-0ubuntu2~20.04.1"
},
{
"binary_name": "openjdk-11-jdk",
"binary_version": "11.0.22+7-0ubuntu2~20.04.1"
},
{
"binary_name": "openjdk-11-jdk-headless",
"binary_version": "11.0.22+7-0ubuntu2~20.04.1"
},
{
"binary_name": "openjdk-11-jre",
"binary_version": "11.0.22+7-0ubuntu2~20.04.1"
},
{
"binary_name": "openjdk-11-jre-headless",
"binary_version": "11.0.22+7-0ubuntu2~20.04.1"
},
{
"binary_name": "openjdk-11-jre-zero",
"binary_version": "11.0.22+7-0ubuntu2~20.04.1"
},
{
"binary_name": "openjdk-11-source",
"binary_version": "11.0.22+7-0ubuntu2~20.04.1"
}
]
},
"package": {
"ecosystem": "Ubuntu:20.04:LTS",
"name": "openjdk-lts",
"purl": "pkg:deb/ubuntu/openjdk-lts@11.0.22+7-0ubuntu2~20.04.1?arch=source\u0026distro=focal"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "11.0.22+7-0ubuntu2~20.04.1"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"11.0.5+10-0ubuntu1",
"11.0.5+10-2ubuntu1",
"11.0.6+10-1ubuntu1",
"11.0.6+10-2ubuntu2",
"11.0.7+9-1ubuntu1",
"11.0.7+10-2ubuntu1",
"11.0.7+10-3ubuntu1",
"11.0.8+10-0ubuntu1~20.04",
"11.0.9+11-0ubuntu1~20.04",
"11.0.9.1+1-0ubuntu1~20.04",
"11.0.10+9-0ubuntu1~20.04",
"11.0.11+9-0ubuntu2~20.04",
"11.0.13+8-0ubuntu1~20.04",
"11.0.14+9-0ubuntu2~20.04",
"11.0.14.1+1-0ubuntu1~20.04",
"11.0.15+10-0ubuntu0.20.04.1",
"11.0.16+8-0ubuntu1~20.04",
"11.0.17+8-1ubuntu2~20.04",
"11.0.18+10-0ubuntu1~20.04.1",
"11.0.19+7~us1-0ubuntu1~20.04.1",
"11.0.20+8-1ubuntu1~20.04",
"11.0.20.1+1-0ubuntu1~20.04",
"11.0.21+9-0ubuntu1~20.04"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "openjdk-13-demo",
"binary_version": "13.0.7+5-0ubuntu1~20.04"
},
{
"binary_name": "openjdk-13-jdk",
"binary_version": "13.0.7+5-0ubuntu1~20.04"
},
{
"binary_name": "openjdk-13-jdk-headless",
"binary_version": "13.0.7+5-0ubuntu1~20.04"
},
{
"binary_name": "openjdk-13-jre",
"binary_version": "13.0.7+5-0ubuntu1~20.04"
},
{
"binary_name": "openjdk-13-jre-headless",
"binary_version": "13.0.7+5-0ubuntu1~20.04"
},
{
"binary_name": "openjdk-13-jre-zero",
"binary_version": "13.0.7+5-0ubuntu1~20.04"
},
{
"binary_name": "openjdk-13-source",
"binary_version": "13.0.7+5-0ubuntu1~20.04"
}
]
},
"package": {
"ecosystem": "Ubuntu:20.04:LTS",
"name": "openjdk-13",
"purl": "pkg:deb/ubuntu/openjdk-13@13.0.7+5-0ubuntu1~20.04?arch=source\u0026distro=focal"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"13+33-1",
"13.0.1+9-2",
"13.0.2+8-1",
"13.0.2+8-2",
"13.0.3+3-1ubuntu2",
"13.0.4+8-1~20.04",
"13.0.7+5-0ubuntu1~20.04"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "openjdk-16-demo",
"binary_version": "16.0.1+9-1~20.04"
},
{
"binary_name": "openjdk-16-jdk",
"binary_version": "16.0.1+9-1~20.04"
},
{
"binary_name": "openjdk-16-jdk-headless",
"binary_version": "16.0.1+9-1~20.04"
},
{
"binary_name": "openjdk-16-jre",
"binary_version": "16.0.1+9-1~20.04"
},
{
"binary_name": "openjdk-16-jre-headless",
"binary_version": "16.0.1+9-1~20.04"
},
{
"binary_name": "openjdk-16-jre-zero",
"binary_version": "16.0.1+9-1~20.04"
},
{
"binary_name": "openjdk-16-source",
"binary_version": "16.0.1+9-1~20.04"
}
]
},
"package": {
"ecosystem": "Ubuntu:20.04:LTS",
"name": "openjdk-16",
"purl": "pkg:deb/ubuntu/openjdk-16@16.0.1+9-1~20.04?arch=source\u0026distro=focal"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"16.0.1+9-1~20.04"
]
},
{
"ecosystem_specific": {
"availability": "No subscription required",
"binaries": [
{
"binary_name": "openjdk-17-demo",
"binary_version": "17.0.10+7-1~22.04.1"
},
{
"binary_name": "openjdk-17-jdk",
"binary_version": "17.0.10+7-1~22.04.1"
},
{
"binary_name": "openjdk-17-jdk-headless",
"binary_version": "17.0.10+7-1~22.04.1"
},
{
"binary_name": "openjdk-17-jre",
"binary_version": "17.0.10+7-1~22.04.1"
},
{
"binary_name": "openjdk-17-jre-headless",
"binary_version": "17.0.10+7-1~22.04.1"
},
{
"binary_name": "openjdk-17-jre-zero",
"binary_version": "17.0.10+7-1~22.04.1"
},
{
"binary_name": "openjdk-17-source",
"binary_version": "17.0.10+7-1~22.04.1"
}
]
},
"package": {
"ecosystem": "Ubuntu:22.04:LTS",
"name": "openjdk-17",
"purl": "pkg:deb/ubuntu/openjdk-17@17.0.10+7-1~22.04.1?arch=source\u0026distro=jammy"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "17.0.10+7-1~22.04.1"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"17+35-1",
"17.0.1+12-1",
"17.0.2+8-1",
"17.0.3+7-0ubuntu0.22.04.1",
"17.0.4+8-1~22.04",
"17.0.5+8-2ubuntu1~22.04",
"17.0.6+10-0ubuntu1~22.04",
"17.0.7+7~us1-0ubuntu1~22.04.2",
"17.0.8+7-1~22.04",
"17.0.8.1+1~us1-0ubuntu1~22.04",
"17.0.9+9-1~22.04"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "openjdk-18-demo",
"binary_version": "18.0.2+9-2~22.04"
},
{
"binary_name": "openjdk-18-jdk",
"binary_version": "18.0.2+9-2~22.04"
},
{
"binary_name": "openjdk-18-jdk-headless",
"binary_version": "18.0.2+9-2~22.04"
},
{
"binary_name": "openjdk-18-jre",
"binary_version": "18.0.2+9-2~22.04"
},
{
"binary_name": "openjdk-18-jre-headless",
"binary_version": "18.0.2+9-2~22.04"
},
{
"binary_name": "openjdk-18-jre-zero",
"binary_version": "18.0.2+9-2~22.04"
},
{
"binary_name": "openjdk-18-source",
"binary_version": "18.0.2+9-2~22.04"
}
]
},
"package": {
"ecosystem": "Ubuntu:22.04:LTS",
"name": "openjdk-18",
"purl": "pkg:deb/ubuntu/openjdk-18@18.0.2+9-2~22.04?arch=source\u0026distro=jammy"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"18~15ea-4",
"18~20ea-1",
"18~32ea-1",
"18~36ea-1",
"18.0.2+9-2~22.04"
]
},
{
"ecosystem_specific": {
"availability": "No subscription required",
"binaries": [
{
"binary_name": "openjdk-21-demo",
"binary_version": "21.0.2+13-1~22.04.1"
},
{
"binary_name": "openjdk-21-jdk",
"binary_version": "21.0.2+13-1~22.04.1"
},
{
"binary_name": "openjdk-21-jdk-headless",
"binary_version": "21.0.2+13-1~22.04.1"
},
{
"binary_name": "openjdk-21-jre",
"binary_version": "21.0.2+13-1~22.04.1"
},
{
"binary_name": "openjdk-21-jre-headless",
"binary_version": "21.0.2+13-1~22.04.1"
},
{
"binary_name": "openjdk-21-jre-zero",
"binary_version": "21.0.2+13-1~22.04.1"
},
{
"binary_name": "openjdk-21-source",
"binary_version": "21.0.2+13-1~22.04.1"
}
]
},
"package": {
"ecosystem": "Ubuntu:22.04:LTS",
"name": "openjdk-21",
"purl": "pkg:deb/ubuntu/openjdk-21@21.0.2+13-1~22.04.1?arch=source\u0026distro=jammy"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "21.0.2+13-1~22.04.1"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"21.0.1+12-2~22.04"
]
},
{
"ecosystem_specific": {
"availability": "No subscription required",
"binaries": [
{
"binary_name": "openjdk-8-demo",
"binary_version": "8u402-ga-2ubuntu1~22.04"
},
{
"binary_name": "openjdk-8-jdk",
"binary_version": "8u402-ga-2ubuntu1~22.04"
},
{
"binary_name": "openjdk-8-jdk-headless",
"binary_version": "8u402-ga-2ubuntu1~22.04"
},
{
"binary_name": "openjdk-8-jre",
"binary_version": "8u402-ga-2ubuntu1~22.04"
},
{
"binary_name": "openjdk-8-jre-headless",
"binary_version": "8u402-ga-2ubuntu1~22.04"
},
{
"binary_name": "openjdk-8-jre-zero",
"binary_version": "8u402-ga-2ubuntu1~22.04"
},
{
"binary_name": "openjdk-8-source",
"binary_version": "8u402-ga-2ubuntu1~22.04"
}
]
},
"package": {
"ecosystem": "Ubuntu:22.04:LTS",
"name": "openjdk-8",
"purl": "pkg:deb/ubuntu/openjdk-8@8u402-ga-2ubuntu1~22.04?arch=source\u0026distro=jammy"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "8u402-ga-2ubuntu1~22.04"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"8u302-b08-0ubuntu2",
"8u312-b07-0ubuntu1",
"8u342-b07-0ubuntu1~22.04",
"8u352-ga-1~22.04",
"8u362-ga-0ubuntu1~22.04",
"8u372-ga~us1-0ubuntu1~22.04",
"8u382-ga-1~22.04.1",
"8u392-ga-1~22.04"
]
},
{
"ecosystem_specific": {
"availability": "No subscription required",
"binaries": [
{
"binary_name": "openjdk-11-demo",
"binary_version": "11.0.22+7-0ubuntu2~22.04.1"
},
{
"binary_name": "openjdk-11-jdk",
"binary_version": "11.0.22+7-0ubuntu2~22.04.1"
},
{
"binary_name": "openjdk-11-jdk-headless",
"binary_version": "11.0.22+7-0ubuntu2~22.04.1"
},
{
"binary_name": "openjdk-11-jre",
"binary_version": "11.0.22+7-0ubuntu2~22.04.1"
},
{
"binary_name": "openjdk-11-jre-headless",
"binary_version": "11.0.22+7-0ubuntu2~22.04.1"
},
{
"binary_name": "openjdk-11-jre-zero",
"binary_version": "11.0.22+7-0ubuntu2~22.04.1"
},
{
"binary_name": "openjdk-11-source",
"binary_version": "11.0.22+7-0ubuntu2~22.04.1"
}
]
},
"package": {
"ecosystem": "Ubuntu:22.04:LTS",
"name": "openjdk-lts",
"purl": "pkg:deb/ubuntu/openjdk-lts@11.0.22+7-0ubuntu2~22.04.1?arch=source\u0026distro=jammy"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "11.0.22+7-0ubuntu2~22.04.1"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"11.0.12+7-0ubuntu3",
"11.0.13+8-0ubuntu1",
"11.0.14+9-0ubuntu2",
"11.0.14.1+1-0ubuntu1",
"11.0.15+10-0ubuntu0.22.04.1",
"11.0.16+8-0ubuntu1~22.04",
"11.0.17+8-1ubuntu2~22.04",
"11.0.18+10-0ubuntu1~22.04",
"11.0.19+7~us1-0ubuntu1~22.04.1",
"11.0.20+8-1ubuntu1~22.04",
"11.0.20.1+1-0ubuntu1~22.04",
"11.0.21+9-0ubuntu1~22.04"
]
}
],
"aliases": [],
"details": "Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u391, 8u391-perf, 11.0.21, 17.0.9, 21.0.1; Oracle GraalVM for JDK: 17.0.9, 21.0.1; Oracle GraalVM Enterprise Edition: 20.3.12, 21.3.8 and 22.3.4. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. CVSS 3.1 Base Score 5.9 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N).",
"id": "UBUNTU-CVE-2024-20921",
"modified": "2025-12-02T05:09:59Z",
"published": "2024-02-17T02:15:00Z",
"references": [
{
"type": "REPORT",
"url": "https://ubuntu.com/security/CVE-2024-20921"
},
{
"type": "ADVISORY",
"url": "https://ubuntu.com/security/notices/USN-6660-1"
},
{
"type": "ADVISORY",
"url": "https://ubuntu.com/security/notices/USN-6661-1"
},
{
"type": "ADVISORY",
"url": "https://ubuntu.com/security/notices/USN-6662-1"
},
{
"type": "ADVISORY",
"url": "https://ubuntu.com/security/notices/USN-6696-1"
},
{
"type": "REPORT",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20921"
},
{
"type": "ADVISORY",
"url": "https://ubuntu.com/security/notices/USN-7096-1"
}
],
"related": [
"USN-6660-1",
"USN-6661-1",
"USN-6662-1",
"USN-6696-1",
"USN-7096-1"
],
"schema_version": "1.7.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
},
{
"score": "medium",
"type": "Ubuntu"
}
],
"upstream": [
"CVE-2024-20921"
]
}
ubuntu-cve-2024-20926
Vulnerability from osv_ubuntu
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Scripting). Supported versions that are affected are Oracle Java SE: 8u391, 8u391-perf, 11.0.21; Oracle GraalVM for JDK: 17.0.9; Oracle GraalVM Enterprise Edition: 20.3.12, 21.3.8 and 22.3.4. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. CVSS 3.1 Base Score 5.9 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N).
| URL | Type | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"affected": [
{
"ecosystem_specific": {
"availability": "Available with Ubuntu Pro (Infra-only): https://ubuntu.com/pro",
"binaries": [
{
"binary_name": "openjdk-8-demo",
"binary_version": "8u432-ga~us1-0ubuntu2~16.04.4"
},
{
"binary_name": "openjdk-8-jdk",
"binary_version": "8u432-ga~us1-0ubuntu2~16.04.4"
},
{
"binary_name": "openjdk-8-jdk-headless",
"binary_version": "8u432-ga~us1-0ubuntu2~16.04.4"
},
{
"binary_name": "openjdk-8-jre",
"binary_version": "8u432-ga~us1-0ubuntu2~16.04.4"
},
{
"binary_name": "openjdk-8-jre-headless",
"binary_version": "8u432-ga~us1-0ubuntu2~16.04.4"
},
{
"binary_name": "openjdk-8-jre-jamvm",
"binary_version": "8u432-ga~us1-0ubuntu2~16.04.4"
},
{
"binary_name": "openjdk-8-jre-zero",
"binary_version": "8u432-ga~us1-0ubuntu2~16.04.4"
},
{
"binary_name": "openjdk-8-source",
"binary_version": "8u432-ga~us1-0ubuntu2~16.04.4"
}
]
},
"package": {
"ecosystem": "Ubuntu:Pro:16.04:LTS",
"name": "openjdk-8",
"purl": "pkg:deb/ubuntu/openjdk-8@8u432-ga~us1-0ubuntu2~16.04.4?arch=source\u0026distro=esm-infra/xenial"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "8u432-ga~us1-0ubuntu2~16.04.4"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"8u66-b01-5",
"8u72-b05-1ubuntu1",
"8u72-b05-5",
"8u72-b05-6",
"8u72-b15-1",
"8u72-b15-2ubuntu1",
"8u72-b15-2ubuntu3",
"8u72-b15-3ubuntu1",
"8u77-b03-1ubuntu2",
"8u77-b03-3ubuntu1",
"8u77-b03-3ubuntu2",
"8u77-b03-3ubuntu3",
"8u91-b14-0ubuntu4~16.04.1",
"8u91-b14-3ubuntu1~16.04.1",
"8u111-b14-2ubuntu0.16.04.2",
"8u121-b13-0ubuntu1.16.04.2",
"8u131-b11-0ubuntu1.16.04.2",
"8u131-b11-2ubuntu1.16.04.2",
"8u131-b11-2ubuntu1.16.04.3",
"8u151-b12-0ubuntu0.16.04.2",
"8u162-b12-0ubuntu0.16.04.2",
"8u171-b11-0ubuntu0.16.04.1",
"8u181-b13-0ubuntu0.16.04.1",
"8u181-b13-1ubuntu0.16.04.1",
"8u191-b12-0ubuntu0.16.04.1",
"8u191-b12-2ubuntu0.16.04.1",
"8u212-b03-0ubuntu1.16.04.1",
"8u222-b10-1ubuntu1~16.04.1",
"8u232-b09-0ubuntu1~16.04.1",
"8u242-b08-0ubuntu3~16.04",
"8u252-b09-1~16.04",
"8u265-b01-0ubuntu2~16.04",
"8u272-b10-0ubuntu1~16.04",
"8u275-b01-0ubuntu1~16.04",
"8u282-b08-0ubuntu1~16.04",
"8u292-b10-0ubuntu1~16.04.1",
"8u312-b07-0ubuntu1~16.04",
"8u342-b07-0ubuntu1~16.04",
"8u352-ga-1~16.04",
"8u362-ga-0ubuntu1~16.04.1",
"8u372-ga~us1-0ubuntu1~16.04",
"8u382-ga-1~16.04.1",
"8u392-ga-1~16.04"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "openjdk-9-demo",
"binary_version": "9~b114-0ubuntu1"
},
{
"binary_name": "openjdk-9-jdk",
"binary_version": "9~b114-0ubuntu1"
},
{
"binary_name": "openjdk-9-jdk-headless",
"binary_version": "9~b114-0ubuntu1"
},
{
"binary_name": "openjdk-9-jre",
"binary_version": "9~b114-0ubuntu1"
},
{
"binary_name": "openjdk-9-jre-headless",
"binary_version": "9~b114-0ubuntu1"
},
{
"binary_name": "openjdk-9-source",
"binary_version": "9~b114-0ubuntu1"
}
]
},
"package": {
"ecosystem": "Ubuntu:16.04:LTS",
"name": "openjdk-9",
"purl": "pkg:deb/ubuntu/openjdk-9@9~b114-0ubuntu1?arch=source\u0026distro=xenial"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"9~b88-1",
"9~b101-2ubuntu2",
"9~b102-1",
"9~b113-0ubuntu1",
"9~b114-0ubuntu1"
]
},
{
"ecosystem_specific": {
"availability": "Available with Ubuntu Pro (Infra-only): https://ubuntu.com/pro",
"binaries": [
{
"binary_name": "openjdk-11-demo",
"binary_version": "11.0.22+7-0ubuntu2~18.04.1"
},
{
"binary_name": "openjdk-11-jdk",
"binary_version": "11.0.22+7-0ubuntu2~18.04.1"
},
{
"binary_name": "openjdk-11-jdk-headless",
"binary_version": "11.0.22+7-0ubuntu2~18.04.1"
},
{
"binary_name": "openjdk-11-jre",
"binary_version": "11.0.22+7-0ubuntu2~18.04.1"
},
{
"binary_name": "openjdk-11-jre-headless",
"binary_version": "11.0.22+7-0ubuntu2~18.04.1"
},
{
"binary_name": "openjdk-11-jre-zero",
"binary_version": "11.0.22+7-0ubuntu2~18.04.1"
},
{
"binary_name": "openjdk-11-source",
"binary_version": "11.0.22+7-0ubuntu2~18.04.1"
}
]
},
"package": {
"ecosystem": "Ubuntu:Pro:18.04:LTS",
"name": "openjdk-lts",
"purl": "pkg:deb/ubuntu/openjdk-lts@11.0.22+7-0ubuntu2~18.04.1?arch=source\u0026distro=esm-infra/bionic"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "11.0.22+7-0ubuntu2~18.04.1"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"9.0.4+12-2ubuntu4",
"9.0.4+12-4ubuntu1",
"10~46-4ubuntu1",
"10~46-5ubuntu1",
"10.0.1+10-1ubuntu2",
"10.0.1+10-3ubuntu1",
"10.0.2+13-1ubuntu0.18.04.1",
"10.0.2+13-1ubuntu0.18.04.2",
"10.0.2+13-1ubuntu0.18.04.3",
"10.0.2+13-1ubuntu0.18.04.4",
"11.0.2+9-3ubuntu1~18.04.3",
"11.0.3+7-1ubuntu2~18.04.1",
"11.0.4+11-1ubuntu2~18.04.3",
"11.0.5+10-0ubuntu1.1~18.04",
"11.0.6+10-1ubuntu1~18.04.1",
"11.0.7+10-2ubuntu2~18.04",
"11.0.8+10-0ubuntu1~18.04.1",
"11.0.9+11-0ubuntu1~18.04.1",
"11.0.9.1+1-0ubuntu1~18.04",
"11.0.10+9-0ubuntu1~18.04",
"11.0.11+9-0ubuntu2~18.04",
"11.0.13+8-0ubuntu1~18.04",
"11.0.14+9-0ubuntu2~18.04",
"11.0.14.1+1-0ubuntu1~18.04",
"11.0.15+10-0ubuntu0.18.04.1",
"11.0.16+8-0ubuntu1~18.04",
"11.0.17+8-1ubuntu2~18.04",
"11.0.18+10-0ubuntu1~18.04.1",
"11.0.19+7~us1-0ubuntu1~18.04.1",
"11.0.20+8-1ubuntu1~18.04",
"11.0.20.1+1-0ubuntu1~18.04",
"11.0.21+9-0ubuntu1~18.04"
]
},
{
"ecosystem_specific": {
"availability": "Available with Ubuntu Pro: https://ubuntu.com/pro",
"binaries": [
{
"binary_name": "openjdk-8-demo",
"binary_version": "8u402-ga-2ubuntu1~18.04"
},
{
"binary_name": "openjdk-8-jdk",
"binary_version": "8u402-ga-2ubuntu1~18.04"
},
{
"binary_name": "openjdk-8-jdk-headless",
"binary_version": "8u402-ga-2ubuntu1~18.04"
},
{
"binary_name": "openjdk-8-jre",
"binary_version": "8u402-ga-2ubuntu1~18.04"
},
{
"binary_name": "openjdk-8-jre-headless",
"binary_version": "8u402-ga-2ubuntu1~18.04"
},
{
"binary_name": "openjdk-8-jre-zero",
"binary_version": "8u402-ga-2ubuntu1~18.04"
},
{
"binary_name": "openjdk-8-source",
"binary_version": "8u402-ga-2ubuntu1~18.04"
}
]
},
"package": {
"ecosystem": "Ubuntu:Pro:18.04:LTS",
"name": "openjdk-8",
"purl": "pkg:deb/ubuntu/openjdk-8@8u402-ga-2ubuntu1~18.04?arch=source\u0026distro=esm-apps/bionic"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "8u402-ga-2ubuntu1~18.04"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"8u144-b01-2",
"8u151-b12-1",
"8u162-b12-1",
"8u171-b11-0ubuntu0.18.04.1",
"8u181-b13-0ubuntu0.18.04.1",
"8u181-b13-1ubuntu0.18.04.1",
"8u191-b12-0ubuntu0.18.04.1",
"8u191-b12-2ubuntu0.18.04.1",
"8u212-b03-0ubuntu1.18.04.1",
"8u222-b10-1ubuntu1~18.04.1",
"8u232-b09-0ubuntu1~18.04.1",
"8u242-b08-0ubuntu3~18.04",
"8u252-b09-1~18.04",
"8u265-b01-0ubuntu2~18.04",
"8u272-b10-0ubuntu1~18.04",
"8u275-b01-0ubuntu1~18.04",
"8u282-b08-0ubuntu1~18.04",
"8u292-b10-0ubuntu1~18.04",
"8u312-b07-0ubuntu1~18.04",
"8u342-b07-0ubuntu1~18.04",
"8u352-ga-1~18.04",
"8u362-ga-0ubuntu1~18.04.1",
"8u372-ga~us1-0ubuntu1~18.04",
"8u382-ga-1~18.04.1",
"8u392-ga-1~18.04"
]
},
{
"ecosystem_specific": {
"availability": "No subscription required",
"binaries": [
{
"binary_name": "openjdk-8-demo",
"binary_version": "8u402-ga-2ubuntu1~20.04"
},
{
"binary_name": "openjdk-8-jdk",
"binary_version": "8u402-ga-2ubuntu1~20.04"
},
{
"binary_name": "openjdk-8-jdk-headless",
"binary_version": "8u402-ga-2ubuntu1~20.04"
},
{
"binary_name": "openjdk-8-jre",
"binary_version": "8u402-ga-2ubuntu1~20.04"
},
{
"binary_name": "openjdk-8-jre-headless",
"binary_version": "8u402-ga-2ubuntu1~20.04"
},
{
"binary_name": "openjdk-8-jre-zero",
"binary_version": "8u402-ga-2ubuntu1~20.04"
},
{
"binary_name": "openjdk-8-source",
"binary_version": "8u402-ga-2ubuntu1~20.04"
}
]
},
"package": {
"ecosystem": "Ubuntu:20.04:LTS",
"name": "openjdk-8",
"purl": "pkg:deb/ubuntu/openjdk-8@8u402-ga-2ubuntu1~20.04?arch=source\u0026distro=focal"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "8u402-ga-2ubuntu1~20.04"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"8u232-b09-0ubuntu1",
"8u232-b09-1",
"8u242-b04-1",
"8u242-b08-0ubuntu3",
"8u252-b07-1",
"8u252-b09-1ubuntu1",
"8u265-b01-0ubuntu2~20.04",
"8u272-b10-0ubuntu1~20.04",
"8u275-b01-0ubuntu1~20.04",
"8u282-b08-0ubuntu1~20.04",
"8u292-b10-0ubuntu1~20.04",
"8u312-b07-0ubuntu1~20.04",
"8u342-b07-0ubuntu1~20.04",
"8u352-ga-1~20.04",
"8u362-ga-0ubuntu1~20.04.1",
"8u372-ga~us1-0ubuntu1~20.04",
"8u382-ga-1~20.04.1",
"8u392-ga-1~20.04"
]
},
{
"ecosystem_specific": {
"availability": "No subscription required",
"binaries": [
{
"binary_name": "openjdk-11-demo",
"binary_version": "11.0.22+7-0ubuntu2~20.04.1"
},
{
"binary_name": "openjdk-11-jdk",
"binary_version": "11.0.22+7-0ubuntu2~20.04.1"
},
{
"binary_name": "openjdk-11-jdk-headless",
"binary_version": "11.0.22+7-0ubuntu2~20.04.1"
},
{
"binary_name": "openjdk-11-jre",
"binary_version": "11.0.22+7-0ubuntu2~20.04.1"
},
{
"binary_name": "openjdk-11-jre-headless",
"binary_version": "11.0.22+7-0ubuntu2~20.04.1"
},
{
"binary_name": "openjdk-11-jre-zero",
"binary_version": "11.0.22+7-0ubuntu2~20.04.1"
},
{
"binary_name": "openjdk-11-source",
"binary_version": "11.0.22+7-0ubuntu2~20.04.1"
}
]
},
"package": {
"ecosystem": "Ubuntu:20.04:LTS",
"name": "openjdk-lts",
"purl": "pkg:deb/ubuntu/openjdk-lts@11.0.22+7-0ubuntu2~20.04.1?arch=source\u0026distro=focal"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "11.0.22+7-0ubuntu2~20.04.1"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"11.0.5+10-0ubuntu1",
"11.0.5+10-2ubuntu1",
"11.0.6+10-1ubuntu1",
"11.0.6+10-2ubuntu2",
"11.0.7+9-1ubuntu1",
"11.0.7+10-2ubuntu1",
"11.0.7+10-3ubuntu1",
"11.0.8+10-0ubuntu1~20.04",
"11.0.9+11-0ubuntu1~20.04",
"11.0.9.1+1-0ubuntu1~20.04",
"11.0.10+9-0ubuntu1~20.04",
"11.0.11+9-0ubuntu2~20.04",
"11.0.13+8-0ubuntu1~20.04",
"11.0.14+9-0ubuntu2~20.04",
"11.0.14.1+1-0ubuntu1~20.04",
"11.0.15+10-0ubuntu0.20.04.1",
"11.0.16+8-0ubuntu1~20.04",
"11.0.17+8-1ubuntu2~20.04",
"11.0.18+10-0ubuntu1~20.04.1",
"11.0.19+7~us1-0ubuntu1~20.04.1",
"11.0.20+8-1ubuntu1~20.04",
"11.0.20.1+1-0ubuntu1~20.04",
"11.0.21+9-0ubuntu1~20.04"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "openjdk-13-demo",
"binary_version": "13.0.7+5-0ubuntu1~20.04"
},
{
"binary_name": "openjdk-13-jdk",
"binary_version": "13.0.7+5-0ubuntu1~20.04"
},
{
"binary_name": "openjdk-13-jdk-headless",
"binary_version": "13.0.7+5-0ubuntu1~20.04"
},
{
"binary_name": "openjdk-13-jre",
"binary_version": "13.0.7+5-0ubuntu1~20.04"
},
{
"binary_name": "openjdk-13-jre-headless",
"binary_version": "13.0.7+5-0ubuntu1~20.04"
},
{
"binary_name": "openjdk-13-jre-zero",
"binary_version": "13.0.7+5-0ubuntu1~20.04"
},
{
"binary_name": "openjdk-13-source",
"binary_version": "13.0.7+5-0ubuntu1~20.04"
}
]
},
"package": {
"ecosystem": "Ubuntu:20.04:LTS",
"name": "openjdk-13",
"purl": "pkg:deb/ubuntu/openjdk-13@13.0.7+5-0ubuntu1~20.04?arch=source\u0026distro=focal"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"13+33-1",
"13.0.1+9-2",
"13.0.2+8-1",
"13.0.2+8-2",
"13.0.3+3-1ubuntu2",
"13.0.4+8-1~20.04",
"13.0.7+5-0ubuntu1~20.04"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "openjdk-16-demo",
"binary_version": "16.0.1+9-1~20.04"
},
{
"binary_name": "openjdk-16-jdk",
"binary_version": "16.0.1+9-1~20.04"
},
{
"binary_name": "openjdk-16-jdk-headless",
"binary_version": "16.0.1+9-1~20.04"
},
{
"binary_name": "openjdk-16-jre",
"binary_version": "16.0.1+9-1~20.04"
},
{
"binary_name": "openjdk-16-jre-headless",
"binary_version": "16.0.1+9-1~20.04"
},
{
"binary_name": "openjdk-16-jre-zero",
"binary_version": "16.0.1+9-1~20.04"
},
{
"binary_name": "openjdk-16-source",
"binary_version": "16.0.1+9-1~20.04"
}
]
},
"package": {
"ecosystem": "Ubuntu:20.04:LTS",
"name": "openjdk-16",
"purl": "pkg:deb/ubuntu/openjdk-16@16.0.1+9-1~20.04?arch=source\u0026distro=focal"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"16.0.1+9-1~20.04"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "openjdk-18-demo",
"binary_version": "18.0.2+9-2~22.04"
},
{
"binary_name": "openjdk-18-jdk",
"binary_version": "18.0.2+9-2~22.04"
},
{
"binary_name": "openjdk-18-jdk-headless",
"binary_version": "18.0.2+9-2~22.04"
},
{
"binary_name": "openjdk-18-jre",
"binary_version": "18.0.2+9-2~22.04"
},
{
"binary_name": "openjdk-18-jre-headless",
"binary_version": "18.0.2+9-2~22.04"
},
{
"binary_name": "openjdk-18-jre-zero",
"binary_version": "18.0.2+9-2~22.04"
},
{
"binary_name": "openjdk-18-source",
"binary_version": "18.0.2+9-2~22.04"
}
]
},
"package": {
"ecosystem": "Ubuntu:22.04:LTS",
"name": "openjdk-18",
"purl": "pkg:deb/ubuntu/openjdk-18@18.0.2+9-2~22.04?arch=source\u0026distro=jammy"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"18~15ea-4",
"18~20ea-1",
"18~32ea-1",
"18~36ea-1",
"18.0.2+9-2~22.04"
]
},
{
"ecosystem_specific": {
"availability": "No subscription required",
"binaries": [
{
"binary_name": "openjdk-8-demo",
"binary_version": "8u402-ga-2ubuntu1~22.04"
},
{
"binary_name": "openjdk-8-jdk",
"binary_version": "8u402-ga-2ubuntu1~22.04"
},
{
"binary_name": "openjdk-8-jdk-headless",
"binary_version": "8u402-ga-2ubuntu1~22.04"
},
{
"binary_name": "openjdk-8-jre",
"binary_version": "8u402-ga-2ubuntu1~22.04"
},
{
"binary_name": "openjdk-8-jre-headless",
"binary_version": "8u402-ga-2ubuntu1~22.04"
},
{
"binary_name": "openjdk-8-jre-zero",
"binary_version": "8u402-ga-2ubuntu1~22.04"
},
{
"binary_name": "openjdk-8-source",
"binary_version": "8u402-ga-2ubuntu1~22.04"
}
]
},
"package": {
"ecosystem": "Ubuntu:22.04:LTS",
"name": "openjdk-8",
"purl": "pkg:deb/ubuntu/openjdk-8@8u402-ga-2ubuntu1~22.04?arch=source\u0026distro=jammy"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "8u402-ga-2ubuntu1~22.04"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"8u302-b08-0ubuntu2",
"8u312-b07-0ubuntu1",
"8u342-b07-0ubuntu1~22.04",
"8u352-ga-1~22.04",
"8u362-ga-0ubuntu1~22.04",
"8u372-ga~us1-0ubuntu1~22.04",
"8u382-ga-1~22.04.1",
"8u392-ga-1~22.04"
]
},
{
"ecosystem_specific": {
"availability": "No subscription required",
"binaries": [
{
"binary_name": "openjdk-11-demo",
"binary_version": "11.0.22+7-0ubuntu2~22.04.1"
},
{
"binary_name": "openjdk-11-jdk",
"binary_version": "11.0.22+7-0ubuntu2~22.04.1"
},
{
"binary_name": "openjdk-11-jdk-headless",
"binary_version": "11.0.22+7-0ubuntu2~22.04.1"
},
{
"binary_name": "openjdk-11-jre",
"binary_version": "11.0.22+7-0ubuntu2~22.04.1"
},
{
"binary_name": "openjdk-11-jre-headless",
"binary_version": "11.0.22+7-0ubuntu2~22.04.1"
},
{
"binary_name": "openjdk-11-jre-zero",
"binary_version": "11.0.22+7-0ubuntu2~22.04.1"
},
{
"binary_name": "openjdk-11-source",
"binary_version": "11.0.22+7-0ubuntu2~22.04.1"
}
]
},
"package": {
"ecosystem": "Ubuntu:22.04:LTS",
"name": "openjdk-lts",
"purl": "pkg:deb/ubuntu/openjdk-lts@11.0.22+7-0ubuntu2~22.04.1?arch=source\u0026distro=jammy"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "11.0.22+7-0ubuntu2~22.04.1"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"11.0.12+7-0ubuntu3",
"11.0.13+8-0ubuntu1",
"11.0.14+9-0ubuntu2",
"11.0.14.1+1-0ubuntu1",
"11.0.15+10-0ubuntu0.22.04.1",
"11.0.16+8-0ubuntu1~22.04",
"11.0.17+8-1ubuntu2~22.04",
"11.0.18+10-0ubuntu1~22.04",
"11.0.19+7~us1-0ubuntu1~22.04.1",
"11.0.20+8-1ubuntu1~22.04",
"11.0.20.1+1-0ubuntu1~22.04",
"11.0.21+9-0ubuntu1~22.04"
]
}
],
"aliases": [],
"details": "Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Scripting). Supported versions that are affected are Oracle Java SE: 8u391, 8u391-perf, 11.0.21; Oracle GraalVM for JDK: 17.0.9; Oracle GraalVM Enterprise Edition: 20.3.12, 21.3.8 and 22.3.4. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. CVSS 3.1 Base Score 5.9 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N).",
"id": "UBUNTU-CVE-2024-20926",
"modified": "2025-12-02T05:09:59Z",
"published": "2024-01-16T22:15:00Z",
"references": [
{
"type": "REPORT",
"url": "https://ubuntu.com/security/CVE-2024-20926"
},
{
"type": "REPORT",
"url": "https://www.oracle.com/security-alerts/cpujan2024.html"
},
{
"type": "ADVISORY",
"url": "https://ubuntu.com/security/notices/USN-6660-1"
},
{
"type": "ADVISORY",
"url": "https://ubuntu.com/security/notices/USN-6696-1"
},
{
"type": "REPORT",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20926"
},
{
"type": "ADVISORY",
"url": "https://ubuntu.com/security/notices/USN-7096-1"
}
],
"related": [
"USN-6660-1",
"USN-6696-1",
"USN-7096-1"
],
"schema_version": "1.7.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
},
{
"score": "medium",
"type": "Ubuntu"
}
],
"upstream": [
"CVE-2024-20926"
]
}
ubuntu-cve-2024-20945
Vulnerability from osv_ubuntu
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Security). Supported versions that are affected are Oracle Java SE: 8u391, 8u391-perf, 11.0.21, 17.0.9, 21.0.1; Oracle GraalVM for JDK: 17.0.9, 21.0.1; Oracle GraalVM Enterprise Edition: 20.3.12, 21.3.8 and 22.3.4. Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition executes to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. CVSS 3.1 Base Score 4.7 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N).
| URL | Type | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"affected": [
{
"ecosystem_specific": {
"availability": "Available with Ubuntu Pro (Infra-only): https://ubuntu.com/pro",
"binaries": [
{
"binary_name": "openjdk-8-demo",
"binary_version": "8u432-ga~us1-0ubuntu2~16.04.4"
},
{
"binary_name": "openjdk-8-jdk",
"binary_version": "8u432-ga~us1-0ubuntu2~16.04.4"
},
{
"binary_name": "openjdk-8-jdk-headless",
"binary_version": "8u432-ga~us1-0ubuntu2~16.04.4"
},
{
"binary_name": "openjdk-8-jre",
"binary_version": "8u432-ga~us1-0ubuntu2~16.04.4"
},
{
"binary_name": "openjdk-8-jre-headless",
"binary_version": "8u432-ga~us1-0ubuntu2~16.04.4"
},
{
"binary_name": "openjdk-8-jre-jamvm",
"binary_version": "8u432-ga~us1-0ubuntu2~16.04.4"
},
{
"binary_name": "openjdk-8-jre-zero",
"binary_version": "8u432-ga~us1-0ubuntu2~16.04.4"
},
{
"binary_name": "openjdk-8-source",
"binary_version": "8u432-ga~us1-0ubuntu2~16.04.4"
}
]
},
"package": {
"ecosystem": "Ubuntu:Pro:16.04:LTS",
"name": "openjdk-8",
"purl": "pkg:deb/ubuntu/openjdk-8@8u432-ga~us1-0ubuntu2~16.04.4?arch=source\u0026distro=esm-infra/xenial"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "8u432-ga~us1-0ubuntu2~16.04.4"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"8u66-b01-5",
"8u72-b05-1ubuntu1",
"8u72-b05-5",
"8u72-b05-6",
"8u72-b15-1",
"8u72-b15-2ubuntu1",
"8u72-b15-2ubuntu3",
"8u72-b15-3ubuntu1",
"8u77-b03-1ubuntu2",
"8u77-b03-3ubuntu1",
"8u77-b03-3ubuntu2",
"8u77-b03-3ubuntu3",
"8u91-b14-0ubuntu4~16.04.1",
"8u91-b14-3ubuntu1~16.04.1",
"8u111-b14-2ubuntu0.16.04.2",
"8u121-b13-0ubuntu1.16.04.2",
"8u131-b11-0ubuntu1.16.04.2",
"8u131-b11-2ubuntu1.16.04.2",
"8u131-b11-2ubuntu1.16.04.3",
"8u151-b12-0ubuntu0.16.04.2",
"8u162-b12-0ubuntu0.16.04.2",
"8u171-b11-0ubuntu0.16.04.1",
"8u181-b13-0ubuntu0.16.04.1",
"8u181-b13-1ubuntu0.16.04.1",
"8u191-b12-0ubuntu0.16.04.1",
"8u191-b12-2ubuntu0.16.04.1",
"8u212-b03-0ubuntu1.16.04.1",
"8u222-b10-1ubuntu1~16.04.1",
"8u232-b09-0ubuntu1~16.04.1",
"8u242-b08-0ubuntu3~16.04",
"8u252-b09-1~16.04",
"8u265-b01-0ubuntu2~16.04",
"8u272-b10-0ubuntu1~16.04",
"8u275-b01-0ubuntu1~16.04",
"8u282-b08-0ubuntu1~16.04",
"8u292-b10-0ubuntu1~16.04.1",
"8u312-b07-0ubuntu1~16.04",
"8u342-b07-0ubuntu1~16.04",
"8u352-ga-1~16.04",
"8u362-ga-0ubuntu1~16.04.1",
"8u372-ga~us1-0ubuntu1~16.04",
"8u382-ga-1~16.04.1",
"8u392-ga-1~16.04"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "openjdk-9-demo",
"binary_version": "9~b114-0ubuntu1"
},
{
"binary_name": "openjdk-9-jdk",
"binary_version": "9~b114-0ubuntu1"
},
{
"binary_name": "openjdk-9-jdk-headless",
"binary_version": "9~b114-0ubuntu1"
},
{
"binary_name": "openjdk-9-jre",
"binary_version": "9~b114-0ubuntu1"
},
{
"binary_name": "openjdk-9-jre-headless",
"binary_version": "9~b114-0ubuntu1"
},
{
"binary_name": "openjdk-9-source",
"binary_version": "9~b114-0ubuntu1"
}
]
},
"package": {
"ecosystem": "Ubuntu:16.04:LTS",
"name": "openjdk-9",
"purl": "pkg:deb/ubuntu/openjdk-9@9~b114-0ubuntu1?arch=source\u0026distro=xenial"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"9~b88-1",
"9~b101-2ubuntu2",
"9~b102-1",
"9~b113-0ubuntu1",
"9~b114-0ubuntu1"
]
},
{
"ecosystem_specific": {
"availability": "Available with Ubuntu Pro (Infra-only): https://ubuntu.com/pro",
"binaries": [
{
"binary_name": "openjdk-11-demo",
"binary_version": "11.0.22+7-0ubuntu2~18.04.1"
},
{
"binary_name": "openjdk-11-jdk",
"binary_version": "11.0.22+7-0ubuntu2~18.04.1"
},
{
"binary_name": "openjdk-11-jdk-headless",
"binary_version": "11.0.22+7-0ubuntu2~18.04.1"
},
{
"binary_name": "openjdk-11-jre",
"binary_version": "11.0.22+7-0ubuntu2~18.04.1"
},
{
"binary_name": "openjdk-11-jre-headless",
"binary_version": "11.0.22+7-0ubuntu2~18.04.1"
},
{
"binary_name": "openjdk-11-jre-zero",
"binary_version": "11.0.22+7-0ubuntu2~18.04.1"
},
{
"binary_name": "openjdk-11-source",
"binary_version": "11.0.22+7-0ubuntu2~18.04.1"
}
]
},
"package": {
"ecosystem": "Ubuntu:Pro:18.04:LTS",
"name": "openjdk-lts",
"purl": "pkg:deb/ubuntu/openjdk-lts@11.0.22+7-0ubuntu2~18.04.1?arch=source\u0026distro=esm-infra/bionic"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "11.0.22+7-0ubuntu2~18.04.1"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"9.0.4+12-2ubuntu4",
"9.0.4+12-4ubuntu1",
"10~46-4ubuntu1",
"10~46-5ubuntu1",
"10.0.1+10-1ubuntu2",
"10.0.1+10-3ubuntu1",
"10.0.2+13-1ubuntu0.18.04.1",
"10.0.2+13-1ubuntu0.18.04.2",
"10.0.2+13-1ubuntu0.18.04.3",
"10.0.2+13-1ubuntu0.18.04.4",
"11.0.2+9-3ubuntu1~18.04.3",
"11.0.3+7-1ubuntu2~18.04.1",
"11.0.4+11-1ubuntu2~18.04.3",
"11.0.5+10-0ubuntu1.1~18.04",
"11.0.6+10-1ubuntu1~18.04.1",
"11.0.7+10-2ubuntu2~18.04",
"11.0.8+10-0ubuntu1~18.04.1",
"11.0.9+11-0ubuntu1~18.04.1",
"11.0.9.1+1-0ubuntu1~18.04",
"11.0.10+9-0ubuntu1~18.04",
"11.0.11+9-0ubuntu2~18.04",
"11.0.13+8-0ubuntu1~18.04",
"11.0.14+9-0ubuntu2~18.04",
"11.0.14.1+1-0ubuntu1~18.04",
"11.0.15+10-0ubuntu0.18.04.1",
"11.0.16+8-0ubuntu1~18.04",
"11.0.17+8-1ubuntu2~18.04",
"11.0.18+10-0ubuntu1~18.04.1",
"11.0.19+7~us1-0ubuntu1~18.04.1",
"11.0.20+8-1ubuntu1~18.04",
"11.0.20.1+1-0ubuntu1~18.04",
"11.0.21+9-0ubuntu1~18.04"
]
},
{
"ecosystem_specific": {
"availability": "Available with Ubuntu Pro: https://ubuntu.com/pro",
"binaries": [
{
"binary_name": "openjdk-17-demo",
"binary_version": "17.0.10+7-1~18.04.1"
},
{
"binary_name": "openjdk-17-jdk",
"binary_version": "17.0.10+7-1~18.04.1"
},
{
"binary_name": "openjdk-17-jdk-headless",
"binary_version": "17.0.10+7-1~18.04.1"
},
{
"binary_name": "openjdk-17-jre",
"binary_version": "17.0.10+7-1~18.04.1"
},
{
"binary_name": "openjdk-17-jre-headless",
"binary_version": "17.0.10+7-1~18.04.1"
},
{
"binary_name": "openjdk-17-jre-zero",
"binary_version": "17.0.10+7-1~18.04.1"
},
{
"binary_name": "openjdk-17-source",
"binary_version": "17.0.10+7-1~18.04.1"
}
]
},
"package": {
"ecosystem": "Ubuntu:Pro:18.04:LTS",
"name": "openjdk-17",
"purl": "pkg:deb/ubuntu/openjdk-17@17.0.10+7-1~18.04.1?arch=source\u0026distro=esm-apps/bionic"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "17.0.10+7-1~18.04.1"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"17+35-1~18.04",
"17.0.1+12-1~18.04",
"17.0.2+8-1~18.04",
"17.0.3+7-0ubuntu0.18.04.1",
"17.0.4+8-1~18.04",
"17.0.5+8-2ubuntu1~18.04",
"17.0.6+10-0ubuntu1~18.04.1",
"17.0.7+7~us1-0ubuntu1~18.04",
"17.0.8+7-1~18.04",
"17.0.8.1+1~us1-0ubuntu1~18.04",
"17.0.9+9-1~18.04"
]
},
{
"ecosystem_specific": {
"availability": "Available with Ubuntu Pro: https://ubuntu.com/pro",
"binaries": [
{
"binary_name": "openjdk-8-demo",
"binary_version": "8u402-ga-2ubuntu1~18.04"
},
{
"binary_name": "openjdk-8-jdk",
"binary_version": "8u402-ga-2ubuntu1~18.04"
},
{
"binary_name": "openjdk-8-jdk-headless",
"binary_version": "8u402-ga-2ubuntu1~18.04"
},
{
"binary_name": "openjdk-8-jre",
"binary_version": "8u402-ga-2ubuntu1~18.04"
},
{
"binary_name": "openjdk-8-jre-headless",
"binary_version": "8u402-ga-2ubuntu1~18.04"
},
{
"binary_name": "openjdk-8-jre-zero",
"binary_version": "8u402-ga-2ubuntu1~18.04"
},
{
"binary_name": "openjdk-8-source",
"binary_version": "8u402-ga-2ubuntu1~18.04"
}
]
},
"package": {
"ecosystem": "Ubuntu:Pro:18.04:LTS",
"name": "openjdk-8",
"purl": "pkg:deb/ubuntu/openjdk-8@8u402-ga-2ubuntu1~18.04?arch=source\u0026distro=esm-apps/bionic"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "8u402-ga-2ubuntu1~18.04"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"8u144-b01-2",
"8u151-b12-1",
"8u162-b12-1",
"8u171-b11-0ubuntu0.18.04.1",
"8u181-b13-0ubuntu0.18.04.1",
"8u181-b13-1ubuntu0.18.04.1",
"8u191-b12-0ubuntu0.18.04.1",
"8u191-b12-2ubuntu0.18.04.1",
"8u212-b03-0ubuntu1.18.04.1",
"8u222-b10-1ubuntu1~18.04.1",
"8u232-b09-0ubuntu1~18.04.1",
"8u242-b08-0ubuntu3~18.04",
"8u252-b09-1~18.04",
"8u265-b01-0ubuntu2~18.04",
"8u272-b10-0ubuntu1~18.04",
"8u275-b01-0ubuntu1~18.04",
"8u282-b08-0ubuntu1~18.04",
"8u292-b10-0ubuntu1~18.04",
"8u312-b07-0ubuntu1~18.04",
"8u342-b07-0ubuntu1~18.04",
"8u352-ga-1~18.04",
"8u362-ga-0ubuntu1~18.04.1",
"8u372-ga~us1-0ubuntu1~18.04",
"8u382-ga-1~18.04.1",
"8u392-ga-1~18.04"
]
},
{
"ecosystem_specific": {
"availability": "No subscription required",
"binaries": [
{
"binary_name": "openjdk-17-demo",
"binary_version": "17.0.10+7-1~20.04.1"
},
{
"binary_name": "openjdk-17-jdk",
"binary_version": "17.0.10+7-1~20.04.1"
},
{
"binary_name": "openjdk-17-jdk-headless",
"binary_version": "17.0.10+7-1~20.04.1"
},
{
"binary_name": "openjdk-17-jre",
"binary_version": "17.0.10+7-1~20.04.1"
},
{
"binary_name": "openjdk-17-jre-headless",
"binary_version": "17.0.10+7-1~20.04.1"
},
{
"binary_name": "openjdk-17-jre-zero",
"binary_version": "17.0.10+7-1~20.04.1"
},
{
"binary_name": "openjdk-17-source",
"binary_version": "17.0.10+7-1~20.04.1"
}
]
},
"package": {
"ecosystem": "Ubuntu:20.04:LTS",
"name": "openjdk-17",
"purl": "pkg:deb/ubuntu/openjdk-17@17.0.10+7-1~20.04.1?arch=source\u0026distro=focal"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "17.0.10+7-1~20.04.1"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"17+35-1~20.04",
"17.0.1+12-1~20.04",
"17.0.2+8-1~20.04",
"17.0.3+7-0ubuntu0.20.04.1",
"17.0.4+8-1~20.04",
"17.0.5+8-2ubuntu1~20.04",
"17.0.6+10-0ubuntu1~20.04.1",
"17.0.7+7~us1-0ubuntu1~20.04",
"17.0.8+7-1~20.04.2",
"17.0.8.1+1~us1-0ubuntu1~20.04",
"17.0.9+9-1~20.04"
]
},
{
"ecosystem_specific": {
"availability": "No subscription required",
"binaries": [
{
"binary_name": "openjdk-21-demo",
"binary_version": "21.0.2+13-1~20.04.1"
},
{
"binary_name": "openjdk-21-jdk",
"binary_version": "21.0.2+13-1~20.04.1"
},
{
"binary_name": "openjdk-21-jdk-headless",
"binary_version": "21.0.2+13-1~20.04.1"
},
{
"binary_name": "openjdk-21-jre",
"binary_version": "21.0.2+13-1~20.04.1"
},
{
"binary_name": "openjdk-21-jre-headless",
"binary_version": "21.0.2+13-1~20.04.1"
},
{
"binary_name": "openjdk-21-jre-zero",
"binary_version": "21.0.2+13-1~20.04.1"
},
{
"binary_name": "openjdk-21-source",
"binary_version": "21.0.2+13-1~20.04.1"
}
]
},
"package": {
"ecosystem": "Ubuntu:20.04:LTS",
"name": "openjdk-21",
"purl": "pkg:deb/ubuntu/openjdk-21@21.0.2+13-1~20.04.1?arch=source\u0026distro=focal"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "21.0.2+13-1~20.04.1"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"21.0.1+12-2~20.04.1"
]
},
{
"ecosystem_specific": {
"availability": "No subscription required",
"binaries": [
{
"binary_name": "openjdk-8-demo",
"binary_version": "8u402-ga-2ubuntu1~20.04"
},
{
"binary_name": "openjdk-8-jdk",
"binary_version": "8u402-ga-2ubuntu1~20.04"
},
{
"binary_name": "openjdk-8-jdk-headless",
"binary_version": "8u402-ga-2ubuntu1~20.04"
},
{
"binary_name": "openjdk-8-jre",
"binary_version": "8u402-ga-2ubuntu1~20.04"
},
{
"binary_name": "openjdk-8-jre-headless",
"binary_version": "8u402-ga-2ubuntu1~20.04"
},
{
"binary_name": "openjdk-8-jre-zero",
"binary_version": "8u402-ga-2ubuntu1~20.04"
},
{
"binary_name": "openjdk-8-source",
"binary_version": "8u402-ga-2ubuntu1~20.04"
}
]
},
"package": {
"ecosystem": "Ubuntu:20.04:LTS",
"name": "openjdk-8",
"purl": "pkg:deb/ubuntu/openjdk-8@8u402-ga-2ubuntu1~20.04?arch=source\u0026distro=focal"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "8u402-ga-2ubuntu1~20.04"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"8u232-b09-0ubuntu1",
"8u232-b09-1",
"8u242-b04-1",
"8u242-b08-0ubuntu3",
"8u252-b07-1",
"8u252-b09-1ubuntu1",
"8u265-b01-0ubuntu2~20.04",
"8u272-b10-0ubuntu1~20.04",
"8u275-b01-0ubuntu1~20.04",
"8u282-b08-0ubuntu1~20.04",
"8u292-b10-0ubuntu1~20.04",
"8u312-b07-0ubuntu1~20.04",
"8u342-b07-0ubuntu1~20.04",
"8u352-ga-1~20.04",
"8u362-ga-0ubuntu1~20.04.1",
"8u372-ga~us1-0ubuntu1~20.04",
"8u382-ga-1~20.04.1",
"8u392-ga-1~20.04"
]
},
{
"ecosystem_specific": {
"availability": "No subscription required",
"binaries": [
{
"binary_name": "openjdk-11-demo",
"binary_version": "11.0.22+7-0ubuntu2~20.04.1"
},
{
"binary_name": "openjdk-11-jdk",
"binary_version": "11.0.22+7-0ubuntu2~20.04.1"
},
{
"binary_name": "openjdk-11-jdk-headless",
"binary_version": "11.0.22+7-0ubuntu2~20.04.1"
},
{
"binary_name": "openjdk-11-jre",
"binary_version": "11.0.22+7-0ubuntu2~20.04.1"
},
{
"binary_name": "openjdk-11-jre-headless",
"binary_version": "11.0.22+7-0ubuntu2~20.04.1"
},
{
"binary_name": "openjdk-11-jre-zero",
"binary_version": "11.0.22+7-0ubuntu2~20.04.1"
},
{
"binary_name": "openjdk-11-source",
"binary_version": "11.0.22+7-0ubuntu2~20.04.1"
}
]
},
"package": {
"ecosystem": "Ubuntu:20.04:LTS",
"name": "openjdk-lts",
"purl": "pkg:deb/ubuntu/openjdk-lts@11.0.22+7-0ubuntu2~20.04.1?arch=source\u0026distro=focal"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "11.0.22+7-0ubuntu2~20.04.1"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"11.0.5+10-0ubuntu1",
"11.0.5+10-2ubuntu1",
"11.0.6+10-1ubuntu1",
"11.0.6+10-2ubuntu2",
"11.0.7+9-1ubuntu1",
"11.0.7+10-2ubuntu1",
"11.0.7+10-3ubuntu1",
"11.0.8+10-0ubuntu1~20.04",
"11.0.9+11-0ubuntu1~20.04",
"11.0.9.1+1-0ubuntu1~20.04",
"11.0.10+9-0ubuntu1~20.04",
"11.0.11+9-0ubuntu2~20.04",
"11.0.13+8-0ubuntu1~20.04",
"11.0.14+9-0ubuntu2~20.04",
"11.0.14.1+1-0ubuntu1~20.04",
"11.0.15+10-0ubuntu0.20.04.1",
"11.0.16+8-0ubuntu1~20.04",
"11.0.17+8-1ubuntu2~20.04",
"11.0.18+10-0ubuntu1~20.04.1",
"11.0.19+7~us1-0ubuntu1~20.04.1",
"11.0.20+8-1ubuntu1~20.04",
"11.0.20.1+1-0ubuntu1~20.04",
"11.0.21+9-0ubuntu1~20.04"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "openjdk-13-demo",
"binary_version": "13.0.7+5-0ubuntu1~20.04"
},
{
"binary_name": "openjdk-13-jdk",
"binary_version": "13.0.7+5-0ubuntu1~20.04"
},
{
"binary_name": "openjdk-13-jdk-headless",
"binary_version": "13.0.7+5-0ubuntu1~20.04"
},
{
"binary_name": "openjdk-13-jre",
"binary_version": "13.0.7+5-0ubuntu1~20.04"
},
{
"binary_name": "openjdk-13-jre-headless",
"binary_version": "13.0.7+5-0ubuntu1~20.04"
},
{
"binary_name": "openjdk-13-jre-zero",
"binary_version": "13.0.7+5-0ubuntu1~20.04"
},
{
"binary_name": "openjdk-13-source",
"binary_version": "13.0.7+5-0ubuntu1~20.04"
}
]
},
"package": {
"ecosystem": "Ubuntu:20.04:LTS",
"name": "openjdk-13",
"purl": "pkg:deb/ubuntu/openjdk-13@13.0.7+5-0ubuntu1~20.04?arch=source\u0026distro=focal"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"13+33-1",
"13.0.1+9-2",
"13.0.2+8-1",
"13.0.2+8-2",
"13.0.3+3-1ubuntu2",
"13.0.4+8-1~20.04",
"13.0.7+5-0ubuntu1~20.04"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "openjdk-16-demo",
"binary_version": "16.0.1+9-1~20.04"
},
{
"binary_name": "openjdk-16-jdk",
"binary_version": "16.0.1+9-1~20.04"
},
{
"binary_name": "openjdk-16-jdk-headless",
"binary_version": "16.0.1+9-1~20.04"
},
{
"binary_name": "openjdk-16-jre",
"binary_version": "16.0.1+9-1~20.04"
},
{
"binary_name": "openjdk-16-jre-headless",
"binary_version": "16.0.1+9-1~20.04"
},
{
"binary_name": "openjdk-16-jre-zero",
"binary_version": "16.0.1+9-1~20.04"
},
{
"binary_name": "openjdk-16-source",
"binary_version": "16.0.1+9-1~20.04"
}
]
},
"package": {
"ecosystem": "Ubuntu:20.04:LTS",
"name": "openjdk-16",
"purl": "pkg:deb/ubuntu/openjdk-16@16.0.1+9-1~20.04?arch=source\u0026distro=focal"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"16.0.1+9-1~20.04"
]
},
{
"ecosystem_specific": {
"availability": "No subscription required",
"binaries": [
{
"binary_name": "openjdk-17-demo",
"binary_version": "17.0.10+7-1~22.04.1"
},
{
"binary_name": "openjdk-17-jdk",
"binary_version": "17.0.10+7-1~22.04.1"
},
{
"binary_name": "openjdk-17-jdk-headless",
"binary_version": "17.0.10+7-1~22.04.1"
},
{
"binary_name": "openjdk-17-jre",
"binary_version": "17.0.10+7-1~22.04.1"
},
{
"binary_name": "openjdk-17-jre-headless",
"binary_version": "17.0.10+7-1~22.04.1"
},
{
"binary_name": "openjdk-17-jre-zero",
"binary_version": "17.0.10+7-1~22.04.1"
},
{
"binary_name": "openjdk-17-source",
"binary_version": "17.0.10+7-1~22.04.1"
}
]
},
"package": {
"ecosystem": "Ubuntu:22.04:LTS",
"name": "openjdk-17",
"purl": "pkg:deb/ubuntu/openjdk-17@17.0.10+7-1~22.04.1?arch=source\u0026distro=jammy"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "17.0.10+7-1~22.04.1"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"17+35-1",
"17.0.1+12-1",
"17.0.2+8-1",
"17.0.3+7-0ubuntu0.22.04.1",
"17.0.4+8-1~22.04",
"17.0.5+8-2ubuntu1~22.04",
"17.0.6+10-0ubuntu1~22.04",
"17.0.7+7~us1-0ubuntu1~22.04.2",
"17.0.8+7-1~22.04",
"17.0.8.1+1~us1-0ubuntu1~22.04",
"17.0.9+9-1~22.04"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "openjdk-18-demo",
"binary_version": "18.0.2+9-2~22.04"
},
{
"binary_name": "openjdk-18-jdk",
"binary_version": "18.0.2+9-2~22.04"
},
{
"binary_name": "openjdk-18-jdk-headless",
"binary_version": "18.0.2+9-2~22.04"
},
{
"binary_name": "openjdk-18-jre",
"binary_version": "18.0.2+9-2~22.04"
},
{
"binary_name": "openjdk-18-jre-headless",
"binary_version": "18.0.2+9-2~22.04"
},
{
"binary_name": "openjdk-18-jre-zero",
"binary_version": "18.0.2+9-2~22.04"
},
{
"binary_name": "openjdk-18-source",
"binary_version": "18.0.2+9-2~22.04"
}
]
},
"package": {
"ecosystem": "Ubuntu:22.04:LTS",
"name": "openjdk-18",
"purl": "pkg:deb/ubuntu/openjdk-18@18.0.2+9-2~22.04?arch=source\u0026distro=jammy"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"18~15ea-4",
"18~20ea-1",
"18~32ea-1",
"18~36ea-1",
"18.0.2+9-2~22.04"
]
},
{
"ecosystem_specific": {
"availability": "No subscription required",
"binaries": [
{
"binary_name": "openjdk-21-demo",
"binary_version": "21.0.2+13-1~22.04.1"
},
{
"binary_name": "openjdk-21-jdk",
"binary_version": "21.0.2+13-1~22.04.1"
},
{
"binary_name": "openjdk-21-jdk-headless",
"binary_version": "21.0.2+13-1~22.04.1"
},
{
"binary_name": "openjdk-21-jre",
"binary_version": "21.0.2+13-1~22.04.1"
},
{
"binary_name": "openjdk-21-jre-headless",
"binary_version": "21.0.2+13-1~22.04.1"
},
{
"binary_name": "openjdk-21-jre-zero",
"binary_version": "21.0.2+13-1~22.04.1"
},
{
"binary_name": "openjdk-21-source",
"binary_version": "21.0.2+13-1~22.04.1"
}
]
},
"package": {
"ecosystem": "Ubuntu:22.04:LTS",
"name": "openjdk-21",
"purl": "pkg:deb/ubuntu/openjdk-21@21.0.2+13-1~22.04.1?arch=source\u0026distro=jammy"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "21.0.2+13-1~22.04.1"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"21.0.1+12-2~22.04"
]
},
{
"ecosystem_specific": {
"availability": "No subscription required",
"binaries": [
{
"binary_name": "openjdk-8-demo",
"binary_version": "8u402-ga-2ubuntu1~22.04"
},
{
"binary_name": "openjdk-8-jdk",
"binary_version": "8u402-ga-2ubuntu1~22.04"
},
{
"binary_name": "openjdk-8-jdk-headless",
"binary_version": "8u402-ga-2ubuntu1~22.04"
},
{
"binary_name": "openjdk-8-jre",
"binary_version": "8u402-ga-2ubuntu1~22.04"
},
{
"binary_name": "openjdk-8-jre-headless",
"binary_version": "8u402-ga-2ubuntu1~22.04"
},
{
"binary_name": "openjdk-8-jre-zero",
"binary_version": "8u402-ga-2ubuntu1~22.04"
},
{
"binary_name": "openjdk-8-source",
"binary_version": "8u402-ga-2ubuntu1~22.04"
}
]
},
"package": {
"ecosystem": "Ubuntu:22.04:LTS",
"name": "openjdk-8",
"purl": "pkg:deb/ubuntu/openjdk-8@8u402-ga-2ubuntu1~22.04?arch=source\u0026distro=jammy"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "8u402-ga-2ubuntu1~22.04"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"8u302-b08-0ubuntu2",
"8u312-b07-0ubuntu1",
"8u342-b07-0ubuntu1~22.04",
"8u352-ga-1~22.04",
"8u362-ga-0ubuntu1~22.04",
"8u372-ga~us1-0ubuntu1~22.04",
"8u382-ga-1~22.04.1",
"8u392-ga-1~22.04"
]
},
{
"ecosystem_specific": {
"availability": "No subscription required",
"binaries": [
{
"binary_name": "openjdk-11-demo",
"binary_version": "11.0.22+7-0ubuntu2~22.04.1"
},
{
"binary_name": "openjdk-11-jdk",
"binary_version": "11.0.22+7-0ubuntu2~22.04.1"
},
{
"binary_name": "openjdk-11-jdk-headless",
"binary_version": "11.0.22+7-0ubuntu2~22.04.1"
},
{
"binary_name": "openjdk-11-jre",
"binary_version": "11.0.22+7-0ubuntu2~22.04.1"
},
{
"binary_name": "openjdk-11-jre-headless",
"binary_version": "11.0.22+7-0ubuntu2~22.04.1"
},
{
"binary_name": "openjdk-11-jre-zero",
"binary_version": "11.0.22+7-0ubuntu2~22.04.1"
},
{
"binary_name": "openjdk-11-source",
"binary_version": "11.0.22+7-0ubuntu2~22.04.1"
}
]
},
"package": {
"ecosystem": "Ubuntu:22.04:LTS",
"name": "openjdk-lts",
"purl": "pkg:deb/ubuntu/openjdk-lts@11.0.22+7-0ubuntu2~22.04.1?arch=source\u0026distro=jammy"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "11.0.22+7-0ubuntu2~22.04.1"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"11.0.12+7-0ubuntu3",
"11.0.13+8-0ubuntu1",
"11.0.14+9-0ubuntu2",
"11.0.14.1+1-0ubuntu1",
"11.0.15+10-0ubuntu0.22.04.1",
"11.0.16+8-0ubuntu1~22.04",
"11.0.17+8-1ubuntu2~22.04",
"11.0.18+10-0ubuntu1~22.04",
"11.0.19+7~us1-0ubuntu1~22.04.1",
"11.0.20+8-1ubuntu1~22.04",
"11.0.20.1+1-0ubuntu1~22.04",
"11.0.21+9-0ubuntu1~22.04"
]
}
],
"aliases": [],
"details": "Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Security). Supported versions that are affected are Oracle Java SE: 8u391, 8u391-perf, 11.0.21, 17.0.9, 21.0.1; Oracle GraalVM for JDK: 17.0.9, 21.0.1; Oracle GraalVM Enterprise Edition: 20.3.12, 21.3.8 and 22.3.4. Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition executes to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. CVSS 3.1 Base Score 4.7 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N).",
"id": "UBUNTU-CVE-2024-20945",
"modified": "2025-12-02T05:09:59Z",
"published": "2024-02-17T02:15:00Z",
"references": [
{
"type": "REPORT",
"url": "https://ubuntu.com/security/CVE-2024-20945"
},
{
"type": "ADVISORY",
"url": "https://ubuntu.com/security/notices/USN-6660-1"
},
{
"type": "ADVISORY",
"url": "https://ubuntu.com/security/notices/USN-6661-1"
},
{
"type": "ADVISORY",
"url": "https://ubuntu.com/security/notices/USN-6662-1"
},
{
"type": "ADVISORY",
"url": "https://ubuntu.com/security/notices/USN-6696-1"
},
{
"type": "REPORT",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20945"
},
{
"type": "ADVISORY",
"url": "https://ubuntu.com/security/notices/USN-7096-1"
}
],
"related": [
"USN-6660-1",
"USN-6661-1",
"USN-6662-1",
"USN-6696-1",
"USN-7096-1"
],
"schema_version": "1.7.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
},
{
"score": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
},
{
"score": "medium",
"type": "Ubuntu"
}
],
"upstream": [
"CVE-2024-20945"
]
}
ubuntu-cve-2024-20952
Vulnerability from osv_ubuntu
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Security). Supported versions that are affected are Oracle Java SE: 8u391, 8u391-perf, 11.0.21, 17.0.9, 21.0.1; Oracle GraalVM for JDK: 17.0.9, 21.0.1; Oracle GraalVM Enterprise Edition: 20.3.12, 21.3.8 and 22.3.4. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data as well as unauthorized access to critical data or complete access to all Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.1 Base Score 7.4 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N).
| URL | Type | |||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
{
"affected": [
{
"ecosystem_specific": {
"availability": "Available with Ubuntu Pro (Infra-only): https://ubuntu.com/pro",
"binaries": [
{
"binary_name": "openjdk-8-demo",
"binary_version": "8u432-ga~us1-0ubuntu2~16.04.4"
},
{
"binary_name": "openjdk-8-jdk",
"binary_version": "8u432-ga~us1-0ubuntu2~16.04.4"
},
{
"binary_name": "openjdk-8-jdk-headless",
"binary_version": "8u432-ga~us1-0ubuntu2~16.04.4"
},
{
"binary_name": "openjdk-8-jre",
"binary_version": "8u432-ga~us1-0ubuntu2~16.04.4"
},
{
"binary_name": "openjdk-8-jre-headless",
"binary_version": "8u432-ga~us1-0ubuntu2~16.04.4"
},
{
"binary_name": "openjdk-8-jre-jamvm",
"binary_version": "8u432-ga~us1-0ubuntu2~16.04.4"
},
{
"binary_name": "openjdk-8-jre-zero",
"binary_version": "8u432-ga~us1-0ubuntu2~16.04.4"
},
{
"binary_name": "openjdk-8-source",
"binary_version": "8u432-ga~us1-0ubuntu2~16.04.4"
}
]
},
"package": {
"ecosystem": "Ubuntu:Pro:16.04:LTS",
"name": "openjdk-8",
"purl": "pkg:deb/ubuntu/openjdk-8@8u432-ga~us1-0ubuntu2~16.04.4?arch=source\u0026distro=esm-infra/xenial"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "8u432-ga~us1-0ubuntu2~16.04.4"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"8u66-b01-5",
"8u72-b05-1ubuntu1",
"8u72-b05-5",
"8u72-b05-6",
"8u72-b15-1",
"8u72-b15-2ubuntu1",
"8u72-b15-2ubuntu3",
"8u72-b15-3ubuntu1",
"8u77-b03-1ubuntu2",
"8u77-b03-3ubuntu1",
"8u77-b03-3ubuntu2",
"8u77-b03-3ubuntu3",
"8u91-b14-0ubuntu4~16.04.1",
"8u91-b14-3ubuntu1~16.04.1",
"8u111-b14-2ubuntu0.16.04.2",
"8u121-b13-0ubuntu1.16.04.2",
"8u131-b11-0ubuntu1.16.04.2",
"8u131-b11-2ubuntu1.16.04.2",
"8u131-b11-2ubuntu1.16.04.3",
"8u151-b12-0ubuntu0.16.04.2",
"8u162-b12-0ubuntu0.16.04.2",
"8u171-b11-0ubuntu0.16.04.1",
"8u181-b13-0ubuntu0.16.04.1",
"8u181-b13-1ubuntu0.16.04.1",
"8u191-b12-0ubuntu0.16.04.1",
"8u191-b12-2ubuntu0.16.04.1",
"8u212-b03-0ubuntu1.16.04.1",
"8u222-b10-1ubuntu1~16.04.1",
"8u232-b09-0ubuntu1~16.04.1",
"8u242-b08-0ubuntu3~16.04",
"8u252-b09-1~16.04",
"8u265-b01-0ubuntu2~16.04",
"8u272-b10-0ubuntu1~16.04",
"8u275-b01-0ubuntu1~16.04",
"8u282-b08-0ubuntu1~16.04",
"8u292-b10-0ubuntu1~16.04.1",
"8u312-b07-0ubuntu1~16.04",
"8u342-b07-0ubuntu1~16.04",
"8u352-ga-1~16.04",
"8u362-ga-0ubuntu1~16.04.1",
"8u372-ga~us1-0ubuntu1~16.04",
"8u382-ga-1~16.04.1",
"8u392-ga-1~16.04"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "openjdk-9-demo",
"binary_version": "9~b114-0ubuntu1"
},
{
"binary_name": "openjdk-9-jdk",
"binary_version": "9~b114-0ubuntu1"
},
{
"binary_name": "openjdk-9-jdk-headless",
"binary_version": "9~b114-0ubuntu1"
},
{
"binary_name": "openjdk-9-jre",
"binary_version": "9~b114-0ubuntu1"
},
{
"binary_name": "openjdk-9-jre-headless",
"binary_version": "9~b114-0ubuntu1"
},
{
"binary_name": "openjdk-9-source",
"binary_version": "9~b114-0ubuntu1"
}
]
},
"package": {
"ecosystem": "Ubuntu:16.04:LTS",
"name": "openjdk-9",
"purl": "pkg:deb/ubuntu/openjdk-9@9~b114-0ubuntu1?arch=source\u0026distro=xenial"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"9~b88-1",
"9~b101-2ubuntu2",
"9~b102-1",
"9~b113-0ubuntu1",
"9~b114-0ubuntu1"
]
},
{
"ecosystem_specific": {
"availability": "Available with Ubuntu Pro (Infra-only): https://ubuntu.com/pro",
"binaries": [
{
"binary_name": "openjdk-11-demo",
"binary_version": "11.0.22+7-0ubuntu2~18.04.1"
},
{
"binary_name": "openjdk-11-jdk",
"binary_version": "11.0.22+7-0ubuntu2~18.04.1"
},
{
"binary_name": "openjdk-11-jdk-headless",
"binary_version": "11.0.22+7-0ubuntu2~18.04.1"
},
{
"binary_name": "openjdk-11-jre",
"binary_version": "11.0.22+7-0ubuntu2~18.04.1"
},
{
"binary_name": "openjdk-11-jre-headless",
"binary_version": "11.0.22+7-0ubuntu2~18.04.1"
},
{
"binary_name": "openjdk-11-jre-zero",
"binary_version": "11.0.22+7-0ubuntu2~18.04.1"
},
{
"binary_name": "openjdk-11-source",
"binary_version": "11.0.22+7-0ubuntu2~18.04.1"
}
]
},
"package": {
"ecosystem": "Ubuntu:Pro:18.04:LTS",
"name": "openjdk-lts",
"purl": "pkg:deb/ubuntu/openjdk-lts@11.0.22+7-0ubuntu2~18.04.1?arch=source\u0026distro=esm-infra/bionic"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "11.0.22+7-0ubuntu2~18.04.1"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"9.0.4+12-2ubuntu4",
"9.0.4+12-4ubuntu1",
"10~46-4ubuntu1",
"10~46-5ubuntu1",
"10.0.1+10-1ubuntu2",
"10.0.1+10-3ubuntu1",
"10.0.2+13-1ubuntu0.18.04.1",
"10.0.2+13-1ubuntu0.18.04.2",
"10.0.2+13-1ubuntu0.18.04.3",
"10.0.2+13-1ubuntu0.18.04.4",
"11.0.2+9-3ubuntu1~18.04.3",
"11.0.3+7-1ubuntu2~18.04.1",
"11.0.4+11-1ubuntu2~18.04.3",
"11.0.5+10-0ubuntu1.1~18.04",
"11.0.6+10-1ubuntu1~18.04.1",
"11.0.7+10-2ubuntu2~18.04",
"11.0.8+10-0ubuntu1~18.04.1",
"11.0.9+11-0ubuntu1~18.04.1",
"11.0.9.1+1-0ubuntu1~18.04",
"11.0.10+9-0ubuntu1~18.04",
"11.0.11+9-0ubuntu2~18.04",
"11.0.13+8-0ubuntu1~18.04",
"11.0.14+9-0ubuntu2~18.04",
"11.0.14.1+1-0ubuntu1~18.04",
"11.0.15+10-0ubuntu0.18.04.1",
"11.0.16+8-0ubuntu1~18.04",
"11.0.17+8-1ubuntu2~18.04",
"11.0.18+10-0ubuntu1~18.04.1",
"11.0.19+7~us1-0ubuntu1~18.04.1",
"11.0.20+8-1ubuntu1~18.04",
"11.0.20.1+1-0ubuntu1~18.04",
"11.0.21+9-0ubuntu1~18.04"
]
},
{
"ecosystem_specific": {
"availability": "Available with Ubuntu Pro: https://ubuntu.com/pro",
"binaries": [
{
"binary_name": "openjdk-17-demo",
"binary_version": "17.0.10+7-1~18.04.1"
},
{
"binary_name": "openjdk-17-jdk",
"binary_version": "17.0.10+7-1~18.04.1"
},
{
"binary_name": "openjdk-17-jdk-headless",
"binary_version": "17.0.10+7-1~18.04.1"
},
{
"binary_name": "openjdk-17-jre",
"binary_version": "17.0.10+7-1~18.04.1"
},
{
"binary_name": "openjdk-17-jre-headless",
"binary_version": "17.0.10+7-1~18.04.1"
},
{
"binary_name": "openjdk-17-jre-zero",
"binary_version": "17.0.10+7-1~18.04.1"
},
{
"binary_name": "openjdk-17-source",
"binary_version": "17.0.10+7-1~18.04.1"
}
]
},
"package": {
"ecosystem": "Ubuntu:Pro:18.04:LTS",
"name": "openjdk-17",
"purl": "pkg:deb/ubuntu/openjdk-17@17.0.10+7-1~18.04.1?arch=source\u0026distro=esm-apps/bionic"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "17.0.10+7-1~18.04.1"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"17+35-1~18.04",
"17.0.1+12-1~18.04",
"17.0.2+8-1~18.04",
"17.0.3+7-0ubuntu0.18.04.1",
"17.0.4+8-1~18.04",
"17.0.5+8-2ubuntu1~18.04",
"17.0.6+10-0ubuntu1~18.04.1",
"17.0.7+7~us1-0ubuntu1~18.04",
"17.0.8+7-1~18.04",
"17.0.8.1+1~us1-0ubuntu1~18.04",
"17.0.9+9-1~18.04"
]
},
{
"ecosystem_specific": {
"availability": "Available with Ubuntu Pro: https://ubuntu.com/pro",
"binaries": [
{
"binary_name": "openjdk-8-demo",
"binary_version": "8u402-ga-2ubuntu1~18.04"
},
{
"binary_name": "openjdk-8-jdk",
"binary_version": "8u402-ga-2ubuntu1~18.04"
},
{
"binary_name": "openjdk-8-jdk-headless",
"binary_version": "8u402-ga-2ubuntu1~18.04"
},
{
"binary_name": "openjdk-8-jre",
"binary_version": "8u402-ga-2ubuntu1~18.04"
},
{
"binary_name": "openjdk-8-jre-headless",
"binary_version": "8u402-ga-2ubuntu1~18.04"
},
{
"binary_name": "openjdk-8-jre-zero",
"binary_version": "8u402-ga-2ubuntu1~18.04"
},
{
"binary_name": "openjdk-8-source",
"binary_version": "8u402-ga-2ubuntu1~18.04"
}
]
},
"package": {
"ecosystem": "Ubuntu:Pro:18.04:LTS",
"name": "openjdk-8",
"purl": "pkg:deb/ubuntu/openjdk-8@8u402-ga-2ubuntu1~18.04?arch=source\u0026distro=esm-apps/bionic"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "8u402-ga-2ubuntu1~18.04"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"8u144-b01-2",
"8u151-b12-1",
"8u162-b12-1",
"8u171-b11-0ubuntu0.18.04.1",
"8u181-b13-0ubuntu0.18.04.1",
"8u181-b13-1ubuntu0.18.04.1",
"8u191-b12-0ubuntu0.18.04.1",
"8u191-b12-2ubuntu0.18.04.1",
"8u212-b03-0ubuntu1.18.04.1",
"8u222-b10-1ubuntu1~18.04.1",
"8u232-b09-0ubuntu1~18.04.1",
"8u242-b08-0ubuntu3~18.04",
"8u252-b09-1~18.04",
"8u265-b01-0ubuntu2~18.04",
"8u272-b10-0ubuntu1~18.04",
"8u275-b01-0ubuntu1~18.04",
"8u282-b08-0ubuntu1~18.04",
"8u292-b10-0ubuntu1~18.04",
"8u312-b07-0ubuntu1~18.04",
"8u342-b07-0ubuntu1~18.04",
"8u352-ga-1~18.04",
"8u362-ga-0ubuntu1~18.04.1",
"8u372-ga~us1-0ubuntu1~18.04",
"8u382-ga-1~18.04.1",
"8u392-ga-1~18.04"
]
},
{
"ecosystem_specific": {
"availability": "No subscription required",
"binaries": [
{
"binary_name": "openjdk-17-demo",
"binary_version": "17.0.10+7-1~20.04.1"
},
{
"binary_name": "openjdk-17-jdk",
"binary_version": "17.0.10+7-1~20.04.1"
},
{
"binary_name": "openjdk-17-jdk-headless",
"binary_version": "17.0.10+7-1~20.04.1"
},
{
"binary_name": "openjdk-17-jre",
"binary_version": "17.0.10+7-1~20.04.1"
},
{
"binary_name": "openjdk-17-jre-headless",
"binary_version": "17.0.10+7-1~20.04.1"
},
{
"binary_name": "openjdk-17-jre-zero",
"binary_version": "17.0.10+7-1~20.04.1"
},
{
"binary_name": "openjdk-17-source",
"binary_version": "17.0.10+7-1~20.04.1"
}
]
},
"package": {
"ecosystem": "Ubuntu:20.04:LTS",
"name": "openjdk-17",
"purl": "pkg:deb/ubuntu/openjdk-17@17.0.10+7-1~20.04.1?arch=source\u0026distro=focal"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "17.0.10+7-1~20.04.1"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"17+35-1~20.04",
"17.0.1+12-1~20.04",
"17.0.2+8-1~20.04",
"17.0.3+7-0ubuntu0.20.04.1",
"17.0.4+8-1~20.04",
"17.0.5+8-2ubuntu1~20.04",
"17.0.6+10-0ubuntu1~20.04.1",
"17.0.7+7~us1-0ubuntu1~20.04",
"17.0.8+7-1~20.04.2",
"17.0.8.1+1~us1-0ubuntu1~20.04",
"17.0.9+9-1~20.04"
]
},
{
"ecosystem_specific": {
"availability": "No subscription required",
"binaries": [
{
"binary_name": "openjdk-21-demo",
"binary_version": "21.0.2+13-1~20.04.1"
},
{
"binary_name": "openjdk-21-jdk",
"binary_version": "21.0.2+13-1~20.04.1"
},
{
"binary_name": "openjdk-21-jdk-headless",
"binary_version": "21.0.2+13-1~20.04.1"
},
{
"binary_name": "openjdk-21-jre",
"binary_version": "21.0.2+13-1~20.04.1"
},
{
"binary_name": "openjdk-21-jre-headless",
"binary_version": "21.0.2+13-1~20.04.1"
},
{
"binary_name": "openjdk-21-jre-zero",
"binary_version": "21.0.2+13-1~20.04.1"
},
{
"binary_name": "openjdk-21-source",
"binary_version": "21.0.2+13-1~20.04.1"
}
]
},
"package": {
"ecosystem": "Ubuntu:20.04:LTS",
"name": "openjdk-21",
"purl": "pkg:deb/ubuntu/openjdk-21@21.0.2+13-1~20.04.1?arch=source\u0026distro=focal"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "21.0.2+13-1~20.04.1"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"21.0.1+12-2~20.04.1"
]
},
{
"ecosystem_specific": {
"availability": "No subscription required",
"binaries": [
{
"binary_name": "openjdk-8-demo",
"binary_version": "8u402-ga-2ubuntu1~20.04"
},
{
"binary_name": "openjdk-8-jdk",
"binary_version": "8u402-ga-2ubuntu1~20.04"
},
{
"binary_name": "openjdk-8-jdk-headless",
"binary_version": "8u402-ga-2ubuntu1~20.04"
},
{
"binary_name": "openjdk-8-jre",
"binary_version": "8u402-ga-2ubuntu1~20.04"
},
{
"binary_name": "openjdk-8-jre-headless",
"binary_version": "8u402-ga-2ubuntu1~20.04"
},
{
"binary_name": "openjdk-8-jre-zero",
"binary_version": "8u402-ga-2ubuntu1~20.04"
},
{
"binary_name": "openjdk-8-source",
"binary_version": "8u402-ga-2ubuntu1~20.04"
}
]
},
"package": {
"ecosystem": "Ubuntu:20.04:LTS",
"name": "openjdk-8",
"purl": "pkg:deb/ubuntu/openjdk-8@8u402-ga-2ubuntu1~20.04?arch=source\u0026distro=focal"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "8u402-ga-2ubuntu1~20.04"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"8u232-b09-0ubuntu1",
"8u232-b09-1",
"8u242-b04-1",
"8u242-b08-0ubuntu3",
"8u252-b07-1",
"8u252-b09-1ubuntu1",
"8u265-b01-0ubuntu2~20.04",
"8u272-b10-0ubuntu1~20.04",
"8u275-b01-0ubuntu1~20.04",
"8u282-b08-0ubuntu1~20.04",
"8u292-b10-0ubuntu1~20.04",
"8u312-b07-0ubuntu1~20.04",
"8u342-b07-0ubuntu1~20.04",
"8u352-ga-1~20.04",
"8u362-ga-0ubuntu1~20.04.1",
"8u372-ga~us1-0ubuntu1~20.04",
"8u382-ga-1~20.04.1",
"8u392-ga-1~20.04"
]
},
{
"ecosystem_specific": {
"availability": "No subscription required",
"binaries": [
{
"binary_name": "openjdk-11-demo",
"binary_version": "11.0.22+7-0ubuntu2~20.04.1"
},
{
"binary_name": "openjdk-11-jdk",
"binary_version": "11.0.22+7-0ubuntu2~20.04.1"
},
{
"binary_name": "openjdk-11-jdk-headless",
"binary_version": "11.0.22+7-0ubuntu2~20.04.1"
},
{
"binary_name": "openjdk-11-jre",
"binary_version": "11.0.22+7-0ubuntu2~20.04.1"
},
{
"binary_name": "openjdk-11-jre-headless",
"binary_version": "11.0.22+7-0ubuntu2~20.04.1"
},
{
"binary_name": "openjdk-11-jre-zero",
"binary_version": "11.0.22+7-0ubuntu2~20.04.1"
},
{
"binary_name": "openjdk-11-source",
"binary_version": "11.0.22+7-0ubuntu2~20.04.1"
}
]
},
"package": {
"ecosystem": "Ubuntu:20.04:LTS",
"name": "openjdk-lts",
"purl": "pkg:deb/ubuntu/openjdk-lts@11.0.22+7-0ubuntu2~20.04.1?arch=source\u0026distro=focal"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "11.0.22+7-0ubuntu2~20.04.1"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"11.0.5+10-0ubuntu1",
"11.0.5+10-2ubuntu1",
"11.0.6+10-1ubuntu1",
"11.0.6+10-2ubuntu2",
"11.0.7+9-1ubuntu1",
"11.0.7+10-2ubuntu1",
"11.0.7+10-3ubuntu1",
"11.0.8+10-0ubuntu1~20.04",
"11.0.9+11-0ubuntu1~20.04",
"11.0.9.1+1-0ubuntu1~20.04",
"11.0.10+9-0ubuntu1~20.04",
"11.0.11+9-0ubuntu2~20.04",
"11.0.13+8-0ubuntu1~20.04",
"11.0.14+9-0ubuntu2~20.04",
"11.0.14.1+1-0ubuntu1~20.04",
"11.0.15+10-0ubuntu0.20.04.1",
"11.0.16+8-0ubuntu1~20.04",
"11.0.17+8-1ubuntu2~20.04",
"11.0.18+10-0ubuntu1~20.04.1",
"11.0.19+7~us1-0ubuntu1~20.04.1",
"11.0.20+8-1ubuntu1~20.04",
"11.0.20.1+1-0ubuntu1~20.04",
"11.0.21+9-0ubuntu1~20.04"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "openjdk-13-demo",
"binary_version": "13.0.7+5-0ubuntu1~20.04"
},
{
"binary_name": "openjdk-13-jdk",
"binary_version": "13.0.7+5-0ubuntu1~20.04"
},
{
"binary_name": "openjdk-13-jdk-headless",
"binary_version": "13.0.7+5-0ubuntu1~20.04"
},
{
"binary_name": "openjdk-13-jre",
"binary_version": "13.0.7+5-0ubuntu1~20.04"
},
{
"binary_name": "openjdk-13-jre-headless",
"binary_version": "13.0.7+5-0ubuntu1~20.04"
},
{
"binary_name": "openjdk-13-jre-zero",
"binary_version": "13.0.7+5-0ubuntu1~20.04"
},
{
"binary_name": "openjdk-13-source",
"binary_version": "13.0.7+5-0ubuntu1~20.04"
}
]
},
"package": {
"ecosystem": "Ubuntu:20.04:LTS",
"name": "openjdk-13",
"purl": "pkg:deb/ubuntu/openjdk-13@13.0.7+5-0ubuntu1~20.04?arch=source\u0026distro=focal"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"13+33-1",
"13.0.1+9-2",
"13.0.2+8-1",
"13.0.2+8-2",
"13.0.3+3-1ubuntu2",
"13.0.4+8-1~20.04",
"13.0.7+5-0ubuntu1~20.04"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "openjdk-16-demo",
"binary_version": "16.0.1+9-1~20.04"
},
{
"binary_name": "openjdk-16-jdk",
"binary_version": "16.0.1+9-1~20.04"
},
{
"binary_name": "openjdk-16-jdk-headless",
"binary_version": "16.0.1+9-1~20.04"
},
{
"binary_name": "openjdk-16-jre",
"binary_version": "16.0.1+9-1~20.04"
},
{
"binary_name": "openjdk-16-jre-headless",
"binary_version": "16.0.1+9-1~20.04"
},
{
"binary_name": "openjdk-16-jre-zero",
"binary_version": "16.0.1+9-1~20.04"
},
{
"binary_name": "openjdk-16-source",
"binary_version": "16.0.1+9-1~20.04"
}
]
},
"package": {
"ecosystem": "Ubuntu:20.04:LTS",
"name": "openjdk-16",
"purl": "pkg:deb/ubuntu/openjdk-16@16.0.1+9-1~20.04?arch=source\u0026distro=focal"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"16.0.1+9-1~20.04"
]
},
{
"ecosystem_specific": {
"availability": "No subscription required",
"binaries": [
{
"binary_name": "openjdk-17-demo",
"binary_version": "17.0.10+7-1~22.04.1"
},
{
"binary_name": "openjdk-17-jdk",
"binary_version": "17.0.10+7-1~22.04.1"
},
{
"binary_name": "openjdk-17-jdk-headless",
"binary_version": "17.0.10+7-1~22.04.1"
},
{
"binary_name": "openjdk-17-jre",
"binary_version": "17.0.10+7-1~22.04.1"
},
{
"binary_name": "openjdk-17-jre-headless",
"binary_version": "17.0.10+7-1~22.04.1"
},
{
"binary_name": "openjdk-17-jre-zero",
"binary_version": "17.0.10+7-1~22.04.1"
},
{
"binary_name": "openjdk-17-source",
"binary_version": "17.0.10+7-1~22.04.1"
}
]
},
"package": {
"ecosystem": "Ubuntu:22.04:LTS",
"name": "openjdk-17",
"purl": "pkg:deb/ubuntu/openjdk-17@17.0.10+7-1~22.04.1?arch=source\u0026distro=jammy"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "17.0.10+7-1~22.04.1"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"17+35-1",
"17.0.1+12-1",
"17.0.2+8-1",
"17.0.3+7-0ubuntu0.22.04.1",
"17.0.4+8-1~22.04",
"17.0.5+8-2ubuntu1~22.04",
"17.0.6+10-0ubuntu1~22.04",
"17.0.7+7~us1-0ubuntu1~22.04.2",
"17.0.8+7-1~22.04",
"17.0.8.1+1~us1-0ubuntu1~22.04",
"17.0.9+9-1~22.04"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "openjdk-18-demo",
"binary_version": "18.0.2+9-2~22.04"
},
{
"binary_name": "openjdk-18-jdk",
"binary_version": "18.0.2+9-2~22.04"
},
{
"binary_name": "openjdk-18-jdk-headless",
"binary_version": "18.0.2+9-2~22.04"
},
{
"binary_name": "openjdk-18-jre",
"binary_version": "18.0.2+9-2~22.04"
},
{
"binary_name": "openjdk-18-jre-headless",
"binary_version": "18.0.2+9-2~22.04"
},
{
"binary_name": "openjdk-18-jre-zero",
"binary_version": "18.0.2+9-2~22.04"
},
{
"binary_name": "openjdk-18-source",
"binary_version": "18.0.2+9-2~22.04"
}
]
},
"package": {
"ecosystem": "Ubuntu:22.04:LTS",
"name": "openjdk-18",
"purl": "pkg:deb/ubuntu/openjdk-18@18.0.2+9-2~22.04?arch=source\u0026distro=jammy"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"18~15ea-4",
"18~20ea-1",
"18~32ea-1",
"18~36ea-1",
"18.0.2+9-2~22.04"
]
},
{
"ecosystem_specific": {
"availability": "No subscription required",
"binaries": [
{
"binary_name": "openjdk-21-demo",
"binary_version": "21.0.2+13-1~22.04.1"
},
{
"binary_name": "openjdk-21-jdk",
"binary_version": "21.0.2+13-1~22.04.1"
},
{
"binary_name": "openjdk-21-jdk-headless",
"binary_version": "21.0.2+13-1~22.04.1"
},
{
"binary_name": "openjdk-21-jre",
"binary_version": "21.0.2+13-1~22.04.1"
},
{
"binary_name": "openjdk-21-jre-headless",
"binary_version": "21.0.2+13-1~22.04.1"
},
{
"binary_name": "openjdk-21-jre-zero",
"binary_version": "21.0.2+13-1~22.04.1"
},
{
"binary_name": "openjdk-21-source",
"binary_version": "21.0.2+13-1~22.04.1"
}
]
},
"package": {
"ecosystem": "Ubuntu:22.04:LTS",
"name": "openjdk-21",
"purl": "pkg:deb/ubuntu/openjdk-21@21.0.2+13-1~22.04.1?arch=source\u0026distro=jammy"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "21.0.2+13-1~22.04.1"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"21.0.1+12-2~22.04"
]
},
{
"ecosystem_specific": {
"availability": "No subscription required",
"binaries": [
{
"binary_name": "openjdk-8-demo",
"binary_version": "8u402-ga-2ubuntu1~22.04"
},
{
"binary_name": "openjdk-8-jdk",
"binary_version": "8u402-ga-2ubuntu1~22.04"
},
{
"binary_name": "openjdk-8-jdk-headless",
"binary_version": "8u402-ga-2ubuntu1~22.04"
},
{
"binary_name": "openjdk-8-jre",
"binary_version": "8u402-ga-2ubuntu1~22.04"
},
{
"binary_name": "openjdk-8-jre-headless",
"binary_version": "8u402-ga-2ubuntu1~22.04"
},
{
"binary_name": "openjdk-8-jre-zero",
"binary_version": "8u402-ga-2ubuntu1~22.04"
},
{
"binary_name": "openjdk-8-source",
"binary_version": "8u402-ga-2ubuntu1~22.04"
}
]
},
"package": {
"ecosystem": "Ubuntu:22.04:LTS",
"name": "openjdk-8",
"purl": "pkg:deb/ubuntu/openjdk-8@8u402-ga-2ubuntu1~22.04?arch=source\u0026distro=jammy"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "8u402-ga-2ubuntu1~22.04"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"8u302-b08-0ubuntu2",
"8u312-b07-0ubuntu1",
"8u342-b07-0ubuntu1~22.04",
"8u352-ga-1~22.04",
"8u362-ga-0ubuntu1~22.04",
"8u372-ga~us1-0ubuntu1~22.04",
"8u382-ga-1~22.04.1",
"8u392-ga-1~22.04"
]
},
{
"ecosystem_specific": {
"availability": "No subscription required",
"binaries": [
{
"binary_name": "openjdk-11-demo",
"binary_version": "11.0.22+7-0ubuntu2~22.04.1"
},
{
"binary_name": "openjdk-11-jdk",
"binary_version": "11.0.22+7-0ubuntu2~22.04.1"
},
{
"binary_name": "openjdk-11-jdk-headless",
"binary_version": "11.0.22+7-0ubuntu2~22.04.1"
},
{
"binary_name": "openjdk-11-jre",
"binary_version": "11.0.22+7-0ubuntu2~22.04.1"
},
{
"binary_name": "openjdk-11-jre-headless",
"binary_version": "11.0.22+7-0ubuntu2~22.04.1"
},
{
"binary_name": "openjdk-11-jre-zero",
"binary_version": "11.0.22+7-0ubuntu2~22.04.1"
},
{
"binary_name": "openjdk-11-source",
"binary_version": "11.0.22+7-0ubuntu2~22.04.1"
}
]
},
"package": {
"ecosystem": "Ubuntu:22.04:LTS",
"name": "openjdk-lts",
"purl": "pkg:deb/ubuntu/openjdk-lts@11.0.22+7-0ubuntu2~22.04.1?arch=source\u0026distro=jammy"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "11.0.22+7-0ubuntu2~22.04.1"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"11.0.12+7-0ubuntu3",
"11.0.13+8-0ubuntu1",
"11.0.14+9-0ubuntu2",
"11.0.14.1+1-0ubuntu1",
"11.0.15+10-0ubuntu0.22.04.1",
"11.0.16+8-0ubuntu1~22.04",
"11.0.17+8-1ubuntu2~22.04",
"11.0.18+10-0ubuntu1~22.04",
"11.0.19+7~us1-0ubuntu1~22.04.1",
"11.0.20+8-1ubuntu1~22.04",
"11.0.20.1+1-0ubuntu1~22.04",
"11.0.21+9-0ubuntu1~22.04"
]
}
],
"aliases": [],
"details": "Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Security). Supported versions that are affected are Oracle Java SE: 8u391, 8u391-perf, 11.0.21, 17.0.9, 21.0.1; Oracle GraalVM for JDK: 17.0.9, 21.0.1; Oracle GraalVM Enterprise Edition: 20.3.12, 21.3.8 and 22.3.4. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data as well as unauthorized access to critical data or complete access to all Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.1 Base Score 7.4 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N).",
"id": "UBUNTU-CVE-2024-20952",
"modified": "2025-12-02T05:09:59Z",
"published": "2024-01-16T22:15:00Z",
"references": [
{
"type": "REPORT",
"url": "https://ubuntu.com/security/CVE-2024-20952"
},
{
"type": "REPORT",
"url": "https://www.oracle.com/security-alerts/cpujan2024.html"
},
{
"type": "ADVISORY",
"url": "https://ubuntu.com/security/notices/USN-6660-1"
},
{
"type": "ADVISORY",
"url": "https://ubuntu.com/security/notices/USN-6661-1"
},
{
"type": "ADVISORY",
"url": "https://ubuntu.com/security/notices/USN-6662-1"
},
{
"type": "ADVISORY",
"url": "https://ubuntu.com/security/notices/USN-6696-1"
},
{
"type": "REPORT",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20952"
},
{
"type": "ADVISORY",
"url": "https://ubuntu.com/security/notices/USN-7096-1"
}
],
"related": [
"USN-6660-1",
"USN-6661-1",
"USN-6662-1",
"USN-6696-1",
"USN-7096-1"
],
"schema_version": "1.7.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"type": "CVSS_V3"
},
{
"score": "medium",
"type": "Ubuntu"
}
],
"upstream": [
"CVE-2024-20952"
]
}
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.