Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:deb/debian/ceph@16.2.15%2Bds-0%2Bdeb12u1
Typedeb
Namespacedebian
Nameceph
Version16.2.15+ds-0+deb12u1
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version18.2.8+ds-1
Latest_non_vulnerable_version18.2.8+ds-1
Affected_by_vulnerabilities
0
url VCID-18bk-met9-qfc9
vulnerability_id VCID-18bk-met9-qfc9
summary pybind: Improper use of Pybind
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-31884.json
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-31884.json
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-31884
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-31884
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1126573
reference_id 1126573
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1126573
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2389907
reference_id 2389907
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2389907
5
reference_url https://access.redhat.com/errata/RHSA-2026:2711
reference_id RHSA-2026:2711
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2711
6
reference_url https://access.redhat.com/errata/RHSA-2026:2737
reference_id RHSA-2026:2737
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2737
7
reference_url https://access.redhat.com/errata/RHSA-2026:2800
reference_id RHSA-2026:2800
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2800
8
reference_url https://usn.ubuntu.com/8045-1/
reference_id USN-8045-1
reference_type
scores
url https://usn.ubuntu.com/8045-1/
fixed_packages
0
url pkg:deb/debian/ceph@18.2.8%2Bds-1
purl pkg:deb/debian/ceph@18.2.8%2Bds-1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ceph@18.2.8%252Bds-1
aliases CVE-2024-31884
risk_score 3.0
exploitability 0.5
weighted_severity 5.9
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-18bk-met9-qfc9
1
url VCID-1yz5-m9s7-nqdm
vulnerability_id VCID-1yz5-m9s7-nqdm
summary rgw: RGW DoS attack with empty HTTP header in S3 object copy
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-47866.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-47866.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-47866
reference_id
reference_type
scores
0
value 0.00187
scoring_system epss
scoring_elements 0.405
published_at 2026-04-18T12:55:00Z
1
value 0.00187
scoring_system epss
scoring_elements 0.40541
published_at 2026-04-11T12:55:00Z
2
value 0.00187
scoring_system epss
scoring_elements 0.40504
published_at 2026-04-12T12:55:00Z
3
value 0.00187
scoring_system epss
scoring_elements 0.40484
published_at 2026-04-13T12:55:00Z
4
value 0.00187
scoring_system epss
scoring_elements 0.40532
published_at 2026-04-16T12:55:00Z
5
value 0.00194
scoring_system epss
scoring_elements 0.41399
published_at 2026-04-09T12:55:00Z
6
value 0.00211
scoring_system epss
scoring_elements 0.43642
published_at 2026-04-08T12:55:00Z
7
value 0.00211
scoring_system epss
scoring_elements 0.43591
published_at 2026-04-07T12:55:00Z
8
value 0.00211
scoring_system epss
scoring_elements 0.43629
published_at 2026-04-02T12:55:00Z
9
value 0.00211
scoring_system epss
scoring_elements 0.43654
published_at 2026-04-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-47866
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-47866
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-47866
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1120797
reference_id 1120797
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1120797
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2392386
reference_id 2392386
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2392386
6
reference_url https://github.com/ceph/ceph/security/advisories/GHSA-mgrm-g92q-f8h8
reference_id GHSA-mgrm-g92q-f8h8
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-11T15:29:41Z/
url https://github.com/ceph/ceph/security/advisories/GHSA-mgrm-g92q-f8h8
7
reference_url https://usn.ubuntu.com/8045-1/
reference_id USN-8045-1
reference_type
scores
url https://usn.ubuntu.com/8045-1/
fixed_packages
0
url pkg:deb/debian/ceph@18.2.8%2Bds-1
purl pkg:deb/debian/ceph@18.2.8%2Bds-1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ceph@18.2.8%252Bds-1
aliases CVE-2024-47866
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1yz5-m9s7-nqdm
2
url VCID-r1ah-c6z7-vyen
vulnerability_id VCID-r1ah-c6z7-vyen
summary ceph: privilege escalation by unprivileged users in a ceph-fuse mounted CephFS
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-52555.json
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:C/C:H/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-52555.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-52555
reference_id
reference_type
scores
0
value 0.00021
scoring_system epss
scoring_elements 0.05524
published_at 2026-04-02T12:55:00Z
1
value 0.00021
scoring_system epss
scoring_elements 0.05542
published_at 2026-04-18T12:55:00Z
2
value 0.00021
scoring_system epss
scoring_elements 0.05595
published_at 2026-04-08T12:55:00Z
3
value 0.00021
scoring_system epss
scoring_elements 0.0562
published_at 2026-04-09T12:55:00Z
4
value 0.00021
scoring_system epss
scoring_elements 0.05591
published_at 2026-04-12T12:55:00Z
5
value 0.00021
scoring_system epss
scoring_elements 0.05584
published_at 2026-04-13T12:55:00Z
6
value 0.00021
scoring_system epss
scoring_elements 0.05532
published_at 2026-04-16T12:55:00Z
7
value 0.00021
scoring_system epss
scoring_elements 0.05559
published_at 2026-04-04T12:55:00Z
8
value 0.00021
scoring_system epss
scoring_elements 0.05558
published_at 2026-04-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-52555
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-52555
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-52555
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1108410
reference_id 1108410
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1108410
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2374412
reference_id 2374412
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2374412
6
reference_url https://github.com/ceph/ceph/pull/60314
reference_id 60314
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:C/C:H/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-26T20:40:04Z/
url https://github.com/ceph/ceph/pull/60314
7
reference_url https://github.com/ceph/ceph/security/advisories/GHSA-89hm-qq33-2fjm
reference_id GHSA-89hm-qq33-2fjm
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:C/C:H/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-26T20:40:04Z/
url https://github.com/ceph/ceph/security/advisories/GHSA-89hm-qq33-2fjm
fixed_packages
0
url pkg:deb/debian/ceph@18.2.7%2Bds-1
purl pkg:deb/debian/ceph@18.2.7%2Bds-1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-18bk-met9-qfc9
1
vulnerability VCID-1yz5-m9s7-nqdm
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ceph@18.2.7%252Bds-1
aliases CVE-2025-52555
risk_score 3.0
exploitability 0.5
weighted_severity 5.9
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-r1ah-c6z7-vyen
Fixing_vulnerabilities
0
url VCID-18bk-met9-qfc9
vulnerability_id VCID-18bk-met9-qfc9
summary pybind: Improper use of Pybind
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-31884.json
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-31884.json
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-31884
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-31884
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1126573
reference_id 1126573
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1126573
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2389907
reference_id 2389907
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2389907
5
reference_url https://access.redhat.com/errata/RHSA-2026:2711
reference_id RHSA-2026:2711
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2711
6
reference_url https://access.redhat.com/errata/RHSA-2026:2737
reference_id RHSA-2026:2737
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2737
7
reference_url https://access.redhat.com/errata/RHSA-2026:2800
reference_id RHSA-2026:2800
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2800
8
reference_url https://usn.ubuntu.com/8045-1/
reference_id USN-8045-1
reference_type
scores
url https://usn.ubuntu.com/8045-1/
fixed_packages
0
url pkg:deb/debian/ceph@16.2.15%2Bds-0%2Bdeb12u1
purl pkg:deb/debian/ceph@16.2.15%2Bds-0%2Bdeb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-18bk-met9-qfc9
1
vulnerability VCID-1yz5-m9s7-nqdm
2
vulnerability VCID-r1ah-c6z7-vyen
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ceph@16.2.15%252Bds-0%252Bdeb12u1
1
url pkg:deb/debian/ceph@18.2.8%2Bds-1
purl pkg:deb/debian/ceph@18.2.8%2Bds-1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ceph@18.2.8%252Bds-1
aliases CVE-2024-31884
risk_score 3.0
exploitability 0.5
weighted_severity 5.9
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-18bk-met9-qfc9
1
url VCID-1yz5-m9s7-nqdm
vulnerability_id VCID-1yz5-m9s7-nqdm
summary rgw: RGW DoS attack with empty HTTP header in S3 object copy
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-47866.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-47866.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-47866
reference_id
reference_type
scores
0
value 0.00187
scoring_system epss
scoring_elements 0.405
published_at 2026-04-18T12:55:00Z
1
value 0.00187
scoring_system epss
scoring_elements 0.40541
published_at 2026-04-11T12:55:00Z
2
value 0.00187
scoring_system epss
scoring_elements 0.40504
published_at 2026-04-12T12:55:00Z
3
value 0.00187
scoring_system epss
scoring_elements 0.40484
published_at 2026-04-13T12:55:00Z
4
value 0.00187
scoring_system epss
scoring_elements 0.40532
published_at 2026-04-16T12:55:00Z
5
value 0.00194
scoring_system epss
scoring_elements 0.41399
published_at 2026-04-09T12:55:00Z
6
value 0.00211
scoring_system epss
scoring_elements 0.43642
published_at 2026-04-08T12:55:00Z
7
value 0.00211
scoring_system epss
scoring_elements 0.43591
published_at 2026-04-07T12:55:00Z
8
value 0.00211
scoring_system epss
scoring_elements 0.43629
published_at 2026-04-02T12:55:00Z
9
value 0.00211
scoring_system epss
scoring_elements 0.43654
published_at 2026-04-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-47866
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-47866
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-47866
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1120797
reference_id 1120797
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1120797
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2392386
reference_id 2392386
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2392386
6
reference_url https://github.com/ceph/ceph/security/advisories/GHSA-mgrm-g92q-f8h8
reference_id GHSA-mgrm-g92q-f8h8
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-11T15:29:41Z/
url https://github.com/ceph/ceph/security/advisories/GHSA-mgrm-g92q-f8h8
7
reference_url https://usn.ubuntu.com/8045-1/
reference_id USN-8045-1
reference_type
scores
url https://usn.ubuntu.com/8045-1/
fixed_packages
0
url pkg:deb/debian/ceph@16.2.15%2Bds-0%2Bdeb12u1
purl pkg:deb/debian/ceph@16.2.15%2Bds-0%2Bdeb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-18bk-met9-qfc9
1
vulnerability VCID-1yz5-m9s7-nqdm
2
vulnerability VCID-r1ah-c6z7-vyen
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ceph@16.2.15%252Bds-0%252Bdeb12u1
1
url pkg:deb/debian/ceph@18.2.8%2Bds-1
purl pkg:deb/debian/ceph@18.2.8%2Bds-1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ceph@18.2.8%252Bds-1
aliases CVE-2024-47866
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1yz5-m9s7-nqdm
2
url VCID-47cr-h639-tqd4
vulnerability_id VCID-47cr-h639-tqd4
summary rgw: improperly verified POST keys
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-43040.json
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-43040.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-43040
reference_id
reference_type
scores
0
value 0.06202
scoring_system epss
scoring_elements 0.90823
published_at 2026-04-02T12:55:00Z
1
value 0.06202
scoring_system epss
scoring_elements 0.9089
published_at 2026-04-18T12:55:00Z
2
value 0.06202
scoring_system epss
scoring_elements 0.90855
published_at 2026-04-08T12:55:00Z
3
value 0.06202
scoring_system epss
scoring_elements 0.90862
published_at 2026-04-09T12:55:00Z
4
value 0.06202
scoring_system epss
scoring_elements 0.9087
published_at 2026-04-12T12:55:00Z
5
value 0.06202
scoring_system epss
scoring_elements 0.90868
published_at 2026-04-13T12:55:00Z
6
value 0.06202
scoring_system epss
scoring_elements 0.90893
published_at 2026-04-16T12:55:00Z
7
value 0.06202
scoring_system epss
scoring_elements 0.90833
published_at 2026-04-04T12:55:00Z
8
value 0.06202
scoring_system epss
scoring_elements 0.90844
published_at 2026-04-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-43040
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-43040
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-43040
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1053690
reference_id 1053690
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1053690
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2216855
reference_id 2216855
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2216855
6
reference_url https://exchange.xforce.ibmcloud.com/vulnerabilities/266807
reference_id 266807
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-13T16:41:59Z/
url https://exchange.xforce.ibmcloud.com/vulnerabilities/266807
7
reference_url https://www.ibm.com/support/pages/node/7151040
reference_id 7151040
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-13T16:41:59Z/
url https://www.ibm.com/support/pages/node/7151040
8
reference_url https://access.redhat.com/errata/RHSA-2023:5693
reference_id RHSA-2023:5693
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5693
9
reference_url https://access.redhat.com/errata/RHSA-2024:0745
reference_id RHSA-2024:0745
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:0745
10
reference_url https://usn.ubuntu.com/6613-1/
reference_id USN-6613-1
reference_type
scores
url https://usn.ubuntu.com/6613-1/
fixed_packages
0
url pkg:deb/debian/ceph@16.2.15%2Bds-0%2Bdeb12u1
purl pkg:deb/debian/ceph@16.2.15%2Bds-0%2Bdeb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-18bk-met9-qfc9
1
vulnerability VCID-1yz5-m9s7-nqdm
2
vulnerability VCID-r1ah-c6z7-vyen
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ceph@16.2.15%252Bds-0%252Bdeb12u1
aliases CVE-2023-43040
risk_score 2.9
exploitability 0.5
weighted_severity 5.7
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-47cr-h639-tqd4
3
url VCID-54nw-yq6d-2ueu
vulnerability_id VCID-54nw-yq6d-2ueu
summary A vulnerability has been found in Ceph which can lead to root privilege escalation.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-3650.json
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-3650.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-3650
reference_id
reference_type
scores
0
value 0.00026
scoring_system epss
scoring_elements 0.07083
published_at 2026-04-02T12:55:00Z
1
value 0.00026
scoring_system epss
scoring_elements 0.07132
published_at 2026-04-04T12:55:00Z
2
value 0.00026
scoring_system epss
scoring_elements 0.07108
published_at 2026-04-07T12:55:00Z
3
value 0.00026
scoring_system epss
scoring_elements 0.07161
published_at 2026-04-08T12:55:00Z
4
value 0.00026
scoring_system epss
scoring_elements 0.07193
published_at 2026-04-09T12:55:00Z
5
value 0.00026
scoring_system epss
scoring_elements 0.0719
published_at 2026-04-11T12:55:00Z
6
value 0.00026
scoring_system epss
scoring_elements 0.07179
published_at 2026-04-12T12:55:00Z
7
value 0.00026
scoring_system epss
scoring_elements 0.07171
published_at 2026-04-13T12:55:00Z
8
value 0.00026
scoring_system epss
scoring_elements 0.07106
published_at 2026-04-16T12:55:00Z
9
value 0.00026
scoring_system epss
scoring_elements 0.07084
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-3650
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3650
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3650
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1024932
reference_id 1024932
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1024932
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2136909
reference_id 2136909
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2136909
6
reference_url https://security.gentoo.org/glsa/202312-10
reference_id GLSA-202312-10
reference_type
scores
url https://security.gentoo.org/glsa/202312-10
7
reference_url https://access.redhat.com/errata/RHSA-2023:0980
reference_id RHSA-2023:0980
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0980
8
reference_url https://usn.ubuntu.com/6063-1/
reference_id USN-6063-1
reference_type
scores
url https://usn.ubuntu.com/6063-1/
9
reference_url https://usn.ubuntu.com/6292-1/
reference_id USN-6292-1
reference_type
scores
url https://usn.ubuntu.com/6292-1/
fixed_packages
0
url pkg:deb/debian/ceph@16.2.15%2Bds-0%2Bdeb12u1
purl pkg:deb/debian/ceph@16.2.15%2Bds-0%2Bdeb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-18bk-met9-qfc9
1
vulnerability VCID-1yz5-m9s7-nqdm
2
vulnerability VCID-r1ah-c6z7-vyen
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ceph@16.2.15%252Bds-0%252Bdeb12u1
aliases CVE-2022-3650
risk_score 4.0
exploitability 0.5
weighted_severity 7.9
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-54nw-yq6d-2ueu
4
url VCID-5bgn-2pbq-6yd1
vulnerability_id VCID-5bgn-2pbq-6yd1
summary ceph: user/tenant can obtain access (read/write) to any share
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-0670.json
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-0670.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-0670
reference_id
reference_type
scores
0
value 0.00196
scoring_system epss
scoring_elements 0.41515
published_at 2026-04-01T12:55:00Z
1
value 0.00196
scoring_system epss
scoring_elements 0.41604
published_at 2026-04-02T12:55:00Z
2
value 0.00196
scoring_system epss
scoring_elements 0.41632
published_at 2026-04-04T12:55:00Z
3
value 0.00196
scoring_system epss
scoring_elements 0.41559
published_at 2026-04-07T12:55:00Z
4
value 0.00196
scoring_system epss
scoring_elements 0.41609
published_at 2026-04-08T12:55:00Z
5
value 0.00196
scoring_system epss
scoring_elements 0.4164
published_at 2026-04-11T12:55:00Z
6
value 0.00196
scoring_system epss
scoring_elements 0.41607
published_at 2026-04-12T12:55:00Z
7
value 0.00196
scoring_system epss
scoring_elements 0.41594
published_at 2026-04-13T12:55:00Z
8
value 0.00196
scoring_system epss
scoring_elements 0.41618
published_at 2026-04-09T12:55:00Z
9
value 0.00223
scoring_system epss
scoring_elements 0.44967
published_at 2026-04-16T12:55:00Z
10
value 0.00223
scoring_system epss
scoring_elements 0.4496
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-0670
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0670
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0670
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1016069
reference_id 1016069
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1016069
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2050728
reference_id 2050728
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2050728
6
reference_url https://access.redhat.com/errata/RHSA-2022:5997
reference_id RHSA-2022:5997
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:5997
7
reference_url https://usn.ubuntu.com/6063-1/
reference_id USN-6063-1
reference_type
scores
url https://usn.ubuntu.com/6063-1/
fixed_packages
0
url pkg:deb/debian/ceph@16.2.15%2Bds-0%2Bdeb12u1
purl pkg:deb/debian/ceph@16.2.15%2Bds-0%2Bdeb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-18bk-met9-qfc9
1
vulnerability VCID-1yz5-m9s7-nqdm
2
vulnerability VCID-r1ah-c6z7-vyen
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ceph@16.2.15%252Bds-0%252Bdeb12u1
aliases CVE-2022-0670
risk_score 3.6
exploitability 0.5
weighted_severity 7.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5bgn-2pbq-6yd1
5
url VCID-nczx-qfyh-xubz
vulnerability_id VCID-nczx-qfyh-xubz
summary ceph: Ceph volume does not honour osd_dmcrypt_key_size
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3979.json
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3979.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-3979
reference_id
reference_type
scores
0
value 0.00275
scoring_system epss
scoring_elements 0.50894
published_at 2026-04-01T12:55:00Z
1
value 0.00275
scoring_system epss
scoring_elements 0.50947
published_at 2026-04-02T12:55:00Z
2
value 0.00275
scoring_system epss
scoring_elements 0.50973
published_at 2026-04-04T12:55:00Z
3
value 0.00275
scoring_system epss
scoring_elements 0.5093
published_at 2026-04-07T12:55:00Z
4
value 0.00275
scoring_system epss
scoring_elements 0.50987
published_at 2026-04-08T12:55:00Z
5
value 0.00275
scoring_system epss
scoring_elements 0.50985
published_at 2026-04-09T12:55:00Z
6
value 0.00275
scoring_system epss
scoring_elements 0.51027
published_at 2026-04-11T12:55:00Z
7
value 0.00275
scoring_system epss
scoring_elements 0.51006
published_at 2026-04-12T12:55:00Z
8
value 0.00275
scoring_system epss
scoring_elements 0.5099
published_at 2026-04-13T12:55:00Z
9
value 0.00275
scoring_system epss
scoring_elements 0.51028
published_at 2026-04-16T12:55:00Z
10
value 0.00275
scoring_system epss
scoring_elements 0.51034
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-3979
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3979
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3979
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2024788
reference_id 2024788
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2024788
5
reference_url https://access.redhat.com/errata/RHSA-2022:1174
reference_id RHSA-2022:1174
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:1174
6
reference_url https://usn.ubuntu.com/6063-1/
reference_id USN-6063-1
reference_type
scores
url https://usn.ubuntu.com/6063-1/
fixed_packages
0
url pkg:deb/debian/ceph@16.2.15%2Bds-0%2Bdeb12u1
purl pkg:deb/debian/ceph@16.2.15%2Bds-0%2Bdeb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-18bk-met9-qfc9
1
vulnerability VCID-1yz5-m9s7-nqdm
2
vulnerability VCID-r1ah-c6z7-vyen
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ceph@16.2.15%252Bds-0%252Bdeb12u1
aliases CVE-2021-3979
risk_score 3.0
exploitability 0.5
weighted_severity 5.9
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-nczx-qfyh-xubz
6
url VCID-r1ah-c6z7-vyen
vulnerability_id VCID-r1ah-c6z7-vyen
summary ceph: privilege escalation by unprivileged users in a ceph-fuse mounted CephFS
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-52555.json
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:C/C:H/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-52555.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-52555
reference_id
reference_type
scores
0
value 0.00021
scoring_system epss
scoring_elements 0.05524
published_at 2026-04-02T12:55:00Z
1
value 0.00021
scoring_system epss
scoring_elements 0.05542
published_at 2026-04-18T12:55:00Z
2
value 0.00021
scoring_system epss
scoring_elements 0.05595
published_at 2026-04-08T12:55:00Z
3
value 0.00021
scoring_system epss
scoring_elements 0.0562
published_at 2026-04-09T12:55:00Z
4
value 0.00021
scoring_system epss
scoring_elements 0.05591
published_at 2026-04-12T12:55:00Z
5
value 0.00021
scoring_system epss
scoring_elements 0.05584
published_at 2026-04-13T12:55:00Z
6
value 0.00021
scoring_system epss
scoring_elements 0.05532
published_at 2026-04-16T12:55:00Z
7
value 0.00021
scoring_system epss
scoring_elements 0.05559
published_at 2026-04-04T12:55:00Z
8
value 0.00021
scoring_system epss
scoring_elements 0.05558
published_at 2026-04-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-52555
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-52555
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-52555
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1108410
reference_id 1108410
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1108410
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2374412
reference_id 2374412
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2374412
6
reference_url https://github.com/ceph/ceph/pull/60314
reference_id 60314
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:C/C:H/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-26T20:40:04Z/
url https://github.com/ceph/ceph/pull/60314
7
reference_url https://github.com/ceph/ceph/security/advisories/GHSA-89hm-qq33-2fjm
reference_id GHSA-89hm-qq33-2fjm
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:C/C:H/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-26T20:40:04Z/
url https://github.com/ceph/ceph/security/advisories/GHSA-89hm-qq33-2fjm
fixed_packages
0
url pkg:deb/debian/ceph@16.2.15%2Bds-0%2Bdeb12u1
purl pkg:deb/debian/ceph@16.2.15%2Bds-0%2Bdeb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-18bk-met9-qfc9
1
vulnerability VCID-1yz5-m9s7-nqdm
2
vulnerability VCID-r1ah-c6z7-vyen
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ceph@16.2.15%252Bds-0%252Bdeb12u1
1
url pkg:deb/debian/ceph@18.2.7%2Bds-1
purl pkg:deb/debian/ceph@18.2.7%2Bds-1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-18bk-met9-qfc9
1
vulnerability VCID-1yz5-m9s7-nqdm
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ceph@18.2.7%252Bds-1
aliases CVE-2025-52555
risk_score 3.0
exploitability 0.5
weighted_severity 5.9
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-r1ah-c6z7-vyen
Risk_score3.4
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:deb/debian/ceph@16.2.15%252Bds-0%252Bdeb12u1