Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:apk/alpine/buildah@1.23.4-r0?arch=armhf&distroversion=v3.15&reponame=community
Typeapk
Namespacealpine
Namebuildah
Version1.23.4-r0
Qualifiers
arch armhf
distroversion v3.15
reponame community
Subpath
Is_vulnerablefalse
Next_non_vulnerable_versionnull
Latest_non_vulnerable_versionnull
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-f5qg-jth9-hycf
vulnerability_id VCID-f5qg-jth9-hycf
summary 
Uncontrolled Resource Consumption in promhttp
This is the Go client library for Prometheus. It has two separate parts, one for instrumenting application code, and one for creating clients that talk to the Prometheus HTTP API. client_golang is the instrumentation library for Go applications in Prometheus, and the promhttp package in client_golang provides tooling around HTTP servers and clients.

### Impact

HTTP server susceptible to a Denial of Service through unbounded cardinality, and potential memory exhaustion, when handling requests with non-standard HTTP methods.

###  Affected Configuration

In order to be affected, an instrumented software must

* Use any of `promhttp.InstrumentHandler*` middleware except `RequestsInFlight`.
* Do not filter any specific methods (e.g GET) before middleware.
* Pass metric with `method` label name to our middleware.
* Not have any firewall/LB/proxy that filters away requests with unknown `method`.

### Patches

* https://github.com/prometheus/client_golang/pull/962
* https://github.com/prometheus/client_golang/pull/987

### Workarounds

If you cannot upgrade to [v1.11.1 or above](https://github.com/prometheus/client_golang/releases/tag/v1.11.1), in order to stop being affected you can:

* Remove `method` label name from counter/gauge you use in the InstrumentHandler.
* Turn off affected promhttp handlers.
* Add custom middleware before promhttp handler that will sanitize the request method given by Go http.Request.
* Use a reverse proxy or web application firewall, configured to only allow a limited set of methods.

### For more information

If you have any questions or comments about this advisory:

* Open an issue in https://github.com/prometheus/client_golang
* Email us at `prometheus-team@googlegroups.com`
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21698.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21698.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-21698
reference_id
reference_type
scores
0
value 0.00279
scoring_system epss
scoring_elements 0.5134
published_at 2026-04-21T12:55:00Z
1
value 0.00279
scoring_system epss
scoring_elements 0.5136
published_at 2026-04-18T12:55:00Z
2
value 0.00279
scoring_system epss
scoring_elements 0.51306
published_at 2026-04-08T12:55:00Z
3
value 0.00279
scoring_system epss
scoring_elements 0.51346
published_at 2026-04-11T12:55:00Z
4
value 0.00279
scoring_system epss
scoring_elements 0.51302
published_at 2026-04-09T12:55:00Z
5
value 0.00279
scoring_system epss
scoring_elements 0.51352
published_at 2026-04-16T12:55:00Z
6
value 0.00279
scoring_system epss
scoring_elements 0.51312
published_at 2026-04-13T12:55:00Z
7
value 0.00279
scoring_system epss
scoring_elements 0.51266
published_at 2026-04-02T12:55:00Z
8
value 0.00279
scoring_system epss
scoring_elements 0.51291
published_at 2026-04-04T12:55:00Z
9
value 0.00279
scoring_system epss
scoring_elements 0.51251
published_at 2026-04-07T12:55:00Z
10
value 0.00279
scoring_system epss
scoring_elements 0.51325
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-21698
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21698
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21698
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/prometheus/client_golang
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/prometheus/client_golang
5
reference_url https://github.com/prometheus/client_golang/pull/962
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T15:57:33Z/
url https://github.com/prometheus/client_golang/pull/962
6
reference_url https://github.com/prometheus/client_golang/pull/987
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T15:57:33Z/
url https://github.com/prometheus/client_golang/pull/987
7
reference_url https://github.com/prometheus/client_golang/releases/tag/v1.11.1
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T15:57:33Z/
url https://github.com/prometheus/client_golang/releases/tag/v1.11.1
8
reference_url https://github.com/prometheus/client_golang/security/advisories/GHSA-cg3q-j54f-5p7p
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T15:57:33Z/
url https://github.com/prometheus/client_golang/security/advisories/GHSA-cg3q-j54f-5p7p
9
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2IK53GWZ475OQ6ENABKMJMTOBZG6LXUR
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2IK53GWZ475OQ6ENABKMJMTOBZG6LXUR
10
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2PFW6Q2LXXWTFRTMTRN4ZGADFRQPKJ3D
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2PFW6Q2LXXWTFRTMTRN4ZGADFRQPKJ3D
11
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/36GUEPA5TPSC57DZTPYPBL6T7UPQ2FRH
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/36GUEPA5TPSC57DZTPYPBL6T7UPQ2FRH
12
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3L6GDN5S5QZSCFKWD3GKL2RDZQ6B4UWA
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3L6GDN5S5QZSCFKWD3GKL2RDZQ6B4UWA
13
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4KDETHL5XCT6RZN2BBNOCEXRZ2W3SFU3
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4KDETHL5XCT6RZN2BBNOCEXRZ2W3SFU3
14
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5OGNAFVXSMTTT2UPH6CS3IH6L3KM42Q7
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5OGNAFVXSMTTT2UPH6CS3IH6L3KM42Q7
15
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7V7I72LSQ3IET3QJR6QPAVGJZ4CBDLN5
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7V7I72LSQ3IET3QJR6QPAVGJZ4CBDLN5
16
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AK7CJBCGERCRXYUR2EWDSSDVAQMTAZGX
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AK7CJBCGERCRXYUR2EWDSSDVAQMTAZGX
17
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DLUJZV3HBP56ADXU6QH2V7RNYUPMVBXQ
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DLUJZV3HBP56ADXU6QH2V7RNYUPMVBXQ
18
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FY3N7H6VSDZM37B4SKM2PFFCUWU7QYWN
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FY3N7H6VSDZM37B4SKM2PFFCUWU7QYWN
19
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HLAQRRGNSO5MYCPAXGPH2OCSHOGHSQMQ
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HLAQRRGNSO5MYCPAXGPH2OCSHOGHSQMQ
20
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/J5WPM42UR6XIBQNQPNQHM32X7S4LJTRX
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/J5WPM42UR6XIBQNQPNQHM32X7S4LJTRX
21
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KBMVIQFKQDSSTHVVJWJ4QH6TW3JVB7XZ
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KBMVIQFKQDSSTHVVJWJ4QH6TW3JVB7XZ
22
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MH6ALXEQXIFQRQFNJ5Y2MJ5DFPIX76VN
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MH6ALXEQXIFQRQFNJ5Y2MJ5DFPIX76VN
23
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RN7JGC2LVHPEGSJYODFUV5FEKPBVG4D7
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RN7JGC2LVHPEGSJYODFUV5FEKPBVG4D7
24
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SASRKYHT5ZFSVMJUQUG3UAEQRJYGJKAR
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SASRKYHT5ZFSVMJUQUG3UAEQRJYGJKAR
25
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZKORFJTRRDJCWBTJPISKKCVMMMJBIRLG
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZKORFJTRRDJCWBTJPISKKCVMMMJBIRLG
26
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR
27
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-21698
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-21698
28
reference_url https://pkg.go.dev/vuln/GO-2022-0322
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://pkg.go.dev/vuln/GO-2022-0322
29
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1008008
reference_id 1008008
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1008008
30
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2045880
reference_id 2045880
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2045880
31
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2IK53GWZ475OQ6ENABKMJMTOBZG6LXUR/
reference_id 2IK53GWZ475OQ6ENABKMJMTOBZG6LXUR
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T15:57:33Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2IK53GWZ475OQ6ENABKMJMTOBZG6LXUR/
32
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2PFW6Q2LXXWTFRTMTRN4ZGADFRQPKJ3D/
reference_id 2PFW6Q2LXXWTFRTMTRN4ZGADFRQPKJ3D
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T15:57:33Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2PFW6Q2LXXWTFRTMTRN4ZGADFRQPKJ3D/
33
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/36GUEPA5TPSC57DZTPYPBL6T7UPQ2FRH/
reference_id 36GUEPA5TPSC57DZTPYPBL6T7UPQ2FRH
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T15:57:33Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/36GUEPA5TPSC57DZTPYPBL6T7UPQ2FRH/
34
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3L6GDN5S5QZSCFKWD3GKL2RDZQ6B4UWA/
reference_id 3L6GDN5S5QZSCFKWD3GKL2RDZQ6B4UWA
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T15:57:33Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3L6GDN5S5QZSCFKWD3GKL2RDZQ6B4UWA/
35
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4KDETHL5XCT6RZN2BBNOCEXRZ2W3SFU3/
reference_id 4KDETHL5XCT6RZN2BBNOCEXRZ2W3SFU3
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T15:57:33Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4KDETHL5XCT6RZN2BBNOCEXRZ2W3SFU3/
36
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5OGNAFVXSMTTT2UPH6CS3IH6L3KM42Q7/
reference_id 5OGNAFVXSMTTT2UPH6CS3IH6L3KM42Q7
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T15:57:33Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5OGNAFVXSMTTT2UPH6CS3IH6L3KM42Q7/
37
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7V7I72LSQ3IET3QJR6QPAVGJZ4CBDLN5/
reference_id 7V7I72LSQ3IET3QJR6QPAVGJZ4CBDLN5
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T15:57:33Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7V7I72LSQ3IET3QJR6QPAVGJZ4CBDLN5/
38
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AK7CJBCGERCRXYUR2EWDSSDVAQMTAZGX/
reference_id AK7CJBCGERCRXYUR2EWDSSDVAQMTAZGX
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T15:57:33Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AK7CJBCGERCRXYUR2EWDSSDVAQMTAZGX/
39
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DLUJZV3HBP56ADXU6QH2V7RNYUPMVBXQ/
reference_id DLUJZV3HBP56ADXU6QH2V7RNYUPMVBXQ
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T15:57:33Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DLUJZV3HBP56ADXU6QH2V7RNYUPMVBXQ/
40
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FY3N7H6VSDZM37B4SKM2PFFCUWU7QYWN/
reference_id FY3N7H6VSDZM37B4SKM2PFFCUWU7QYWN
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T15:57:33Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FY3N7H6VSDZM37B4SKM2PFFCUWU7QYWN/
41
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HLAQRRGNSO5MYCPAXGPH2OCSHOGHSQMQ/
reference_id HLAQRRGNSO5MYCPAXGPH2OCSHOGHSQMQ
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T15:57:33Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HLAQRRGNSO5MYCPAXGPH2OCSHOGHSQMQ/
42
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/J5WPM42UR6XIBQNQPNQHM32X7S4LJTRX/
reference_id J5WPM42UR6XIBQNQPNQHM32X7S4LJTRX
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T15:57:33Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/J5WPM42UR6XIBQNQPNQHM32X7S4LJTRX/
43
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KBMVIQFKQDSSTHVVJWJ4QH6TW3JVB7XZ/
reference_id KBMVIQFKQDSSTHVVJWJ4QH6TW3JVB7XZ
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T15:57:33Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KBMVIQFKQDSSTHVVJWJ4QH6TW3JVB7XZ/
44
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MH6ALXEQXIFQRQFNJ5Y2MJ5DFPIX76VN/
reference_id MH6ALXEQXIFQRQFNJ5Y2MJ5DFPIX76VN
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T15:57:33Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MH6ALXEQXIFQRQFNJ5Y2MJ5DFPIX76VN/
45
reference_url https://access.redhat.com/errata/RHSA-2022:1356
reference_id RHSA-2022:1356
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:1356
46
reference_url https://access.redhat.com/errata/RHSA-2022:1461
reference_id RHSA-2022:1461
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:1461
47
reference_url https://access.redhat.com/errata/RHSA-2022:1762
reference_id RHSA-2022:1762
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:1762
48
reference_url https://access.redhat.com/errata/RHSA-2022:2216
reference_id RHSA-2022:2216
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:2216
49
reference_url https://access.redhat.com/errata/RHSA-2022:2217
reference_id RHSA-2022:2217
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:2217
50
reference_url https://access.redhat.com/errata/RHSA-2022:2218
reference_id RHSA-2022:2218
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:2218
51
reference_url https://access.redhat.com/errata/RHSA-2022:2280
reference_id RHSA-2022:2280
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:2280
52
reference_url https://access.redhat.com/errata/RHSA-2022:4667
reference_id RHSA-2022:4667
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:4667
53
reference_url https://access.redhat.com/errata/RHSA-2022:5026
reference_id RHSA-2022:5026
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:5026
54
reference_url https://access.redhat.com/errata/RHSA-2022:5068
reference_id RHSA-2022:5068
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:5068
55
reference_url https://access.redhat.com/errata/RHSA-2022:5069
reference_id RHSA-2022:5069
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:5069
56
reference_url https://access.redhat.com/errata/RHSA-2022:5070
reference_id RHSA-2022:5070
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:5070
57
reference_url https://access.redhat.com/errata/RHSA-2022:6040
reference_id RHSA-2022:6040
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6040
58
reference_url https://access.redhat.com/errata/RHSA-2022:6042
reference_id RHSA-2022:6042
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6042
59
reference_url https://access.redhat.com/errata/RHSA-2022:6051
reference_id RHSA-2022:6051
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6051
60
reference_url https://access.redhat.com/errata/RHSA-2022:6061
reference_id RHSA-2022:6061
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6061
61
reference_url https://access.redhat.com/errata/RHSA-2022:6066
reference_id RHSA-2022:6066
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6066
62
reference_url https://access.redhat.com/errata/RHSA-2022:6156
reference_id RHSA-2022:6156
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6156
63
reference_url https://access.redhat.com/errata/RHSA-2022:6290
reference_id RHSA-2022:6290
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6290
64
reference_url https://access.redhat.com/errata/RHSA-2022:6430
reference_id RHSA-2022:6430
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6430
65
reference_url https://access.redhat.com/errata/RHSA-2022:6537
reference_id RHSA-2022:6537
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6537
66
reference_url https://access.redhat.com/errata/RHSA-2022:7261
reference_id RHSA-2022:7261
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:7261
67
reference_url https://access.redhat.com/errata/RHSA-2022:7399
reference_id RHSA-2022:7399
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:7399
68
reference_url https://access.redhat.com/errata/RHSA-2022:7519
reference_id RHSA-2022:7519
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:7519
69
reference_url https://access.redhat.com/errata/RHSA-2022:7529
reference_id RHSA-2022:7529
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:7529
70
reference_url https://access.redhat.com/errata/RHSA-2022:8057
reference_id RHSA-2022:8057
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:8057
71
reference_url https://access.redhat.com/errata/RHSA-2022:9096
reference_id RHSA-2022:9096
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:9096
72
reference_url https://access.redhat.com/errata/RHSA-2023:0566
reference_id RHSA-2023:0566
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0566
73
reference_url https://access.redhat.com/errata/RHSA-2023:0652
reference_id RHSA-2023:0652
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0652
74
reference_url https://access.redhat.com/errata/RHSA-2023:1158
reference_id RHSA-2023:1158
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:1158
75
reference_url https://access.redhat.com/errata/RHSA-2023:1326
reference_id RHSA-2023:1326
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:1326
76
reference_url https://access.redhat.com/errata/RHSA-2023:2014
reference_id RHSA-2023:2014
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:2014
77
reference_url https://access.redhat.com/errata/RHSA-2023:5314
reference_id RHSA-2023:5314
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5314
78
reference_url https://access.redhat.com/errata/RHSA-2024:0564
reference_id RHSA-2024:0564
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:0564
79
reference_url https://access.redhat.com/errata/RHSA-2024:2944
reference_id RHSA-2024:2944
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:2944
80
reference_url https://access.redhat.com/errata/RHSA-2024:4631
reference_id RHSA-2024:4631
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:4631
81
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RN7JGC2LVHPEGSJYODFUV5FEKPBVG4D7/
reference_id RN7JGC2LVHPEGSJYODFUV5FEKPBVG4D7
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T15:57:33Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RN7JGC2LVHPEGSJYODFUV5FEKPBVG4D7/
82
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SASRKYHT5ZFSVMJUQUG3UAEQRJYGJKAR/
reference_id SASRKYHT5ZFSVMJUQUG3UAEQRJYGJKAR
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T15:57:33Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SASRKYHT5ZFSVMJUQUG3UAEQRJYGJKAR/
83
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKORFJTRRDJCWBTJPISKKCVMMMJBIRLG/
reference_id ZKORFJTRRDJCWBTJPISKKCVMMMJBIRLG
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T15:57:33Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKORFJTRRDJCWBTJPISKKCVMMMJBIRLG/
84
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR/
reference_id ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T15:57:33Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR/
fixed_packages
0
url pkg:apk/alpine/buildah@1.23.4-r0?arch=armhf&distroversion=v3.15&reponame=community
purl pkg:apk/alpine/buildah@1.23.4-r0?arch=armhf&distroversion=v3.15&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/buildah@1.23.4-r0%3Farch=armhf&distroversion=v3.15&reponame=community
aliases CVE-2022-21698, GHSA-cg3q-j54f-5p7p
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-f5qg-jth9-hycf
1
url VCID-gs2e-ztdw-ayft
vulnerability_id VCID-gs2e-ztdw-ayft
summary 
Non-empty default inheritable capabilities for linux container in Buildah
A bug was found in Buildah where containers were created with non-empty inheritable Linux process capabilities, creating an atypical Linux environment and enabling programs with inheritable file capabilities to elevate those capabilities to the permitted set during execve(2).

This bug did not affect the container security sandbox as the inheritable set never contained more capabilities than were included in the container's bounding set.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-27651.json
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-27651.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-27651
reference_id
reference_type
scores
0
value 0.00182
scoring_system epss
scoring_elements 0.39848
published_at 2026-04-21T12:55:00Z
1
value 0.00182
scoring_system epss
scoring_elements 0.39928
published_at 2026-04-18T12:55:00Z
2
value 0.00182
scoring_system epss
scoring_elements 0.39957
published_at 2026-04-16T12:55:00Z
3
value 0.00182
scoring_system epss
scoring_elements 0.39907
published_at 2026-04-13T12:55:00Z
4
value 0.00182
scoring_system epss
scoring_elements 0.39926
published_at 2026-04-12T12:55:00Z
5
value 0.00182
scoring_system epss
scoring_elements 0.39962
published_at 2026-04-11T12:55:00Z
6
value 0.00182
scoring_system epss
scoring_elements 0.39952
published_at 2026-04-09T12:55:00Z
7
value 0.00182
scoring_system epss
scoring_elements 0.39883
published_at 2026-04-07T12:55:00Z
8
value 0.00182
scoring_system epss
scoring_elements 0.39961
published_at 2026-04-04T12:55:00Z
9
value 0.00182
scoring_system epss
scoring_elements 0.39938
published_at 2026-04-08T12:55:00Z
10
value 0.00182
scoring_system epss
scoring_elements 0.39934
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-27651
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2066840
reference_id
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=2066840
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27651
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27651
4
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
5
reference_url https://github.com/containers/buildah
reference_id
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/containers/buildah
6
reference_url https://github.com/containers/buildah/commit/90b3254c7404039c1c786999ac189654228f6e0e
reference_id
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/containers/buildah/commit/90b3254c7404039c1c786999ac189654228f6e0e
7
reference_url https://github.com/containers/buildah/commit/e7e55c988c05dd74005184ceb64f097a0cfe645b
reference_id
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/containers/buildah/commit/e7e55c988c05dd74005184ceb64f097a0cfe645b
8
reference_url https://github.com/containers/buildah/pull/3855
reference_id
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/containers/buildah/pull/3855
9
reference_url https://github.com/containers/buildah/security/advisories/GHSA-c3g4-w6cv-6v7h
reference_id
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/containers/buildah/security/advisories/GHSA-c3g4-w6cv-6v7h
10
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/25YI27MENCEPZTTGRVU6BQD5V53FNI52
reference_id
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/25YI27MENCEPZTTGRVU6BQD5V53FNI52
11
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2VWH6X6HOFPO6HTESF42HIJZEPXSWVIO
reference_id
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2VWH6X6HOFPO6HTESF42HIJZEPXSWVIO
12
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7NETC7I6RTMMBRJJQVJOJUPDK4W4PQSJ
reference_id
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7NETC7I6RTMMBRJJQVJOJUPDK4W4PQSJ
13
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-27651
reference_id
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-27651
14
reference_url https://pkg.go.dev/vuln/GO-2022-0417
reference_id
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://pkg.go.dev/vuln/GO-2022-0417
15
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1009882
reference_id 1009882
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1009882
16
reference_url https://access.redhat.com/errata/RHSA-2022:1407
reference_id RHSA-2022:1407
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:1407
17
reference_url https://access.redhat.com/errata/RHSA-2022:1565
reference_id RHSA-2022:1565
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:1565
18
reference_url https://access.redhat.com/errata/RHSA-2022:1566
reference_id RHSA-2022:1566
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:1566
19
reference_url https://access.redhat.com/errata/RHSA-2022:1762
reference_id RHSA-2022:1762
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:1762
20
reference_url https://access.redhat.com/errata/RHSA-2022:4651
reference_id RHSA-2022:4651
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:4651
21
reference_url https://access.redhat.com/errata/RHSA-2022:4816
reference_id RHSA-2022:4816
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:4816
fixed_packages
0
url pkg:apk/alpine/buildah@1.23.4-r0?arch=armhf&distroversion=v3.15&reponame=community
purl pkg:apk/alpine/buildah@1.23.4-r0?arch=armhf&distroversion=v3.15&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/buildah@1.23.4-r0%3Farch=armhf&distroversion=v3.15&reponame=community
aliases CVE-2022-27651, GHSA-c3g4-w6cv-6v7h
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-gs2e-ztdw-ayft
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:apk/alpine/buildah@1.23.4-r0%3Farch=armhf&distroversion=v3.15&reponame=community