{"id":"USN-4337-1","summary":"openjdk-8, openjdk-lts vulnerabilities","details":"It was discovered that OpenJDK incorrectly handled certain regular\nexpressions. An attacker could possibly use this issue to cause a denial of\nservice while processing a specially crafted regular expression.\n(CVE-2020-2754, CVE-2020-2755)\n\nIt was discovered that OpenJDK incorrectly handled class descriptors and\ncatching exceptions during object stream deserialization. An attacker could\npossibly use this issue to cause a denial of service while processing a\nspecially crafted serialized input. (CVE-2020-2756, CVE-2020-2757)\n\nBengt Jonsson, Juraj Somorovsky, Kostis Sagonas, Paul Fiterau Brostean and\nRobert Merget discovered that OpenJDK incorrectly handled certificate messages\nduring TLS handshake. An attacker could possibly use this issue to bypass\ncertificate verification and insert, edit or obtain sensitive information. This\nissue only affected OpenJDK 11. (CVE-2020-2767)\n\nIt was discovered that OpenJDK incorrectly handled exceptions thrown by\nunmarshalKeyInfo() and unmarshalXMLSignature(). An attacker could possibly use\nthis issue to cause a denial of service while reading key info or XML signature\ndata from XML input. (CVE-2020-2773)\n\nPeter Dettman discovered that OpenJDK incorrectly handled SSLParameters in\nsetAlgorithmConstraints(). An attacker could possibly use this issue to\noverride the defined systems security policy and lead to the use of weak\ncrypto algorithms that should be disabled. This issue only affected\nOpenJDK 11. (CVE-2020-2778)\n\nSimone Bordet discovered that OpenJDK incorrectly re-used single null TLS\nsessions for new TLS connections. A remote attacker could possibly use this\nissue to cause a denial of service. (CVE-2020-2781)\n\nDan Amodio discovered that OpenJDK did not restrict the use of CR and LF\ncharacters in values for HTTP headers. An attacker could possibly use this\nissue to insert, edit or obtain sensitive information. (CVE-2020-2800)\n\nNils Emmerich discovered that OpenJDK incorrectly checked boundaries or\nargument types. An attacker could possibly use this issue to bypass sandbox\nrestrictions causing unspecified impact. (CVE-2020-2803, CVE-2020-2805)\n\nIt was discovered that OpenJDK incorrectly handled application data packets\nduring TLS handshake. An attacker could possibly use this issue to insert,\nedit or obtain sensitive information. This issue only affected OpenJDK 11.\n(CVE-2020-2816)\n\nIt was discovered that OpenJDK incorrectly handled certain regular\nexpressions. An attacker could possibly use this issue to cause a denial of\nservice. (CVE-2020-2830)\n","modified":"2026-02-10T04:41:48Z","published":"2020-04-22T15:32:45Z","related":["UBUNTU-CVE-2020-2754","UBUNTU-CVE-2020-2755","UBUNTU-CVE-2020-2756","UBUNTU-CVE-2020-2757","UBUNTU-CVE-2020-2767","UBUNTU-CVE-2020-2773","UBUNTU-CVE-2020-2778","UBUNTU-CVE-2020-2781","UBUNTU-CVE-2020-2800","UBUNTU-CVE-2020-2803","UBUNTU-CVE-2020-2805","UBUNTU-CVE-2020-2816","UBUNTU-CVE-2020-2830"],"upstream":["CVE-2020-2754","CVE-2020-2755","CVE-2020-2756","CVE-2020-2757","CVE-2020-2767","CVE-2020-2773","CVE-2020-2778","CVE-2020-2781","CVE-2020-2800","CVE-2020-2803","CVE-2020-2805","CVE-2020-2816","CVE-2020-2830","UBUNTU-CVE-2020-2754","UBUNTU-CVE-2020-2755","UBUNTU-CVE-2020-2756","UBUNTU-CVE-2020-2757","UBUNTU-CVE-2020-2767","UBUNTU-CVE-2020-2773","UBUNTU-CVE-2020-2778","UBUNTU-CVE-2020-2781","UBUNTU-CVE-2020-2800","UBUNTU-CVE-2020-2803","UBUNTU-CVE-2020-2805","UBUNTU-CVE-2020-2816","UBUNTU-CVE-2020-2830"],"references":[{"type":"ADVISORY","url":"https://ubuntu.com/security/notices/USN-4337-1"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2020-2754"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2020-2755"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2020-2756"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2020-2757"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2020-2767"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2020-2773"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2020-2778"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2020-2781"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2020-2800"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2020-2803"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2020-2805"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2020-2816"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2020-2830"}],"affected":[{"package":{"name":"openjdk-8","ecosystem":"Ubuntu:16.04:LTS","purl":"pkg:deb/ubuntu/openjdk-8@8u252-b09-1~16.04?arch=source&distro=xenial"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"8u252-b09-1~16.04"}]}],"versions":["8u66-b01-5","8u72-b05-1ubuntu1","8u72-b05-5","8u72-b05-6","8u72-b15-1","8u72-b15-2ubuntu1","8u72-b15-2ubuntu3","8u72-b15-3ubuntu1","8u77-b03-1ubuntu2","8u77-b03-3ubuntu1","8u77-b03-3ubuntu2","8u77-b03-3ubuntu3","8u91-b14-0ubuntu4~16.04.1","8u91-b14-3ubuntu1~16.04.1","8u111-b14-2ubuntu0.16.04.2","8u121-b13-0ubuntu1.16.04.2","8u131-b11-0ubuntu1.16.04.2","8u131-b11-2ubuntu1.16.04.2","8u131-b11-2ubuntu1.16.04.3","8u151-b12-0ubuntu0.16.04.2","8u162-b12-0ubuntu0.16.04.2","8u171-b11-0ubuntu0.16.04.1","8u181-b13-0ubuntu0.16.04.1","8u181-b13-1ubuntu0.16.04.1","8u191-b12-0ubuntu0.16.04.1","8u191-b12-2ubuntu0.16.04.1","8u212-b03-0ubuntu1.16.04.1","8u222-b10-1ubuntu1~16.04.1","8u232-b09-0ubuntu1~16.04.1","8u242-b08-0ubuntu3~16.04"],"ecosystem_specific":{"binaries":[{"binary_version":"8u252-b09-1~16.04","binary_name":"openjdk-8-demo"},{"binary_version":"8u252-b09-1~16.04","binary_name":"openjdk-8-jdk"},{"binary_version":"8u252-b09-1~16.04","binary_name":"openjdk-8-jdk-headless"},{"binary_version":"8u252-b09-1~16.04","binary_name":"openjdk-8-jre"},{"binary_version":"8u252-b09-1~16.04","binary_name":"openjdk-8-jre-headless"},{"binary_version":"8u252-b09-1~16.04","binary_name":"openjdk-8-jre-jamvm"},{"binary_version":"8u252-b09-1~16.04","binary_name":"openjdk-8-jre-zero"},{"binary_version":"8u252-b09-1~16.04","binary_name":"openjdk-8-source"}],"availability":"No subscription required"},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-4337-1.json","cves_map":{"ecosystem":"Ubuntu:16.04:LTS","cves":[{"id":"CVE-2020-2754","severity":[{"score":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L","type":"CVSS_V3"},{"score":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L","type":"CVSS_V3"},{"score":"low","type":"Ubuntu"}]},{"id":"CVE-2020-2755","severity":[{"score":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L","type":"CVSS_V3"},{"score":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L","type":"CVSS_V3"},{"score":"low","type":"Ubuntu"}]},{"id":"CVE-2020-2756","severity":[{"score":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L","type":"CVSS_V3"},{"score":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L","type":"CVSS_V3"},{"score":"low","type":"Ubuntu"}]},{"id":"CVE-2020-2757","severity":[{"score":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L","type":"CVSS_V3"},{"score":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L","type":"CVSS_V3"},{"score":"low","type":"Ubuntu"}]},{"id":"CVE-2020-2773","severity":[{"score":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L","type":"CVSS_V3"},{"score":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L","type":"CVSS_V3"},{"score":"low","type":"Ubuntu"}]},{"id":"CVE-2020-2781","severity":[{"score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","type":"CVSS_V3"},{"score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","type":"CVSS_V3"},{"score":"low","type":"Ubuntu"}]},{"id":"CVE-2020-2800","severity":[{"score":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N","type":"CVSS_V3"},{"score":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]},{"id":"CVE-2020-2803","severity":[{"score":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]},{"id":"CVE-2020-2805","severity":[{"score":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]},{"id":"CVE-2020-2830","severity":[{"score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","type":"CVSS_V3"},{"score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]}]}}},{"package":{"name":"openjdk-8","ecosystem":"Ubuntu:18.04:LTS","purl":"pkg:deb/ubuntu/openjdk-8@8u252-b09-1~18.04?arch=source&distro=bionic"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"8u252-b09-1~18.04"}]}],"versions":["8u144-b01-2","8u151-b12-1","8u162-b12-1","8u171-b11-0ubuntu0.18.04.1","8u181-b13-0ubuntu0.18.04.1","8u181-b13-1ubuntu0.18.04.1","8u191-b12-0ubuntu0.18.04.1","8u191-b12-2ubuntu0.18.04.1","8u212-b03-0ubuntu1.18.04.1","8u222-b10-1ubuntu1~18.04.1","8u232-b09-0ubuntu1~18.04.1","8u242-b08-0ubuntu3~18.04"],"ecosystem_specific":{"binaries":[{"binary_version":"8u252-b09-1~18.04","binary_name":"openjdk-8-demo"},{"binary_version":"8u252-b09-1~18.04","binary_name":"openjdk-8-jdk"},{"binary_version":"8u252-b09-1~18.04","binary_name":"openjdk-8-jdk-headless"},{"binary_version":"8u252-b09-1~18.04","binary_name":"openjdk-8-jre"},{"binary_version":"8u252-b09-1~18.04","binary_name":"openjdk-8-jre-headless"},{"binary_version":"8u252-b09-1~18.04","binary_name":"openjdk-8-jre-zero"},{"binary_version":"8u252-b09-1~18.04","binary_name":"openjdk-8-source"}],"availability":"No subscription required"},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-4337-1.json","cves_map":{"ecosystem":"Ubuntu:18.04:LTS","cves":[{"id":"CVE-2020-2754","severity":[{"score":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L","type":"CVSS_V3"},{"score":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L","type":"CVSS_V3"},{"score":"low","type":"Ubuntu"}]},{"id":"CVE-2020-2755","severity":[{"score":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L","type":"CVSS_V3"},{"score":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L","type":"CVSS_V3"},{"score":"low","type":"Ubuntu"}]},{"id":"CVE-2020-2756","severity":[{"score":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L","type":"CVSS_V3"},{"score":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L","type":"CVSS_V3"},{"score":"low","type":"Ubuntu"}]},{"id":"CVE-2020-2757","severity":[{"score":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L","type":"CVSS_V3"},{"score":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L","type":"CVSS_V3"},{"score":"low","type":"Ubuntu"}]},{"id":"CVE-2020-2767","severity":[{"score":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N","type":"CVSS_V3"},{"score":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]},{"id":"CVE-2020-2773","severity":[{"score":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L","type":"CVSS_V3"},{"score":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L","type":"CVSS_V3"},{"score":"low","type":"Ubuntu"}]},{"id":"CVE-2020-2778","severity":[{"score":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N","type":"CVSS_V3"},{"score":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N","type":"CVSS_V3"},{"score":"low","type":"Ubuntu"}]},{"id":"CVE-2020-2781","severity":[{"score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","type":"CVSS_V3"},{"score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","type":"CVSS_V3"},{"score":"low","type":"Ubuntu"}]},{"id":"CVE-2020-2800","severity":[{"score":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N","type":"CVSS_V3"},{"score":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]},{"id":"CVE-2020-2803","severity":[{"score":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]},{"id":"CVE-2020-2805","severity":[{"score":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]},{"id":"CVE-2020-2816","severity":[{"score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N","type":"CVSS_V3"},{"score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]},{"id":"CVE-2020-2830","severity":[{"score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","type":"CVSS_V3"},{"score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]}]}}},{"package":{"name":"openjdk-lts","ecosystem":"Ubuntu:18.04:LTS","purl":"pkg:deb/ubuntu/openjdk-lts@11.0.7+10-2ubuntu2~18.04?arch=source&distro=bionic"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"11.0.7+10-2ubuntu2~18.04"}]}],"versions":["9.0.4+12-2ubuntu4","9.0.4+12-4ubuntu1","10~46-4ubuntu1","10~46-5ubuntu1","10.0.1+10-1ubuntu2","10.0.1+10-3ubuntu1","10.0.2+13-1ubuntu0.18.04.1","10.0.2+13-1ubuntu0.18.04.2","10.0.2+13-1ubuntu0.18.04.3","10.0.2+13-1ubuntu0.18.04.4","11.0.2+9-3ubuntu1~18.04.3","11.0.3+7-1ubuntu2~18.04.1","11.0.4+11-1ubuntu2~18.04.3","11.0.5+10-0ubuntu1.1~18.04","11.0.6+10-1ubuntu1~18.04.1"],"ecosystem_specific":{"binaries":[{"binary_version":"11.0.7+10-2ubuntu2~18.04","binary_name":"openjdk-11-demo"},{"binary_version":"11.0.7+10-2ubuntu2~18.04","binary_name":"openjdk-11-jdk"},{"binary_version":"11.0.7+10-2ubuntu2~18.04","binary_name":"openjdk-11-jdk-headless"},{"binary_version":"11.0.7+10-2ubuntu2~18.04","binary_name":"openjdk-11-jre"},{"binary_version":"11.0.7+10-2ubuntu2~18.04","binary_name":"openjdk-11-jre-headless"},{"binary_version":"11.0.7+10-2ubuntu2~18.04","binary_name":"openjdk-11-jre-zero"},{"binary_version":"11.0.7+10-2ubuntu2~18.04","binary_name":"openjdk-11-source"}],"availability":"No subscription required"},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-4337-1.json","cves_map":{"ecosystem":"Ubuntu:18.04:LTS","cves":[{"id":"CVE-2020-2754","severity":[{"score":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L","type":"CVSS_V3"},{"score":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L","type":"CVSS_V3"},{"score":"low","type":"Ubuntu"}]},{"id":"CVE-2020-2755","severity":[{"score":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L","type":"CVSS_V3"},{"score":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L","type":"CVSS_V3"},{"score":"low","type":"Ubuntu"}]},{"id":"CVE-2020-2756","severity":[{"score":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L","type":"CVSS_V3"},{"score":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L","type":"CVSS_V3"},{"score":"low","type":"Ubuntu"}]},{"id":"CVE-2020-2757","severity":[{"score":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L","type":"CVSS_V3"},{"score":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L","type":"CVSS_V3"},{"score":"low","type":"Ubuntu"}]},{"id":"CVE-2020-2767","severity":[{"score":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N","type":"CVSS_V3"},{"score":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]},{"id":"CVE-2020-2773","severity":[{"score":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L","type":"CVSS_V3"},{"score":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L","type":"CVSS_V3"},{"score":"low","type":"Ubuntu"}]},{"id":"CVE-2020-2778","severity":[{"score":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N","type":"CVSS_V3"},{"score":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N","type":"CVSS_V3"},{"score":"low","type":"Ubuntu"}]},{"id":"CVE-2020-2781","severity":[{"score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","type":"CVSS_V3"},{"score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","type":"CVSS_V3"},{"score":"low","type":"Ubuntu"}]},{"id":"CVE-2020-2800","severity":[{"score":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N","type":"CVSS_V3"},{"score":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]},{"id":"CVE-2020-2803","severity":[{"score":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]},{"id":"CVE-2020-2805","severity":[{"score":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]},{"id":"CVE-2020-2816","severity":[{"score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N","type":"CVSS_V3"},{"score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]},{"id":"CVE-2020-2830","severity":[{"score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","type":"CVSS_V3"},{"score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]}]}}}],"schema_version":"1.7.3"}