{"id":"USN-5313-1","summary":"openjdk-lts, openjdk-17 vulnerabilities","details":"It was discovered that OpenJDK incorrectly handled deserialization filters.\nAn attacker could possibly use this issue to insert, delete or obtain\nsensitive information. (CVE-2022-21248)\n\nIt was discovered that OpenJDK incorrectly read uncompressed TIFF files.\nAn attacker could possibly use this issue to cause a denial of service via\na specially crafted TIFF file. (CVE-2022-21277)\n\nJonni Passki discovered that OpenJDK incorrectly verified access\nrestrictions when performing URI resolution. An attacker could possibly\nuse this issue to obtain sensitive information. (CVE-2022-21282)\n\nIt was discovered that OpenJDK incorrectly handled certain regular\nexpressions in the Pattern class implementation. An attacker could\npossibly use this issue to cause a denial of service. (CVE-2022-21283)\n\nIt was discovered that OpenJDK incorrectly handled specially crafted Java\nclass files. An attacker could possibly use this issue to cause a denial\nof service. (CVE-2022-21291)\n\nMarkus Loewe discovered that OpenJDK incorrectly validated attributes\nduring object deserialization. An attacker could possibly use this issue\nto cause a denial of service. (CVE-2022-21293, CVE-2022-21294)\n\nDan Rabe discovered that OpenJDK incorrectly verified access permissions\nin the JAXP component. An attacker could possibly use this to specially\ncraft an XML file to obtain sensitive information. (CVE-2022-21296)\n\nIt was discovered that OpenJDK incorrectly handled XML entities. An\nattacker could use this to specially craft an XML file that, when parsed,\nwould possibly cause a denial of service. (CVE-2022-21299)\n\nZhiqiang Zang discovered that OpenJDK incorrectly handled array indexes.\nAn attacker could possibly use this issue to obtain sensitive information.\n(CVE-2022-21305)\n\nIt was discovered that OpenJDK incorrectly read very long attributes\nvalues in JAR file manifests. An attacker could possibly use this to\nspecially craft JAR file to cause a denial of service. (CVE-2022-21340)\n\nIt was discovered that OpenJDK incorrectly validated input from serialized\nstreams. An attacker cold possibly use this issue to bypass sandbox\nrestrictions. (CVE-2022-21341)\n\nFabian Meumertzheim discovered that OpenJDK incorrectly handled certain\nspecially crafted BMP or TIFF files. An attacker could possibly use this\nto cause a denial of service. (CVE-2022-21360, CVE-2022-21366)\n\nIt was discovered that an integer overflow could be triggered in OpenJDK\nBMPImageReader class implementation. An attacker could possibly use this\nto specially craft a BMP file to cause a denial of service.\n(CVE-2022-21365)\n","modified":"2026-02-10T04:42:30Z","published":"2022-03-07T11:29:10Z","related":["UBUNTU-CVE-2022-21248","UBUNTU-CVE-2022-21277","UBUNTU-CVE-2022-21282","UBUNTU-CVE-2022-21283","UBUNTU-CVE-2022-21291","UBUNTU-CVE-2022-21293","UBUNTU-CVE-2022-21294","UBUNTU-CVE-2022-21296","UBUNTU-CVE-2022-21299","UBUNTU-CVE-2022-21305","UBUNTU-CVE-2022-21340","UBUNTU-CVE-2022-21341","UBUNTU-CVE-2022-21360","UBUNTU-CVE-2022-21365","UBUNTU-CVE-2022-21366"],"upstream":["CVE-2022-21248","CVE-2022-21277","CVE-2022-21282","CVE-2022-21283","CVE-2022-21291","CVE-2022-21293","CVE-2022-21294","CVE-2022-21296","CVE-2022-21299","CVE-2022-21305","CVE-2022-21340","CVE-2022-21341","CVE-2022-21360","CVE-2022-21365","CVE-2022-21366","UBUNTU-CVE-2022-21248","UBUNTU-CVE-2022-21277","UBUNTU-CVE-2022-21282","UBUNTU-CVE-2022-21283","UBUNTU-CVE-2022-21291","UBUNTU-CVE-2022-21293","UBUNTU-CVE-2022-21294","UBUNTU-CVE-2022-21296","UBUNTU-CVE-2022-21299","UBUNTU-CVE-2022-21305","UBUNTU-CVE-2022-21340","UBUNTU-CVE-2022-21341","UBUNTU-CVE-2022-21360","UBUNTU-CVE-2022-21365","UBUNTU-CVE-2022-21366"],"references":[{"type":"ADVISORY","url":"https://ubuntu.com/security/notices/USN-5313-1"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2022-21248"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2022-21277"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2022-21282"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2022-21283"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2022-21291"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2022-21293"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2022-21294"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2022-21296"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2022-21299"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2022-21305"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2022-21340"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2022-21341"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2022-21360"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2022-21365"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2022-21366"}],"affected":[{"package":{"name":"openjdk-17","ecosystem":"Ubuntu:18.04:LTS","purl":"pkg:deb/ubuntu/openjdk-17@17.0.2+8-1~18.04?arch=source&distro=bionic"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"17.0.2+8-1~18.04"}]}],"versions":["17+35-1~18.04","17.0.1+12-1~18.04"],"ecosystem_specific":{"binaries":[{"binary_version":"17.0.2+8-1~18.04","binary_name":"openjdk-17-demo"},{"binary_version":"17.0.2+8-1~18.04","binary_name":"openjdk-17-jdk"},{"binary_version":"17.0.2+8-1~18.04","binary_name":"openjdk-17-jdk-headless"},{"binary_version":"17.0.2+8-1~18.04","binary_name":"openjdk-17-jre"},{"binary_version":"17.0.2+8-1~18.04","binary_name":"openjdk-17-jre-headless"},{"binary_version":"17.0.2+8-1~18.04","binary_name":"openjdk-17-jre-zero"},{"binary_version":"17.0.2+8-1~18.04","binary_name":"openjdk-17-source"}],"availability":"No subscription required"},"database_specific":{"cves_map":{"ecosystem":"Ubuntu:18.04:LTS","cves":[{"id":"CVE-2022-21248","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"type":"Ubuntu","score":"medium"}]},{"id":"CVE-2022-21277","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"type":"Ubuntu","score":"medium"}]},{"id":"CVE-2022-21282","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"type":"Ubuntu","score":"medium"}]},{"id":"CVE-2022-21283","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"type":"Ubuntu","score":"medium"}]},{"id":"CVE-2022-21291","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"type":"Ubuntu","score":"medium"}]},{"id":"CVE-2022-21293","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"type":"Ubuntu","score":"medium"}]},{"id":"CVE-2022-21294","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"type":"Ubuntu","score":"medium"}]},{"id":"CVE-2022-21296","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"type":"Ubuntu","score":"medium"}]},{"id":"CVE-2022-21299","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"type":"Ubuntu","score":"medium"}]},{"id":"CVE-2022-21305","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"type":"Ubuntu","score":"medium"}]},{"id":"CVE-2022-21340","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"type":"Ubuntu","score":"medium"}]},{"id":"CVE-2022-21341","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"type":"Ubuntu","score":"medium"}]},{"id":"CVE-2022-21360","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"type":"Ubuntu","score":"medium"}]},{"id":"CVE-2022-21365","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"type":"Ubuntu","score":"medium"}]},{"id":"CVE-2022-21366","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"type":"Ubuntu","score":"medium"}]}]},"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-5313-1.json"}},{"package":{"name":"openjdk-lts","ecosystem":"Ubuntu:18.04:LTS","purl":"pkg:deb/ubuntu/openjdk-lts@11.0.14+9-0ubuntu2~18.04?arch=source&distro=bionic"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"11.0.14+9-0ubuntu2~18.04"}]}],"versions":["9.0.4+12-2ubuntu4","9.0.4+12-4ubuntu1","10~46-4ubuntu1","10~46-5ubuntu1","10.0.1+10-1ubuntu2","10.0.1+10-3ubuntu1","10.0.2+13-1ubuntu0.18.04.1","10.0.2+13-1ubuntu0.18.04.2","10.0.2+13-1ubuntu0.18.04.3","10.0.2+13-1ubuntu0.18.04.4","11.0.2+9-3ubuntu1~18.04.3","11.0.3+7-1ubuntu2~18.04.1","11.0.4+11-1ubuntu2~18.04.3","11.0.5+10-0ubuntu1.1~18.04","11.0.6+10-1ubuntu1~18.04.1","11.0.7+10-2ubuntu2~18.04","11.0.8+10-0ubuntu1~18.04.1","11.0.9+11-0ubuntu1~18.04.1","11.0.9.1+1-0ubuntu1~18.04","11.0.10+9-0ubuntu1~18.04","11.0.11+9-0ubuntu2~18.04","11.0.13+8-0ubuntu1~18.04"],"ecosystem_specific":{"binaries":[{"binary_version":"11.0.14+9-0ubuntu2~18.04","binary_name":"openjdk-11-demo"},{"binary_version":"11.0.14+9-0ubuntu2~18.04","binary_name":"openjdk-11-jdk"},{"binary_version":"11.0.14+9-0ubuntu2~18.04","binary_name":"openjdk-11-jdk-headless"},{"binary_version":"11.0.14+9-0ubuntu2~18.04","binary_name":"openjdk-11-jre"},{"binary_version":"11.0.14+9-0ubuntu2~18.04","binary_name":"openjdk-11-jre-headless"},{"binary_version":"11.0.14+9-0ubuntu2~18.04","binary_name":"openjdk-11-jre-zero"},{"binary_version":"11.0.14+9-0ubuntu2~18.04","binary_name":"openjdk-11-source"}],"availability":"No subscription required"},"database_specific":{"cves_map":{"ecosystem":"Ubuntu:18.04:LTS","cves":[{"id":"CVE-2022-21248","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"type":"Ubuntu","score":"medium"}]},{"id":"CVE-2022-21277","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"type":"Ubuntu","score":"medium"}]},{"id":"CVE-2022-21282","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"type":"Ubuntu","score":"medium"}]},{"id":"CVE-2022-21283","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"type":"Ubuntu","score":"medium"}]},{"id":"CVE-2022-21291","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"type":"Ubuntu","score":"medium"}]},{"id":"CVE-2022-21293","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"type":"Ubuntu","score":"medium"}]},{"id":"CVE-2022-21294","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"type":"Ubuntu","score":"medium"}]},{"id":"CVE-2022-21296","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"type":"Ubuntu","score":"medium"}]},{"id":"CVE-2022-21299","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"type":"Ubuntu","score":"medium"}]},{"id":"CVE-2022-21305","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"type":"Ubuntu","score":"medium"}]},{"id":"CVE-2022-21340","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"type":"Ubuntu","score":"medium"}]},{"id":"CVE-2022-21341","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"type":"Ubuntu","score":"medium"}]},{"id":"CVE-2022-21360","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"type":"Ubuntu","score":"medium"}]},{"id":"CVE-2022-21365","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"type":"Ubuntu","score":"medium"}]},{"id":"CVE-2022-21366","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"type":"Ubuntu","score":"medium"}]}]},"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-5313-1.json"}},{"package":{"name":"openjdk-17","ecosystem":"Ubuntu:20.04:LTS","purl":"pkg:deb/ubuntu/openjdk-17@17.0.2+8-1~20.04?arch=source&distro=focal"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"17.0.2+8-1~20.04"}]}],"versions":["17+35-1~20.04","17.0.1+12-1~20.04"],"ecosystem_specific":{"binaries":[{"binary_version":"17.0.2+8-1~20.04","binary_name":"openjdk-17-demo"},{"binary_version":"17.0.2+8-1~20.04","binary_name":"openjdk-17-jdk"},{"binary_version":"17.0.2+8-1~20.04","binary_name":"openjdk-17-jdk-headless"},{"binary_version":"17.0.2+8-1~20.04","binary_name":"openjdk-17-jre"},{"binary_version":"17.0.2+8-1~20.04","binary_name":"openjdk-17-jre-headless"},{"binary_version":"17.0.2+8-1~20.04","binary_name":"openjdk-17-jre-zero"},{"binary_version":"17.0.2+8-1~20.04","binary_name":"openjdk-17-source"}],"availability":"No subscription required"},"database_specific":{"cves_map":{"ecosystem":"Ubuntu:20.04:LTS","cves":[{"id":"CVE-2022-21248","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"type":"Ubuntu","score":"medium"}]},{"id":"CVE-2022-21277","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"type":"Ubuntu","score":"medium"}]},{"id":"CVE-2022-21282","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"type":"Ubuntu","score":"medium"}]},{"id":"CVE-2022-21283","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"type":"Ubuntu","score":"medium"}]},{"id":"CVE-2022-21291","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"type":"Ubuntu","score":"medium"}]},{"id":"CVE-2022-21293","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"type":"Ubuntu","score":"medium"}]},{"id":"CVE-2022-21294","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"type":"Ubuntu","score":"medium"}]},{"id":"CVE-2022-21296","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"type":"Ubuntu","score":"medium"}]},{"id":"CVE-2022-21299","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"type":"Ubuntu","score":"medium"}]},{"id":"CVE-2022-21305","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"type":"Ubuntu","score":"medium"}]},{"id":"CVE-2022-21340","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"type":"Ubuntu","score":"medium"}]},{"id":"CVE-2022-21341","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"type":"Ubuntu","score":"medium"}]},{"id":"CVE-2022-21360","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"type":"Ubuntu","score":"medium"}]},{"id":"CVE-2022-21365","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"type":"Ubuntu","score":"medium"}]},{"id":"CVE-2022-21366","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"type":"Ubuntu","score":"medium"}]}]},"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-5313-1.json"}},{"package":{"name":"openjdk-lts","ecosystem":"Ubuntu:20.04:LTS","purl":"pkg:deb/ubuntu/openjdk-lts@11.0.14+9-0ubuntu2~20.04?arch=source&distro=focal"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"11.0.14+9-0ubuntu2~20.04"}]}],"versions":["11.0.5+10-0ubuntu1","11.0.5+10-2ubuntu1","11.0.6+10-1ubuntu1","11.0.6+10-2ubuntu2","11.0.7+9-1ubuntu1","11.0.7+10-2ubuntu1","11.0.7+10-3ubuntu1","11.0.8+10-0ubuntu1~20.04","11.0.9+11-0ubuntu1~20.04","11.0.9.1+1-0ubuntu1~20.04","11.0.10+9-0ubuntu1~20.04","11.0.11+9-0ubuntu2~20.04","11.0.13+8-0ubuntu1~20.04"],"ecosystem_specific":{"binaries":[{"binary_version":"11.0.14+9-0ubuntu2~20.04","binary_name":"openjdk-11-demo"},{"binary_version":"11.0.14+9-0ubuntu2~20.04","binary_name":"openjdk-11-jdk"},{"binary_version":"11.0.14+9-0ubuntu2~20.04","binary_name":"openjdk-11-jdk-headless"},{"binary_version":"11.0.14+9-0ubuntu2~20.04","binary_name":"openjdk-11-jre"},{"binary_version":"11.0.14+9-0ubuntu2~20.04","binary_name":"openjdk-11-jre-headless"},{"binary_version":"11.0.14+9-0ubuntu2~20.04","binary_name":"openjdk-11-jre-zero"},{"binary_version":"11.0.14+9-0ubuntu2~20.04","binary_name":"openjdk-11-source"}],"availability":"No subscription required"},"database_specific":{"cves_map":{"ecosystem":"Ubuntu:20.04:LTS","cves":[{"id":"CVE-2022-21248","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"type":"Ubuntu","score":"medium"}]},{"id":"CVE-2022-21277","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"type":"Ubuntu","score":"medium"}]},{"id":"CVE-2022-21282","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"type":"Ubuntu","score":"medium"}]},{"id":"CVE-2022-21283","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"type":"Ubuntu","score":"medium"}]},{"id":"CVE-2022-21291","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"type":"Ubuntu","score":"medium"}]},{"id":"CVE-2022-21293","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"type":"Ubuntu","score":"medium"}]},{"id":"CVE-2022-21294","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"type":"Ubuntu","score":"medium"}]},{"id":"CVE-2022-21296","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"type":"Ubuntu","score":"medium"}]},{"id":"CVE-2022-21299","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"type":"Ubuntu","score":"medium"}]},{"id":"CVE-2022-21305","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"type":"Ubuntu","score":"medium"}]},{"id":"CVE-2022-21340","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"type":"Ubuntu","score":"medium"}]},{"id":"CVE-2022-21341","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"type":"Ubuntu","score":"medium"}]},{"id":"CVE-2022-21360","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"type":"Ubuntu","score":"medium"}]},{"id":"CVE-2022-21365","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"type":"Ubuntu","score":"medium"}]},{"id":"CVE-2022-21366","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"type":"Ubuntu","score":"medium"}]}]},"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-5313-1.json"}}],"schema_version":"1.7.3"}