Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:rpm/redhat/ceph@2:18.2.1-381?arch=el8cp

Type rpm

Namespace redhat

Name ceph

Version 2:18.2.1-381

Qualifiers

arch	el8cp

Subpath

Is_vulnerable true

Next_non_vulnerable_version null

Latest_non_vulnerable_version null

Affected_by_vulnerabilities

url

VCID-18bk-met9-qfc9

vulnerability_id

VCID-18bk-met9-qfc9

summary

pybind: Improper use of Pybind

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-31884.json

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-31884.json

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-31884
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-31884

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1126573
reference_id	1126573
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1126573

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2389907
reference_id	2389907
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2389907

reference_url	https://access.redhat.com/errata/RHSA-2026:2711
reference_id	RHSA-2026:2711
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:2711

reference_url	https://access.redhat.com/errata/RHSA-2026:2737
reference_id	RHSA-2026:2737
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:2737

reference_url	https://access.redhat.com/errata/RHSA-2026:2800
reference_id	RHSA-2026:2800
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:2800

reference_url	https://usn.ubuntu.com/8045-1/
reference_id	USN-8045-1
reference_type
scores
url	https://usn.ubuntu.com/8045-1/

fixed_packages

aliases

CVE-2024-31884

risk_score

3.0

exploitability

0.5

weighted_severity

5.9

resource_url

http://public2.vulnerablecode.io/vulnerabilities/VCID-18bk-met9-qfc9

url

VCID-1yz5-m9s7-nqdm

vulnerability_id

VCID-1yz5-m9s7-nqdm

summary

rgw: RGW DoS attack with empty HTTP header in S3 object copy

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-47866.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-47866.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-47866

reference_id

reference_type

scores

value	0.00187
scoring_system	epss
scoring_elements	0.40424
published_at	2026-04-21T12:55:00Z

value	0.00187
scoring_system	epss
scoring_elements	0.40541
published_at	2026-04-11T12:55:00Z

value	0.00187
scoring_system	epss
scoring_elements	0.40504
published_at	2026-04-12T12:55:00Z

value	0.00187
scoring_system	epss
scoring_elements	0.40484
published_at	2026-04-13T12:55:00Z

value	0.00187
scoring_system	epss
scoring_elements	0.40532
published_at	2026-04-16T12:55:00Z

value	0.00187
scoring_system	epss
scoring_elements	0.405
published_at	2026-04-18T12:55:00Z

value	0.00194
scoring_system	epss
scoring_elements	0.41399
published_at	2026-04-09T12:55:00Z

value	0.00211
scoring_system	epss
scoring_elements	0.43642
published_at	2026-04-08T12:55:00Z

value	0.00211
scoring_system	epss
scoring_elements	0.43629
published_at	2026-04-02T12:55:00Z

value	0.00211
scoring_system	epss
scoring_elements	0.43654
published_at	2026-04-04T12:55:00Z

value	0.00211
scoring_system	epss
scoring_elements	0.43591
published_at	2026-04-07T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-47866

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-47866
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-47866

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1120797
reference_id	1120797
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1120797

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2392386
reference_id	2392386
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2392386

reference_url

https://github.com/ceph/ceph/security/advisories/GHSA-mgrm-g92q-f8h8

reference_id

GHSA-mgrm-g92q-f8h8

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-11T15:29:41Z/

url

https://github.com/ceph/ceph/security/advisories/GHSA-mgrm-g92q-f8h8

reference_url	https://usn.ubuntu.com/8045-1/
reference_id	USN-8045-1
reference_type
scores
url	https://usn.ubuntu.com/8045-1/

fixed_packages

aliases

CVE-2024-47866

risk_score

3.4

exploitability

0.5

weighted_severity

6.8

resource_url

http://public2.vulnerablecode.io/vulnerabilities/VCID-1yz5-m9s7-nqdm

url

VCID-864e-hkby-qfh6

vulnerability_id

VCID-864e-hkby-qfh6

summary

Arbitrary Code Execution in underscore
The package `underscore` from 1.13.0-0 and before 1.13.0-2, from 1.3.2 and before 1.12.1 are vulnerable to Arbitrary Code Execution via the template function, particularly when a variable property is passed as an argument as it is not sanitized.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-23358.json

reference_id

reference_type

scores

value	7.2
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-23358.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-23358

reference_id

reference_type

scores

value	0.01078
scoring_system	epss
scoring_elements	0.77848
published_at	2026-04-21T12:55:00Z

value	0.01078
scoring_system	epss
scoring_elements	0.77853
published_at	2026-04-18T12:55:00Z

value	0.01078
scoring_system	epss
scoring_elements	0.77855
published_at	2026-04-16T12:55:00Z

value	0.01078
scoring_system	epss
scoring_elements	0.77767
published_at	2026-04-02T12:55:00Z

value	0.01078
scoring_system	epss
scoring_elements	0.7776
published_at	2026-04-01T12:55:00Z

value	0.01078
scoring_system	epss
scoring_elements	0.77793
published_at	2026-04-04T12:55:00Z

value	0.01078
scoring_system	epss
scoring_elements	0.77818
published_at	2026-04-13T12:55:00Z

value	0.01078
scoring_system	epss
scoring_elements	0.77819
published_at	2026-04-12T12:55:00Z

value	0.01078
scoring_system	epss
scoring_elements	0.77835
published_at	2026-04-11T12:55:00Z

value	0.01078
scoring_system	epss
scoring_elements	0.77809
published_at	2026-04-09T12:55:00Z

value	0.01078
scoring_system	epss
scoring_elements	0.77777
published_at	2026-04-07T12:55:00Z

value	0.01078
scoring_system	epss
scoring_elements	0.77804
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-23358

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23358
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23358

reference_url

http://seclists.org/fulldisclosure/2025/Apr/14

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

http://seclists.org/fulldisclosure/2025/Apr/14

reference_url

https://github.com/jashkenas/underscore

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/jashkenas/underscore

reference_url

https://github.com/jashkenas/underscore/blob/master/modules/template.js%23L71

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-08-29T15:48:41Z/

url

https://github.com/jashkenas/underscore/blob/master/modules/template.js%23L71

reference_url

https://github.com/jashkenas/underscore/commit/4c73526d43838ad6ab43a6134728776632adeb66

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/jashkenas/underscore/commit/4c73526d43838ad6ab43a6134728776632adeb66

reference_url

https://github.com/jashkenas/underscore/pull/2917

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/jashkenas/underscore/pull/2917

reference_url

https://github.com/jashkenas/underscore/releases/tag/1.12.1

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/jashkenas/underscore/releases/tag/1.12.1

reference_url

https://lists.apache.org/thread.html/r5df90c46f7000c4aab246e947f62361ecfb849c5a553dcdb0ef545e1@%3Cissues.cordova.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r5df90c46f7000c4aab246e947f62361ecfb849c5a553dcdb0ef545e1@%3Cissues.cordova.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r5df90c46f7000c4aab246e947f62361ecfb849c5a553dcdb0ef545e1%40%3Cissues.cordova.apache.org%3E

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-08-29T15:48:41Z/

url

https://lists.apache.org/thread.html/r5df90c46f7000c4aab246e947f62361ecfb849c5a553dcdb0ef545e1%40%3Cissues.cordova.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r770f910653772317b117ab4472b0a32c266ee4abbafda28b8a6f9306@%3Cissues.cordova.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r770f910653772317b117ab4472b0a32c266ee4abbafda28b8a6f9306@%3Cissues.cordova.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r770f910653772317b117ab4472b0a32c266ee4abbafda28b8a6f9306%40%3Cissues.cordova.apache.org%3E

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-08-29T15:48:41Z/

url

https://lists.apache.org/thread.html/r770f910653772317b117ab4472b0a32c266ee4abbafda28b8a6f9306%40%3Cissues.cordova.apache.org%3E

reference_url

https://lists.apache.org/thread.html/raae088abdfa4fbd84e1d19d7a7ffe52bf8e426b83e6599ea9a734dba@%3Cissues.cordova.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/raae088abdfa4fbd84e1d19d7a7ffe52bf8e426b83e6599ea9a734dba@%3Cissues.cordova.apache.org%3E

reference_url

https://lists.apache.org/thread.html/raae088abdfa4fbd84e1d19d7a7ffe52bf8e426b83e6599ea9a734dba%40%3Cissues.cordova.apache.org%3E

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-08-29T15:48:41Z/

url

https://lists.apache.org/thread.html/raae088abdfa4fbd84e1d19d7a7ffe52bf8e426b83e6599ea9a734dba%40%3Cissues.cordova.apache.org%3E

reference_url

https://lists.apache.org/thread.html/rbc84926bacd377503a3f5c37b923c1931f9d343754488d94e6f08039@%3Cissues.cordova.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/rbc84926bacd377503a3f5c37b923c1931f9d343754488d94e6f08039@%3Cissues.cordova.apache.org%3E

reference_url

https://lists.apache.org/thread.html/rbc84926bacd377503a3f5c37b923c1931f9d343754488d94e6f08039%40%3Cissues.cordova.apache.org%3E

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-08-29T15:48:41Z/

url

https://lists.apache.org/thread.html/rbc84926bacd377503a3f5c37b923c1931f9d343754488d94e6f08039%40%3Cissues.cordova.apache.org%3E

reference_url

https://lists.apache.org/thread.html/re69ee408b3983b43e9c4a82a9a17cbbf8681bb91a4b61b46f365aeaf@%3Cissues.cordova.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/re69ee408b3983b43e9c4a82a9a17cbbf8681bb91a4b61b46f365aeaf@%3Cissues.cordova.apache.org%3E

reference_url

https://lists.apache.org/thread.html/re69ee408b3983b43e9c4a82a9a17cbbf8681bb91a4b61b46f365aeaf%40%3Cissues.cordova.apache.org%3E

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-08-29T15:48:41Z/

url

https://lists.apache.org/thread.html/re69ee408b3983b43e9c4a82a9a17cbbf8681bb91a4b61b46f365aeaf%40%3Cissues.cordova.apache.org%3E

reference_url

https://lists.debian.org/debian-lts-announce/2021/03/msg00038.html

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-08-29T15:48:41Z/

url

https://lists.debian.org/debian-lts-announce/2021/03/msg00038.html

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EOKATXXETD2PF3OR36Q5PD2VSVAR6J5Z

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EOKATXXETD2PF3OR36Q5PD2VSVAR6J5Z

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FGEE7U4Z655A2MK5EW4UQQZ7B64XJWBV

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FGEE7U4Z655A2MK5EW4UQQZ7B64XJWBV

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EOKATXXETD2PF3OR36Q5PD2VSVAR6J5Z

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EOKATXXETD2PF3OR36Q5PD2VSVAR6J5Z

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FGEE7U4Z655A2MK5EW4UQQZ7B64XJWBV

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FGEE7U4Z655A2MK5EW4UQQZ7B64XJWBV

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2021-23358

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2021-23358

reference_url

https://security.netapp.com/advisory/ntap-20240808-0003

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://security.netapp.com/advisory/ntap-20240808-0003

reference_url

https://security.netapp.com/advisory/ntap-20241108-0002

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://security.netapp.com/advisory/ntap-20241108-0002

reference_url

https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWER-1081504

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-08-29T15:48:41Z/

url

https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWER-1081504

reference_url

https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWERGITHUBJASHKENAS-1081505

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-08-29T15:48:41Z/

url

https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWERGITHUBJASHKENAS-1081505

reference_url

https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1081503

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-08-29T15:48:41Z/

url

https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1081503

reference_url

https://snyk.io/vuln/SNYK-JS-UNDERSCORE-1080984

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-08-29T15:48:41Z/

url

https://snyk.io/vuln/SNYK-JS-UNDERSCORE-1080984

reference_url

https://www.debian.org/security/2021/dsa-4883

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-08-29T15:48:41Z/

url

https://www.debian.org/security/2021/dsa-4883

reference_url

https://www.npmjs.com/package/underscore

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://www.npmjs.com/package/underscore

reference_url

https://www.tenable.com/security/tns-2021-14

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-08-29T15:48:41Z/

url

https://www.tenable.com/security/tns-2021-14

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1944286
reference_id	1944286
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1944286

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=986171
reference_id	986171
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=986171

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EOKATXXETD2PF3OR36Q5PD2VSVAR6J5Z/

reference_id

EOKATXXETD2PF3OR36Q5PD2VSVAR6J5Z

reference_type

scores

value	3.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-08-29T15:48:41Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EOKATXXETD2PF3OR36Q5PD2VSVAR6J5Z/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FGEE7U4Z655A2MK5EW4UQQZ7B64XJWBV/

reference_id

FGEE7U4Z655A2MK5EW4UQQZ7B64XJWBV

reference_type

scores

value	3.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-08-29T15:48:41Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FGEE7U4Z655A2MK5EW4UQQZ7B64XJWBV/

reference_url

https://github.com/advisories/GHSA-cf4h-3jhx-xvhq

reference_id

GHSA-cf4h-3jhx-xvhq

reference_type

scores

value	CRITICAL
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-cf4h-3jhx-xvhq

reference_url	https://access.redhat.com/errata/RHSA-2021:1448
reference_id	RHSA-2021:1448
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:1448

reference_url	https://access.redhat.com/errata/RHSA-2021:2865
reference_id	RHSA-2021:2865
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:2865

reference_url	https://access.redhat.com/errata/RHSA-2022:6393
reference_id	RHSA-2022:6393
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:6393

reference_url	https://access.redhat.com/errata/RHSA-2026:2737
reference_id	RHSA-2026:2737
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:2737

reference_url	https://access.redhat.com/errata/RHSA-2026:3406
reference_id	RHSA-2026:3406
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:3406

reference_url	https://usn.ubuntu.com/4913-1/
reference_id	USN-4913-1
reference_type
scores
url	https://usn.ubuntu.com/4913-1/

reference_url	https://usn.ubuntu.com/4913-2/
reference_id	USN-4913-2
reference_type
scores
url	https://usn.ubuntu.com/4913-2/

fixed_packages

aliases

CVE-2021-23358, GHSA-cf4h-3jhx-xvhq

risk_score

4.5

exploitability

0.5

weighted_severity

9.0

resource_url

http://public2.vulnerablecode.io/vulnerabilities/VCID-864e-hkby-qfh6

url

VCID-h8nr-tcb7-93em

vulnerability_id

VCID-h8nr-tcb7-93em

summary

Cross-site Scripting (XSS) in serialize-javascript
A flaw was found in npm-serialize-javascript. The vulnerability occurs because the serialize-javascript module does not properly sanitize certain inputs, such as regex or other JavaScript object types, allowing an attacker to inject malicious code. This code could be executed when deserialized by a web browser, causing Cross-site scripting (XSS) attacks. This issue is critical in environments where serialized data is sent to web clients, potentially compromising the security of the website or web application using this package.

references

reference_url

https://access.redhat.com/errata/RHBA-2025:0304

reference_id

reference_type

scores

value	5.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-10T17:08:31Z/

url

https://access.redhat.com/errata/RHBA-2025:0304

reference_url

https://access.redhat.com/errata/RHSA-2025:0381

reference_id

reference_type

scores

value	5.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-10T17:08:31Z/

url

https://access.redhat.com/errata/RHSA-2025:0381

reference_url

https://access.redhat.com/errata/RHSA-2025:10853

reference_id

reference_type

scores

value	5.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-10T17:08:31Z/

url

https://access.redhat.com/errata/RHSA-2025:10853

reference_url

https://access.redhat.com/errata/RHSA-2025:1334

reference_id

reference_type

scores

value	5.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-10T17:08:31Z/

url

https://access.redhat.com/errata/RHSA-2025:1334

reference_url

https://access.redhat.com/errata/RHSA-2025:1468

reference_id

reference_type

scores

value	5.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-10T17:08:31Z/

url

https://access.redhat.com/errata/RHSA-2025:1468

reference_url

https://access.redhat.com/errata/RHSA-2025:21068

reference_id

reference_type

scores

value	5.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-10T17:08:31Z/

url

https://access.redhat.com/errata/RHSA-2025:21068

reference_url

https://access.redhat.com/errata/RHSA-2025:21203

reference_id

reference_type

scores

value	5.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-10T17:08:31Z/

url

https://access.redhat.com/errata/RHSA-2025:21203

reference_url

https://access.redhat.com/errata/RHSA-2025:3870

reference_id

reference_type

scores

value	5.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-10T17:08:31Z/

url

https://access.redhat.com/errata/RHSA-2025:3870

reference_url

https://access.redhat.com/errata/RHSA-2025:4511

reference_id

reference_type

scores

value	5.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-10T17:08:31Z/

url

https://access.redhat.com/errata/RHSA-2025:4511

reference_url

https://access.redhat.com/errata/RHSA-2025:8059

reference_id

reference_type

scores

value	5.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-10T17:08:31Z/

url

https://access.redhat.com/errata/RHSA-2025:8059

reference_url

https://access.redhat.com/errata/RHSA-2025:8078

reference_id

reference_type

scores

value	5.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-10T17:08:31Z/

url

https://access.redhat.com/errata/RHSA-2025:8078

reference_url

https://access.redhat.com/errata/RHSA-2025:8233

reference_id

reference_type

scores

value	5.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-10T17:08:31Z/

url

https://access.redhat.com/errata/RHSA-2025:8233

reference_url

https://access.redhat.com/errata/RHSA-2025:8479

reference_id

reference_type

scores

value	5.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-10T17:08:31Z/

url

https://access.redhat.com/errata/RHSA-2025:8479

reference_url

https://access.redhat.com/errata/RHSA-2025:8512

reference_id

reference_type

scores

value	5.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-10T17:08:31Z/

url

https://access.redhat.com/errata/RHSA-2025:8512

reference_url

https://access.redhat.com/errata/RHSA-2025:8544

reference_id

reference_type

scores

value	5.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-10T17:08:31Z/

url

https://access.redhat.com/errata/RHSA-2025:8544

reference_url

https://access.redhat.com/errata/RHSA-2025:8551

reference_id

reference_type

scores

value	5.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-10T17:08:31Z/

url

https://access.redhat.com/errata/RHSA-2025:8551

reference_url

https://access.redhat.com/errata/RHSA-2025:9294

reference_id

reference_type

scores

value	5.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-10T17:08:31Z/

url

https://access.redhat.com/errata/RHSA-2025:9294

reference_url

https://access.redhat.com/errata/RHSA-2026:1536

reference_id

reference_type

scores

value	5.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-10T17:08:31Z/

url

https://access.redhat.com/errata/RHSA-2026:1536

reference_url

https://access.redhat.com/errata/RHSA-2026:2769

reference_id

reference_type

scores

value	5.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-10T17:08:31Z/

url

https://access.redhat.com/errata/RHSA-2026:2769

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-11831.json

reference_id

reference_type

scores

value	5.4
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-11831.json

reference_url

https://access.redhat.com/security/cve/CVE-2024-11831

reference_id

reference_type

scores

value	5.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-10T17:08:31Z/

url

https://access.redhat.com/security/cve/CVE-2024-11831

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-11831

reference_id

reference_type

scores

value	0.00938
scoring_system	epss
scoring_elements	0.7623
published_at	2026-04-21T12:55:00Z

value	0.01098
scoring_system	epss
scoring_elements	0.78041
published_at	2026-04-11T12:55:00Z

value	0.01098
scoring_system	epss
scoring_elements	0.78015
published_at	2026-04-09T12:55:00Z

value	0.01098
scoring_system	epss
scoring_elements	0.78056
published_at	2026-04-18T12:55:00Z

value	0.01098
scoring_system	epss
scoring_elements	0.78058
published_at	2026-04-16T12:55:00Z

value	0.01098
scoring_system	epss
scoring_elements	0.78022
published_at	2026-04-13T12:55:00Z

value	0.01098
scoring_system	epss
scoring_elements	0.78024
published_at	2026-04-12T12:55:00Z

value	0.01129
scoring_system	epss
scoring_elements	0.7829
published_at	2026-04-04T12:55:00Z

value	0.01129
scoring_system	epss
scoring_elements	0.78259
published_at	2026-04-02T12:55:00Z

value	0.01129
scoring_system	epss
scoring_elements	0.78297
published_at	2026-04-08T12:55:00Z

value	0.01129
scoring_system	epss
scoring_elements	0.78271
published_at	2026-04-07T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-11831

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=2312579

reference_id

reference_type

scores

value	5.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-10T17:08:31Z/

url

https://bugzilla.redhat.com/show_bug.cgi?id=2312579

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://github.com/yahoo/serialize-javascript

reference_id

reference_type

scores

value	5.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/yahoo/serialize-javascript

reference_url

https://github.com/yahoo/serialize-javascript/commit/7f3ac252d86b802454cb43782820aea2e0f6dc25

reference_id

reference_type

scores

value	5.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/yahoo/serialize-javascript/commit/7f3ac252d86b802454cb43782820aea2e0f6dc25

reference_url

https://github.com/yahoo/serialize-javascript/commit/f27d65d3de42affe2aac14607066c293891cec4e

reference_id

reference_type

scores

value	5.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-10T17:08:31Z/

url

https://github.com/yahoo/serialize-javascript/commit/f27d65d3de42affe2aac14607066c293891cec4e

reference_url

https://github.com/yahoo/serialize-javascript/pull/173

reference_id

reference_type

scores

value	5.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-10T17:08:31Z/

url

https://github.com/yahoo/serialize-javascript/pull/173

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2024-11831

reference_id

reference_type

scores

value	5.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2024-11831

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1095767
reference_id	1095767
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1095767

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:acm:2
reference_id	cpe:/a:redhat:acm:2
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:acm:2

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:advanced_cluster_security:4
reference_id	cpe:/a:redhat:advanced_cluster_security:4
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:advanced_cluster_security:4

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:advanced_cluster_security:4.4::el8
reference_id	cpe:/a:redhat:advanced_cluster_security:4.4::el8
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:advanced_cluster_security:4.4::el8

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:advanced_cluster_security:4.5::el8
reference_id	cpe:/a:redhat:advanced_cluster_security:4.5::el8
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:advanced_cluster_security:4.5::el8

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ansible_automation_platform:2
reference_id	cpe:/a:redhat:ansible_automation_platform:2
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ansible_automation_platform:2

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:apache_camel_hawtio:4
reference_id	cpe:/a:redhat:apache_camel_hawtio:4
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:apache_camel_hawtio:4

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ceph_storage:7
reference_id	cpe:/a:redhat:ceph_storage:7
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ceph_storage:7

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ceph_storage:7.1::el8
reference_id	cpe:/a:redhat:ceph_storage:7.1::el8
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ceph_storage:7.1::el8

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ceph_storage:7.1::el9
reference_id	cpe:/a:redhat:ceph_storage:7.1::el9
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ceph_storage:7.1::el9

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ceph_storage:8
reference_id	cpe:/a:redhat:ceph_storage:8
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ceph_storage:8

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ceph_storage:8.1::el9
reference_id	cpe:/a:redhat:ceph_storage:8.1::el9
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ceph_storage:8.1::el9

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ceph_storage:8::el9
reference_id	cpe:/a:redhat:ceph_storage:8::el9
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ceph_storage:8::el9

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ceph_storage:9
reference_id	cpe:/a:redhat:ceph_storage:9
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ceph_storage:9

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ceph_storage:9.0::el10
reference_id	cpe:/a:redhat:ceph_storage:9.0::el10
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ceph_storage:9.0::el10

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ceph_storage:9.0::el9
reference_id	cpe:/a:redhat:ceph_storage:9.0::el9
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ceph_storage:9.0::el9

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:cryostat:3
reference_id	cpe:/a:redhat:cryostat:3
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:cryostat:3

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:discovery:1
reference_id	cpe:/a:redhat:discovery:1
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:discovery:1

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream
reference_id	cpe:/a:redhat:enterprise_linux:8::appstream
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb
reference_id	cpe:/a:redhat:enterprise_linux:8::crb
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream
reference_id	cpe:/a:redhat:enterprise_linux:9::appstream
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb
reference_id	cpe:/a:redhat:enterprise_linux:9::crb
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:integration:1
reference_id	cpe:/a:redhat:integration:1
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:integration:1

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_data_grid:8
reference_id	cpe:/a:redhat:jboss_data_grid:8
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_data_grid:8

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jbosseapxp
reference_id	cpe:/a:redhat:jbosseapxp
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jbosseapxp

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_enterprise_application_platform:7
reference_id	cpe:/a:redhat:jboss_enterprise_application_platform:7
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_enterprise_application_platform:7

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_enterprise_application_platform:8
reference_id	cpe:/a:redhat:jboss_enterprise_application_platform:8
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_enterprise_application_platform:8

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_enterprise_bpms_platform:7
reference_id	cpe:/a:redhat:jboss_enterprise_bpms_platform:7
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_enterprise_bpms_platform:7

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_fuse:7
reference_id	cpe:/a:redhat:jboss_fuse:7
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_fuse:7

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:logging:5
reference_id	cpe:/a:redhat:logging:5
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:logging:5

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:migration_toolkit_virtualization:2
reference_id	cpe:/a:redhat:migration_toolkit_virtualization:2
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:migration_toolkit_virtualization:2

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:3.11
reference_id	cpe:/a:redhat:openshift:3.11
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:3.11

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4
reference_id	cpe:/a:redhat:openshift:4
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift_ai
reference_id	cpe:/a:redhat:openshift_ai
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift_ai

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift_data_foundation:4.14::el9
reference_id	cpe:/a:redhat:openshift_data_foundation:4.14::el9
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift_data_foundation:4.14::el9

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift_data_foundation:4.15::el9
reference_id	cpe:/a:redhat:openshift_data_foundation:4.15::el9
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift_data_foundation:4.15::el9

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift_data_foundation:4.16::el9
reference_id	cpe:/a:redhat:openshift_data_foundation:4.16::el9
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift_data_foundation:4.16::el9

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift_data_foundation:4.17::el9
reference_id	cpe:/a:redhat:openshift_data_foundation:4.17::el9
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift_data_foundation:4.17::el9

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift_data_foundation:4.18::el9
reference_id	cpe:/a:redhat:openshift_data_foundation:4.18::el9
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift_data_foundation:4.18::el9

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift_devspaces:3
reference_id	cpe:/a:redhat:openshift_devspaces:3
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift_devspaces:3

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift_distributed_tracing:3
reference_id	cpe:/a:redhat:openshift_distributed_tracing:3
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift_distributed_tracing:3

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift_lightspeed
reference_id	cpe:/a:redhat:openshift_lightspeed
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift_lightspeed

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift_pipelines:1
reference_id	cpe:/a:redhat:openshift_pipelines:1
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift_pipelines:1

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift_pipelines:1.14::el8
reference_id	cpe:/a:redhat:openshift_pipelines:1.14::el8
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift_pipelines:1.14::el8

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift_pipelines:1.15::el8
reference_id	cpe:/a:redhat:openshift_pipelines:1.15::el8
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift_pipelines:1.15::el8

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift_pipelines:1.16::el8
reference_id	cpe:/a:redhat:openshift_pipelines:1.16::el8
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift_pipelines:1.16::el8

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift_pipelines:1.17::el8
reference_id	cpe:/a:redhat:openshift_pipelines:1.17::el8
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift_pipelines:1.17::el8

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift_pipelines:1.18::el9
reference_id	cpe:/a:redhat:openshift_pipelines:1.18::el9
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift_pipelines:1.18::el9

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift_pipelines:1.19::el9
reference_id	cpe:/a:redhat:openshift_pipelines:1.19::el9
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift_pipelines:1.19::el9

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:optaplanner:::el6
reference_id	cpe:/a:redhat:optaplanner:::el6
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:optaplanner:::el6

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:quay:3
reference_id	cpe:/a:redhat:quay:3
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:quay:3

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:red_hat_3scale_amp:2
reference_id	cpe:/a:redhat:red_hat_3scale_amp:2
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:red_hat_3scale_amp:2

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:red_hat_single_sign_on:7
reference_id	cpe:/a:redhat:red_hat_single_sign_on:7
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:red_hat_single_sign_on:7

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhdh:1
reference_id	cpe:/a:redhat:rhdh:1
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhdh:1

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_dotnet:6.0
reference_id	cpe:/a:redhat:rhel_dotnet:6.0
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_dotnet:6.0

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:satellite:6
reference_id	cpe:/a:redhat:satellite:6
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:satellite:6

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:serverless:1
reference_id	cpe:/a:redhat:serverless:1
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:serverless:1

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:service_mesh:2
reference_id	cpe:/a:redhat:service_mesh:2
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:service_mesh:2

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:service_registry:2
reference_id	cpe:/a:redhat:service_registry:2
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:service_registry:2

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:trusted_profile_analyzer:1
reference_id	cpe:/a:redhat:trusted_profile_analyzer:1
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:trusted_profile_analyzer:1

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10
reference_id	cpe:/o:redhat:enterprise_linux:10
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8
reference_id	cpe:/o:redhat:enterprise_linux:8
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9
reference_id	cpe:/o:redhat:enterprise_linux:9
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9

reference_url

https://github.com/advisories/GHSA-76p7-773f-r4q5

reference_id

GHSA-76p7-773f-r4q5

reference_type

scores

value	MODERATE
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-76p7-773f-r4q5

reference_url

https://access.redhat.com/errata/RHSA-2026:8568

reference_id

RHSA-2026:8568

reference_type

scores

value	5.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-10T17:08:31Z/

url

https://access.redhat.com/errata/RHSA-2026:8568

fixed_packages

aliases

CVE-2024-11831, GHSA-76p7-773f-r4q5

risk_score

3.1

exploitability

0.5

weighted_severity

6.2

resource_url

http://public2.vulnerablecode.io/vulnerabilities/VCID-h8nr-tcb7-93em

url

VCID-hay4-q9m3-ekdj

vulnerability_id

VCID-hay4-q9m3-ekdj

summary

crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-61729.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-61729.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-61729

reference_id

reference_type

scores

value	0.00022
scoring_system	epss
scoring_elements	0.0591
published_at	2026-04-02T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.06307
published_at	2026-04-21T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.0614
published_at	2026-04-04T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.06124
published_at	2026-04-07T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.06166
published_at	2026-04-08T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.06204
published_at	2026-04-09T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.06195
published_at	2026-04-11T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.0619
published_at	2026-04-12T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.06181
published_at	2026-04-13T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.06141
published_at	2026-04-16T12:55:00Z

value	0.00023
scoring_system	epss
scoring_elements	0.06153
published_at	2026-04-18T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-61729

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-61729
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-61729

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1121847
reference_id	1121847
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1121847

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1121848
reference_id	1121848
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1121848

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2418462
reference_id	2418462
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2418462

reference_url

https://go.dev/cl/725920

reference_id

725920

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-02T21:52:36Z/

url

https://go.dev/cl/725920

reference_url

https://go.dev/issue/76445

reference_id

76445

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-02T21:52:36Z/

url

https://go.dev/issue/76445

reference_url

https://groups.google.com/g/golang-announce/c/8FJoBkPddm4

reference_id

8FJoBkPddm4

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-02T21:52:36Z/

url

https://groups.google.com/g/golang-announce/c/8FJoBkPddm4

reference_url

https://pkg.go.dev/vuln/GO-2025-4155

reference_id

GO-2025-4155

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-02T21:52:36Z/

url

https://pkg.go.dev/vuln/GO-2025-4155

reference_url	https://access.redhat.com/errata/RHSA-2026:0921
reference_id	RHSA-2026:0921
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:0921

reference_url	https://access.redhat.com/errata/RHSA-2026:0922
reference_id	RHSA-2026:0922
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:0922

reference_url	https://access.redhat.com/errata/RHSA-2026:0923
reference_id	RHSA-2026:0923
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:0923

reference_url	https://access.redhat.com/errata/RHSA-2026:0981
reference_id	RHSA-2026:0981
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:0981

reference_url	https://access.redhat.com/errata/RHSA-2026:0990
reference_id	RHSA-2026:0990
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:0990

reference_url	https://access.redhat.com/errata/RHSA-2026:1018
reference_id	RHSA-2026:1018
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:1018

reference_url	https://access.redhat.com/errata/RHSA-2026:10184
reference_id	RHSA-2026:10184
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:10184

reference_url	https://access.redhat.com/errata/RHSA-2026:10225
reference_id	RHSA-2026:10225
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:10225

reference_url	https://access.redhat.com/errata/RHSA-2026:10250
reference_id	RHSA-2026:10250
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:10250

reference_url	https://access.redhat.com/errata/RHSA-2026:1038
reference_id	RHSA-2026:1038
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:1038

reference_url	https://access.redhat.com/errata/RHSA-2026:1042
reference_id	RHSA-2026:1042
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:1042

reference_url	https://access.redhat.com/errata/RHSA-2026:1166
reference_id	RHSA-2026:1166
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:1166

reference_url	https://access.redhat.com/errata/RHSA-2026:1168
reference_id	RHSA-2026:1168
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:1168

reference_url	https://access.redhat.com/errata/RHSA-2026:1249
reference_id	RHSA-2026:1249
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:1249

reference_url	https://access.redhat.com/errata/RHSA-2026:1344
reference_id	RHSA-2026:1344
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:1344

reference_url	https://access.redhat.com/errata/RHSA-2026:1416
reference_id	RHSA-2026:1416
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:1416

reference_url	https://access.redhat.com/errata/RHSA-2026:1431
reference_id	RHSA-2026:1431
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:1431

reference_url	https://access.redhat.com/errata/RHSA-2026:1497
reference_id	RHSA-2026:1497
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:1497

reference_url	https://access.redhat.com/errata/RHSA-2026:1506
reference_id	RHSA-2026:1506
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:1506

reference_url	https://access.redhat.com/errata/RHSA-2026:1517
reference_id	RHSA-2026:1517
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:1517

reference_url	https://access.redhat.com/errata/RHSA-2026:1518
reference_id	RHSA-2026:1518
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:1518

reference_url	https://access.redhat.com/errata/RHSA-2026:1715
reference_id	RHSA-2026:1715
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:1715

reference_url	https://access.redhat.com/errata/RHSA-2026:1813
reference_id	RHSA-2026:1813
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:1813

reference_url	https://access.redhat.com/errata/RHSA-2026:1814
reference_id	RHSA-2026:1814
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:1814

reference_url	https://access.redhat.com/errata/RHSA-2026:1845
reference_id	RHSA-2026:1845
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:1845

reference_url	https://access.redhat.com/errata/RHSA-2026:1896
reference_id	RHSA-2026:1896
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:1896

reference_url	https://access.redhat.com/errata/RHSA-2026:1907
reference_id	RHSA-2026:1907
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:1907

reference_url	https://access.redhat.com/errata/RHSA-2026:1908
reference_id	RHSA-2026:1908
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:1908

reference_url	https://access.redhat.com/errata/RHSA-2026:1938
reference_id	RHSA-2026:1938
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:1938

reference_url	https://access.redhat.com/errata/RHSA-2026:1942
reference_id	RHSA-2026:1942
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:1942

reference_url	https://access.redhat.com/errata/RHSA-2026:2123
reference_id	RHSA-2026:2123
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:2123

reference_url	https://access.redhat.com/errata/RHSA-2026:2124
reference_id	RHSA-2026:2124
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:2124

reference_url	https://access.redhat.com/errata/RHSA-2026:2133
reference_id	RHSA-2026:2133
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:2133

reference_url	https://access.redhat.com/errata/RHSA-2026:2136
reference_id	RHSA-2026:2136
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:2136

reference_url	https://access.redhat.com/errata/RHSA-2026:2138
reference_id	RHSA-2026:2138
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:2138

reference_url	https://access.redhat.com/errata/RHSA-2026:2144
reference_id	RHSA-2026:2144
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:2144

reference_url	https://access.redhat.com/errata/RHSA-2026:2146
reference_id	RHSA-2026:2146
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:2146

reference_url	https://access.redhat.com/errata/RHSA-2026:2147
reference_id	RHSA-2026:2147
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:2147

reference_url	https://access.redhat.com/errata/RHSA-2026:2148
reference_id	RHSA-2026:2148
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:2148

reference_url	https://access.redhat.com/errata/RHSA-2026:2149
reference_id	RHSA-2026:2149
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:2149

reference_url	https://access.redhat.com/errata/RHSA-2026:2201
reference_id	RHSA-2026:2201
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:2201

reference_url	https://access.redhat.com/errata/RHSA-2026:2217
reference_id	RHSA-2026:2217
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:2217

reference_url	https://access.redhat.com/errata/RHSA-2026:2218
reference_id	RHSA-2026:2218
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:2218

reference_url	https://access.redhat.com/errata/RHSA-2026:2219
reference_id	RHSA-2026:2219
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:2219

reference_url	https://access.redhat.com/errata/RHSA-2026:2223
reference_id	RHSA-2026:2223
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:2223

reference_url	https://access.redhat.com/errata/RHSA-2026:2265
reference_id	RHSA-2026:2265
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:2265

reference_url	https://access.redhat.com/errata/RHSA-2026:2320
reference_id	RHSA-2026:2320
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:2320

reference_url	https://access.redhat.com/errata/RHSA-2026:2323
reference_id	RHSA-2026:2323
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:2323

reference_url	https://access.redhat.com/errata/RHSA-2026:2334
reference_id	RHSA-2026:2334
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:2334

reference_url	https://access.redhat.com/errata/RHSA-2026:2343
reference_id	RHSA-2026:2343
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:2343

reference_url	https://access.redhat.com/errata/RHSA-2026:2367
reference_id	RHSA-2026:2367
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:2367

reference_url	https://access.redhat.com/errata/RHSA-2026:2371
reference_id	RHSA-2026:2371
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:2371

reference_url	https://access.redhat.com/errata/RHSA-2026:2374
reference_id	RHSA-2026:2374
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:2374

reference_url	https://access.redhat.com/errata/RHSA-2026:2375
reference_id	RHSA-2026:2375
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:2375

reference_url	https://access.redhat.com/errata/RHSA-2026:2376
reference_id	RHSA-2026:2376
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:2376

reference_url	https://access.redhat.com/errata/RHSA-2026:2441
reference_id	RHSA-2026:2441
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:2441

reference_url	https://access.redhat.com/errata/RHSA-2026:2454
reference_id	RHSA-2026:2454
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:2454

reference_url	https://access.redhat.com/errata/RHSA-2026:2456
reference_id	RHSA-2026:2456
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:2456

reference_url	https://access.redhat.com/errata/RHSA-2026:2571
reference_id	RHSA-2026:2571
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:2571

reference_url	https://access.redhat.com/errata/RHSA-2026:2654
reference_id	RHSA-2026:2654
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:2654

reference_url	https://access.redhat.com/errata/RHSA-2026:2675
reference_id	RHSA-2026:2675
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:2675

reference_url	https://access.redhat.com/errata/RHSA-2026:2681
reference_id	RHSA-2026:2681
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:2681

reference_url	https://access.redhat.com/errata/RHSA-2026:2754
reference_id	RHSA-2026:2754
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:2754

reference_url	https://access.redhat.com/errata/RHSA-2026:2762
reference_id	RHSA-2026:2762
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:2762

reference_url	https://access.redhat.com/errata/RHSA-2026:2914
reference_id	RHSA-2026:2914
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:2914

reference_url	https://access.redhat.com/errata/RHSA-2026:2920
reference_id	RHSA-2026:2920
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:2920

reference_url	https://access.redhat.com/errata/RHSA-2026:2921
reference_id	RHSA-2026:2921
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:2921

reference_url	https://access.redhat.com/errata/RHSA-2026:2922
reference_id	RHSA-2026:2922
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:2922

reference_url	https://access.redhat.com/errata/RHSA-2026:2926
reference_id	RHSA-2026:2926
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:2926

reference_url	https://access.redhat.com/errata/RHSA-2026:2927
reference_id	RHSA-2026:2927
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:2927

reference_url	https://access.redhat.com/errata/RHSA-2026:2951
reference_id	RHSA-2026:2951
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:2951

reference_url	https://access.redhat.com/errata/RHSA-2026:3035
reference_id	RHSA-2026:3035
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:3035

reference_url	https://access.redhat.com/errata/RHSA-2026:3040
reference_id	RHSA-2026:3040
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:3040

reference_url	https://access.redhat.com/errata/RHSA-2026:3053
reference_id	RHSA-2026:3053
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:3053

reference_url	https://access.redhat.com/errata/RHSA-2026:3087
reference_id	RHSA-2026:3087
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:3087

reference_url	https://access.redhat.com/errata/RHSA-2026:3104
reference_id	RHSA-2026:3104
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:3104

reference_url	https://access.redhat.com/errata/RHSA-2026:3107
reference_id	RHSA-2026:3107
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:3107

reference_url	https://access.redhat.com/errata/RHSA-2026:3108
reference_id	RHSA-2026:3108
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:3108

reference_url	https://access.redhat.com/errata/RHSA-2026:3111
reference_id	RHSA-2026:3111
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:3111

reference_url	https://access.redhat.com/errata/RHSA-2026:3184
reference_id	RHSA-2026:3184
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:3184

reference_url	https://access.redhat.com/errata/RHSA-2026:3287
reference_id	RHSA-2026:3287
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:3287

reference_url	https://access.redhat.com/errata/RHSA-2026:3288
reference_id	RHSA-2026:3288
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:3288

reference_url	https://access.redhat.com/errata/RHSA-2026:3289
reference_id	RHSA-2026:3289
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:3289

reference_url	https://access.redhat.com/errata/RHSA-2026:3291
reference_id	RHSA-2026:3291
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:3291

reference_url	https://access.redhat.com/errata/RHSA-2026:3296
reference_id	RHSA-2026:3296
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:3296

reference_url	https://access.redhat.com/errata/RHSA-2026:3297
reference_id	RHSA-2026:3297
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:3297

reference_url	https://access.redhat.com/errata/RHSA-2026:3298
reference_id	RHSA-2026:3298
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:3298

reference_url	https://access.redhat.com/errata/RHSA-2026:3336
reference_id	RHSA-2026:3336
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:3336

reference_url	https://access.redhat.com/errata/RHSA-2026:3337
reference_id	RHSA-2026:3337
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:3337

100

reference_url	https://access.redhat.com/errata/RHSA-2026:3340
reference_id	RHSA-2026:3340
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:3340

101

reference_url	https://access.redhat.com/errata/RHSA-2026:3341
reference_id	RHSA-2026:3341
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:3341

102

reference_url	https://access.redhat.com/errata/RHSA-2026:3343
reference_id	RHSA-2026:3343
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:3343

103

reference_url	https://access.redhat.com/errata/RHSA-2026:3428
reference_id	RHSA-2026:3428
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:3428

104

reference_url	https://access.redhat.com/errata/RHSA-2026:3459
reference_id	RHSA-2026:3459
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:3459

105

reference_url	https://access.redhat.com/errata/RHSA-2026:3506
reference_id	RHSA-2026:3506
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:3506

106

reference_url	https://access.redhat.com/errata/RHSA-2026:3713
reference_id	RHSA-2026:3713
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:3713

107

reference_url	https://access.redhat.com/errata/RHSA-2026:3752
reference_id	RHSA-2026:3752
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:3752

108

reference_url	https://access.redhat.com/errata/RHSA-2026:3753
reference_id	RHSA-2026:3753
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:3753

109

reference_url	https://access.redhat.com/errata/RHSA-2026:3782
reference_id	RHSA-2026:3782
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:3782

110

reference_url	https://access.redhat.com/errata/RHSA-2026:3812
reference_id	RHSA-2026:3812
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:3812

111

reference_url	https://access.redhat.com/errata/RHSA-2026:3815
reference_id	RHSA-2026:3815
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:3815

112

reference_url	https://access.redhat.com/errata/RHSA-2026:3816
reference_id	RHSA-2026:3816
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:3816

113

reference_url	https://access.redhat.com/errata/RHSA-2026:3817
reference_id	RHSA-2026:3817
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:3817

114

reference_url	https://access.redhat.com/errata/RHSA-2026:3818
reference_id	RHSA-2026:3818
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:3818

115

reference_url	https://access.redhat.com/errata/RHSA-2026:3820
reference_id	RHSA-2026:3820
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:3820

116

reference_url	https://access.redhat.com/errata/RHSA-2026:3821
reference_id	RHSA-2026:3821
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:3821

117

reference_url	https://access.redhat.com/errata/RHSA-2026:3822
reference_id	RHSA-2026:3822
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:3822

118

reference_url	https://access.redhat.com/errata/RHSA-2026:3827
reference_id	RHSA-2026:3827
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:3827

119

reference_url	https://access.redhat.com/errata/RHSA-2026:3831
reference_id	RHSA-2026:3831
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:3831

120

reference_url	https://access.redhat.com/errata/RHSA-2026:3833
reference_id	RHSA-2026:3833
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:3833

121

reference_url	https://access.redhat.com/errata/RHSA-2026:3835
reference_id	RHSA-2026:3835
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:3835

122

reference_url	https://access.redhat.com/errata/RHSA-2026:3836
reference_id	RHSA-2026:3836
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:3836

123

reference_url	https://access.redhat.com/errata/RHSA-2026:3838
reference_id	RHSA-2026:3838
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:3838

124

reference_url	https://access.redhat.com/errata/RHSA-2026:3839
reference_id	RHSA-2026:3839
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:3839

125

reference_url	https://access.redhat.com/errata/RHSA-2026:3840
reference_id	RHSA-2026:3840
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:3840

126

reference_url	https://access.redhat.com/errata/RHSA-2026:3841
reference_id	RHSA-2026:3841
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:3841

127

reference_url	https://access.redhat.com/errata/RHSA-2026:3843
reference_id	RHSA-2026:3843
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:3843

128

reference_url	https://access.redhat.com/errata/RHSA-2026:3854
reference_id	RHSA-2026:3854
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:3854

129

reference_url	https://access.redhat.com/errata/RHSA-2026:3864
reference_id	RHSA-2026:3864
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:3864

130

reference_url	https://access.redhat.com/errata/RHSA-2026:3879
reference_id	RHSA-2026:3879
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:3879

131

reference_url	https://access.redhat.com/errata/RHSA-2026:3880
reference_id	RHSA-2026:3880
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:3880

132

reference_url	https://access.redhat.com/errata/RHSA-2026:3884
reference_id	RHSA-2026:3884
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:3884

133

reference_url	https://access.redhat.com/errata/RHSA-2026:3905
reference_id	RHSA-2026:3905
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:3905

134

reference_url	https://access.redhat.com/errata/RHSA-2026:3928
reference_id	RHSA-2026:3928
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:3928

135

reference_url	https://access.redhat.com/errata/RHSA-2026:3929
reference_id	RHSA-2026:3929
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:3929

136

reference_url	https://access.redhat.com/errata/RHSA-2026:3930
reference_id	RHSA-2026:3930
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:3930

137

reference_url	https://access.redhat.com/errata/RHSA-2026:3931
reference_id	RHSA-2026:3931
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:3931

138

reference_url	https://access.redhat.com/errata/RHSA-2026:3932
reference_id	RHSA-2026:3932
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:3932

139

reference_url	https://access.redhat.com/errata/RHSA-2026:3970
reference_id	RHSA-2026:3970
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:3970

140

reference_url	https://access.redhat.com/errata/RHSA-2026:3971
reference_id	RHSA-2026:3971
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:3971

141

reference_url	https://access.redhat.com/errata/RHSA-2026:3972
reference_id	RHSA-2026:3972
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:3972

142

reference_url	https://access.redhat.com/errata/RHSA-2026:3973
reference_id	RHSA-2026:3973
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:3973

143

reference_url	https://access.redhat.com/errata/RHSA-2026:3974
reference_id	RHSA-2026:3974
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:3974

144

reference_url	https://access.redhat.com/errata/RHSA-2026:4164
reference_id	RHSA-2026:4164
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:4164

145

reference_url	https://access.redhat.com/errata/RHSA-2026:4166
reference_id	RHSA-2026:4166
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:4166

146

reference_url	https://access.redhat.com/errata/RHSA-2026:4185
reference_id	RHSA-2026:4185
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:4185

147

reference_url	https://access.redhat.com/errata/RHSA-2026:4211
reference_id	RHSA-2026:4211
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:4211

148

reference_url	https://access.redhat.com/errata/RHSA-2026:4215
reference_id	RHSA-2026:4215
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:4215

149

reference_url	https://access.redhat.com/errata/RHSA-2026:4270
reference_id	RHSA-2026:4270
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:4270

150

reference_url	https://access.redhat.com/errata/RHSA-2026:4276
reference_id	RHSA-2026:4276
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:4276

151

reference_url	https://access.redhat.com/errata/RHSA-2026:4434
reference_id	RHSA-2026:4434
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:4434

152

reference_url	https://access.redhat.com/errata/RHSA-2026:4464
reference_id	RHSA-2026:4464
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:4464

153

reference_url	https://access.redhat.com/errata/RHSA-2026:4466
reference_id	RHSA-2026:4466
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:4466

154

reference_url	https://access.redhat.com/errata/RHSA-2026:4467
reference_id	RHSA-2026:4467
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:4467

155

reference_url	https://access.redhat.com/errata/RHSA-2026:4498
reference_id	RHSA-2026:4498
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:4498

156

reference_url	https://access.redhat.com/errata/RHSA-2026:4500
reference_id	RHSA-2026:4500
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:4500

157

reference_url	https://access.redhat.com/errata/RHSA-2026:4510
reference_id	RHSA-2026:4510
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:4510

158

reference_url	https://access.redhat.com/errata/RHSA-2026:4753
reference_id	RHSA-2026:4753
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:4753

159

reference_url	https://access.redhat.com/errata/RHSA-2026:4892
reference_id	RHSA-2026:4892
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:4892

160

reference_url	https://access.redhat.com/errata/RHSA-2026:4901
reference_id	RHSA-2026:4901
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:4901

161

reference_url	https://access.redhat.com/errata/RHSA-2026:4907
reference_id	RHSA-2026:4907
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:4907

162

reference_url	https://access.redhat.com/errata/RHSA-2026:4936
reference_id	RHSA-2026:4936
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:4936

163

reference_url	https://access.redhat.com/errata/RHSA-2026:4939
reference_id	RHSA-2026:4939
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:4939

164

reference_url	https://access.redhat.com/errata/RHSA-2026:4942
reference_id	RHSA-2026:4942
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:4942

165

reference_url	https://access.redhat.com/errata/RHSA-2026:4952
reference_id	RHSA-2026:4952
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:4952

166

reference_url	https://access.redhat.com/errata/RHSA-2026:5022
reference_id	RHSA-2026:5022
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:5022

167

reference_url	https://access.redhat.com/errata/RHSA-2026:5030
reference_id	RHSA-2026:5030
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:5030

168

reference_url	https://access.redhat.com/errata/RHSA-2026:5031
reference_id	RHSA-2026:5031
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:5031

169

reference_url	https://access.redhat.com/errata/RHSA-2026:5076
reference_id	RHSA-2026:5076
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:5076

170

reference_url	https://access.redhat.com/errata/RHSA-2026:5077
reference_id	RHSA-2026:5077
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:5077

171

reference_url	https://access.redhat.com/errata/RHSA-2026:5078
reference_id	RHSA-2026:5078
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:5078

172

reference_url	https://access.redhat.com/errata/RHSA-2026:5079
reference_id	RHSA-2026:5079
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:5079

173

reference_url	https://access.redhat.com/errata/RHSA-2026:5110
reference_id	RHSA-2026:5110
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:5110

174

reference_url	https://access.redhat.com/errata/RHSA-2026:5146
reference_id	RHSA-2026:5146
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:5146

175

reference_url	https://access.redhat.com/errata/RHSA-2026:5327
reference_id	RHSA-2026:5327
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:5327

176

reference_url	https://access.redhat.com/errata/RHSA-2026:5394
reference_id	RHSA-2026:5394
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:5394

177

reference_url	https://access.redhat.com/errata/RHSA-2026:5461
reference_id	RHSA-2026:5461
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:5461

178

reference_url	https://access.redhat.com/errata/RHSA-2026:5533
reference_id	RHSA-2026:5533
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:5533

179

reference_url	https://access.redhat.com/errata/RHSA-2026:5544
reference_id	RHSA-2026:5544
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:5544

180

reference_url	https://access.redhat.com/errata/RHSA-2026:5636
reference_id	RHSA-2026:5636
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:5636

181

reference_url	https://access.redhat.com/errata/RHSA-2026:5645
reference_id	RHSA-2026:5645
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:5645

182

reference_url	https://access.redhat.com/errata/RHSA-2026:5807
reference_id	RHSA-2026:5807
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:5807

183

reference_url	https://access.redhat.com/errata/RHSA-2026:5851
reference_id	RHSA-2026:5851
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:5851

184

reference_url	https://access.redhat.com/errata/RHSA-2026:5852
reference_id	RHSA-2026:5852
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:5852

185

reference_url	https://access.redhat.com/errata/RHSA-2026:5853
reference_id	RHSA-2026:5853
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:5853

186

reference_url	https://access.redhat.com/errata/RHSA-2026:5866
reference_id	RHSA-2026:5866
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:5866

187

reference_url	https://access.redhat.com/errata/RHSA-2026:6184
reference_id	RHSA-2026:6184
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:6184

188

reference_url	https://access.redhat.com/errata/RHSA-2026:6192
reference_id	RHSA-2026:6192
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:6192

189

reference_url	https://access.redhat.com/errata/RHSA-2026:6226
reference_id	RHSA-2026:6226
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:6226

190

reference_url	https://access.redhat.com/errata/RHSA-2026:6428
reference_id	RHSA-2026:6428
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:6428

191

reference_url	https://access.redhat.com/errata/RHSA-2026:6568
reference_id	RHSA-2026:6568
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:6568

192

reference_url	https://access.redhat.com/errata/RHSA-2026:7052
reference_id	RHSA-2026:7052
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7052

193

reference_url	https://access.redhat.com/errata/RHSA-2026:7676
reference_id	RHSA-2026:7676
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7676

194

reference_url	https://access.redhat.com/errata/RHSA-2026:7854
reference_id	RHSA-2026:7854
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7854

195

reference_url	https://access.redhat.com/errata/RHSA-2026:7942
reference_id	RHSA-2026:7942
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7942

196

reference_url	https://access.redhat.com/errata/RHSA-2026:8151
reference_id	RHSA-2026:8151
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8151

197

reference_url	https://access.redhat.com/errata/RHSA-2026:8167
reference_id	RHSA-2026:8167
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8167

198

reference_url	https://access.redhat.com/errata/RHSA-2026:8218
reference_id	RHSA-2026:8218
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8218

199

reference_url	https://access.redhat.com/errata/RHSA-2026:8337
reference_id	RHSA-2026:8337
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8337

200

reference_url	https://access.redhat.com/errata/RHSA-2026:8338
reference_id	RHSA-2026:8338
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8338

201

reference_url	https://access.redhat.com/errata/RHSA-2026:8433
reference_id	RHSA-2026:8433
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8433

202

reference_url	https://access.redhat.com/errata/RHSA-2026:9097
reference_id	RHSA-2026:9097
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:9097

203

reference_url	https://access.redhat.com/errata/RHSA-2026:9098
reference_id	RHSA-2026:9098
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:9098

204

reference_url	https://access.redhat.com/errata/RHSA-2026:9108
reference_id	RHSA-2026:9108
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:9108

205

reference_url	https://access.redhat.com/errata/RHSA-2026:9109
reference_id	RHSA-2026:9109
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:9109

206

reference_url	https://access.redhat.com/errata/RHSA-2026:9848
reference_id	RHSA-2026:9848
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:9848

fixed_packages

aliases

CVE-2025-61729

risk_score

3.4

exploitability

0.5

weighted_severity

6.8

resource_url

http://public2.vulnerablecode.io/vulnerabilities/VCID-hay4-q9m3-ekdj

url

VCID-qb4z-jzem-myee

vulnerability_id

VCID-qb4z-jzem-myee

summary

In mistune through 2.0.2, support of inline markup is implemented by using regular expressions that can involve a high amount of backtracking on certain edge cases. This behavior is commonly named catastrophic backtracking.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-34749.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-34749.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-34749

reference_id

reference_type

scores

value	0.00521
scoring_system	epss
scoring_elements	0.66879
published_at	2026-04-21T12:55:00Z

value	0.00521
scoring_system	epss
scoring_elements	0.66896
published_at	2026-04-18T12:55:00Z

value	0.00521
scoring_system	epss
scoring_elements	0.6684
published_at	2026-04-04T12:55:00Z

value	0.00521
scoring_system	epss
scoring_elements	0.66849
published_at	2026-04-13T12:55:00Z

value	0.00521
scoring_system	epss
scoring_elements	0.66882
published_at	2026-04-16T12:55:00Z

value	0.00521
scoring_system	epss
scoring_elements	0.66895
published_at	2026-04-11T12:55:00Z

value	0.00521
scoring_system	epss
scoring_elements	0.66876
published_at	2026-04-09T12:55:00Z

value	0.00521
scoring_system	epss
scoring_elements	0.66862
published_at	2026-04-08T12:55:00Z

value	0.00521
scoring_system	epss
scoring_elements	0.66813
published_at	2026-04-07T12:55:00Z

value	0.00521
scoring_system	epss
scoring_elements	0.66815
published_at	2026-04-02T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-34749

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34749
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34749

reference_url

https://github.com/advisories/GHSA-fw3v-x4f2-v673

reference_id

reference_type

scores

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-fw3v-x4f2-v673

reference_url

https://github.com/lepture/mistune

reference_id

reference_type

scores

value	8.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H

value	8.8
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/lepture/mistune

reference_url

https://github.com/lepture/mistune/commit/a6d43215132fe4f3d93f8d7e90ba83b16a0838b2

reference_id

reference_type

scores

value	8.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H

value	8.8
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/lepture/mistune/commit/a6d43215132fe4f3d93f8d7e90ba83b16a0838b2

reference_url

https://github.com/lepture/mistune/commit/ca1e7b506850f4e488823fc7338b49a8f9852718

reference_id

reference_type

scores

value	8.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H

value	8.8
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/lepture/mistune/commit/ca1e7b506850f4e488823fc7338b49a8f9852718

reference_url

https://github.com/lepture/mistune/issues/314#issuecomment-1223972386

reference_id

reference_type

scores

value	8.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H

value	8.8
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/lepture/mistune/issues/314#issuecomment-1223972386

reference_url

https://github.com/lepture/mistune/releases

reference_id

reference_type

scores

value	8.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H

value	8.8
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/lepture/mistune/releases

reference_url

https://github.com/pypa/advisory-database/tree/main/vulns/mistune/PYSEC-2022-237.yaml

reference_id

reference_type

scores

value	8.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H

value	8.8
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/pypa/advisory-database/tree/main/vulns/mistune/PYSEC-2022-237.yaml

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TQHXITQ2DSBYOILKHXBSBB7PFBPZHF63

reference_id

reference_type

scores

value	8.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H

value	8.8
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TQHXITQ2DSBYOILKHXBSBB7PFBPZHF63

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2022-34749

reference_id

reference_type

scores

value	8.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H

value	8.8
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2022-34749

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1016089
reference_id	1016089
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1016089

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2112230
reference_id	2112230
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2112230

reference_url	https://access.redhat.com/errata/RHSA-2026:2711
reference_id	RHSA-2026:2711
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:2711

reference_url	https://access.redhat.com/errata/RHSA-2026:2737
reference_id	RHSA-2026:2737
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:2737

fixed_packages

aliases

CVE-2022-34749, GHSA-fw3v-x4f2-v673, PYSEC-2022-237

risk_score

4.0

exploitability

0.5

weighted_severity

8.0

resource_url

http://public2.vulnerablecode.io/vulnerabilities/VCID-qb4z-jzem-myee

url

VCID-qp47-aewx-wufh

vulnerability_id

VCID-qp47-aewx-wufh

summary

Bad documentation of error handling in ParseWithClaims can lead to potentially dangerous situations
### Summary

Unclear documentation of the error behavior in `ParseWithClaims` can lead to situation where users are potentially not checking errors in the way they should be. Especially, if a token is both expired and invalid, the errors returned by `ParseWithClaims` return both error codes. If users only check for the `jwt.ErrTokenExpired ` using `error.Is`, they will ignore the embedded `jwt.ErrTokenSignatureInvalid` and thus potentially accept invalid tokens.

### Fix

We have back-ported the error handling logic from the `v5` branch to the `v4` branch. In this logic, the `ParseWithClaims` function will immediately return in "dangerous" situations (e.g., an invalid signature), limiting the combined errors only to situations where the signature is valid, but further validation failed (e.g., if the signature is valid, but is expired AND has the wrong audience). This fix is part of the 4.5.1 release.

### Workaround 

We are aware that this changes the behaviour of an established function and is not 100 % backwards compatible, so updating to 4.5.1 might break your code. In case you cannot update to 4.5.0, please make sure that you are properly checking for all errors ("dangerous" ones first), so that you are not running in the case detailed above.

```Go
token, err := /* jwt.Parse or similar */
if token.Valid {
	fmt.Println("You look nice today")
} else if errors.Is(err, jwt.ErrTokenMalformed) {
	fmt.Println("That's not even a token")
} else if errors.Is(err, jwt.ErrTokenUnverifiable) {
	fmt.Println("We could not verify this token")
} else if errors.Is(err, jwt.ErrTokenSignatureInvalid) {
	fmt.Println("This token has an invalid signature")
} else if errors.Is(err, jwt.ErrTokenExpired) || errors.Is(err, jwt.ErrTokenNotValidYet) {
	// Token is either expired or not active yet
	fmt.Println("Timing is everything")
} else {
	fmt.Println("Couldn't handle this token:", err)
}
```

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-51744.json

reference_id

reference_type

scores

value	3.1
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-51744.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-51744

reference_id

reference_type

scores

value	0.0006
scoring_system	epss
scoring_elements	0.18779
published_at	2026-04-21T12:55:00Z

value	0.0006
scoring_system	epss
scoring_elements	0.18761
published_at	2026-04-18T12:55:00Z

value	0.0006
scoring_system	epss
scoring_elements	0.18749
published_at	2026-04-16T12:55:00Z

value	0.0006
scoring_system	epss
scoring_elements	0.18799
published_at	2026-04-13T12:55:00Z

value	0.0006
scoring_system	epss
scoring_elements	0.1885
published_at	2026-04-12T12:55:00Z

value	0.0006
scoring_system	epss
scoring_elements	0.18892
published_at	2026-04-09T12:55:00Z

value	0.0006
scoring_system	epss
scoring_elements	0.18897
published_at	2026-04-11T12:55:00Z

value	0.0006
scoring_system	epss
scoring_elements	0.18984
published_at	2026-04-02T12:55:00Z

value	0.0006
scoring_system	epss
scoring_elements	0.19036
published_at	2026-04-04T12:55:00Z

value	0.0006
scoring_system	epss
scoring_elements	0.1876
published_at	2026-04-07T12:55:00Z

value	0.0006
scoring_system	epss
scoring_elements	0.18841
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-51744

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	3.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://github.com/golang-jwt/jwt

reference_id

reference_type

scores

value	3.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N

value	2.3
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N

value	LOW
scoring_system	generic_textual
scoring_elements

url

https://github.com/golang-jwt/jwt

reference_url

https://github.com/golang-jwt/jwt/commit/7b1c1c00a171c6c79bbdb40e4ce7d197060c1c2c

reference_id

reference_type

scores

value	3.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N

value	2.3
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N

value	LOW
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-05T16:11:29Z/

url

https://github.com/golang-jwt/jwt/commit/7b1c1c00a171c6c79bbdb40e4ce7d197060c1c2c

reference_url

https://github.com/golang-jwt/jwt/security/advisories/GHSA-29wx-vh33-7x7r

reference_id

reference_type

scores

value	3.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N

value	2.3
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N

value	LOW
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-05T16:11:29Z/

url

https://github.com/golang-jwt/jwt/security/advisories/GHSA-29wx-vh33-7x7r

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2024-51744

reference_id

reference_type

scores

value	3.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N

value	2.3
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N

value	LOW
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2024-51744

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1086792
reference_id	1086792
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1086792

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2323735
reference_id	2323735
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2323735

reference_url	https://access.redhat.com/errata/RHSA-2025:11351
reference_id	RHSA-2025:11351
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:11351

reference_url	https://access.redhat.com/errata/RHSA-2026:2737
reference_id	RHSA-2026:2737
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:2737

reference_url	https://access.redhat.com/errata/RHSA-2026:3406
reference_id	RHSA-2026:3406
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:3406

fixed_packages

aliases

CVE-2024-51744, GHSA-29wx-vh33-7x7r

risk_score

1.4

exploitability

0.5

weighted_severity

2.8

resource_url

http://public2.vulnerablecode.io/vulnerabilities/VCID-qp47-aewx-wufh

url

VCID-r1ah-c6z7-vyen

vulnerability_id

VCID-r1ah-c6z7-vyen

summary

ceph: privilege escalation by unprivileged users in a ceph-fuse mounted CephFS

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-52555.json

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:C/C:H/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-52555.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-52555

reference_id

reference_type

scores

value	0.00021
scoring_system	epss
scoring_elements	0.05524
published_at	2026-04-02T12:55:00Z

value	0.00021
scoring_system	epss
scoring_elements	0.05705
published_at	2026-04-21T12:55:00Z

value	0.00021
scoring_system	epss
scoring_elements	0.0562
published_at	2026-04-09T12:55:00Z

value	0.00021
scoring_system	epss
scoring_elements	0.05591
published_at	2026-04-12T12:55:00Z

value	0.00021
scoring_system	epss
scoring_elements	0.05584
published_at	2026-04-13T12:55:00Z

value	0.00021
scoring_system	epss
scoring_elements	0.05532
published_at	2026-04-16T12:55:00Z

value	0.00021
scoring_system	epss
scoring_elements	0.05542
published_at	2026-04-18T12:55:00Z

value	0.00021
scoring_system	epss
scoring_elements	0.05559
published_at	2026-04-04T12:55:00Z

value	0.00021
scoring_system	epss
scoring_elements	0.05558
published_at	2026-04-07T12:55:00Z

value	0.00021
scoring_system	epss
scoring_elements	0.05595
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-52555

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-52555
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-52555

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1108410
reference_id	1108410
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1108410

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2374412
reference_id	2374412
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2374412

reference_url

https://github.com/ceph/ceph/pull/60314

reference_id

60314

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:C/C:H/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-26T20:40:04Z/

url

https://github.com/ceph/ceph/pull/60314

reference_url

https://github.com/ceph/ceph/security/advisories/GHSA-89hm-qq33-2fjm

reference_id

GHSA-89hm-qq33-2fjm

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:C/C:H/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-26T20:40:04Z/

url

https://github.com/ceph/ceph/security/advisories/GHSA-89hm-qq33-2fjm

fixed_packages

aliases

CVE-2025-52555

risk_score

3.0

exploitability

0.5

weighted_severity

5.9

resource_url

http://public2.vulnerablecode.io/vulnerabilities/VCID-r1ah-c6z7-vyen

url

VCID-s6f3-3mxh-ekfr

vulnerability_id

VCID-s6f3-3mxh-ekfr

summary

Predictable results in nanoid generation when given non-integer values
When nanoid is called with a fractional value, there were a number of undesirable effects:

1. in browser and non-secure, the code infinite loops on while (size--)
2. in node, the value of poolOffset becomes fractional, causing calls to nanoid to return zeroes until the pool is next filled
3. if the first call in node is a fractional argument, the initial buffer allocation fails with an error

Version 3.3.8 and 5.0.9 are fixed.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-55565.json

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-55565.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-55565

reference_id

reference_type

scores

value	0.00107
scoring_system	epss
scoring_elements	0.2886
published_at	2026-04-21T12:55:00Z

value	0.00107
scoring_system	epss
scoring_elements	0.29078
published_at	2026-04-04T12:55:00Z

value	0.00107
scoring_system	epss
scoring_elements	0.28931
published_at	2026-04-16T12:55:00Z

value	0.00107
scoring_system	epss
scoring_elements	0.28907
published_at	2026-04-13T12:55:00Z

value	0.00107
scoring_system	epss
scoring_elements	0.28956
published_at	2026-04-12T12:55:00Z

value	0.00107
scoring_system	epss
scoring_elements	0.29001
published_at	2026-04-11T12:55:00Z

value	0.00107
scoring_system	epss
scoring_elements	0.28997
published_at	2026-04-09T12:55:00Z

value	0.00107
scoring_system	epss
scoring_elements	0.28955
published_at	2026-04-08T12:55:00Z

value	0.00107
scoring_system	epss
scoring_elements	0.28887
published_at	2026-04-07T12:55:00Z

value	0.00107
scoring_system	epss
scoring_elements	0.29028
published_at	2026-04-02T12:55:00Z

value	0.00107
scoring_system	epss
scoring_elements	0.28906
published_at	2026-04-18T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-55565

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-55565
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-55565

reference_url

https://github.com/ai/nanoid

reference_id

reference_type

scores

value	4.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/ai/nanoid

reference_url

https://github.com/ai/nanoid/compare/3.3.7...3.3.8

reference_id

reference_type

scores

value	4.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-12T17:19:45Z/

url

https://github.com/ai/nanoid/compare/3.3.7...3.3.8

reference_url

https://github.com/ai/nanoid/pull/510

reference_id

reference_type

scores

value	4.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-12T17:19:45Z/

url

https://github.com/ai/nanoid/pull/510

reference_url

https://github.com/ai/nanoid/releases/tag/5.0.9

reference_id

reference_type

scores

value	4.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-12T17:19:45Z/

url

https://github.com/ai/nanoid/releases/tag/5.0.9

reference_url

https://lists.debian.org/debian-lts-announce/2024/12/msg00025.html

reference_id

reference_type

scores

value	4.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.debian.org/debian-lts-announce/2024/12/msg00025.html

reference_url

https://lists.debian.org/debian-lts-announce/2025/01/msg00006.html

reference_id

reference_type

scores

value	4.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.debian.org/debian-lts-announce/2025/01/msg00006.html

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2024-55565

reference_id

reference_type

scores

value	4.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2024-55565

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2331063
reference_id	2331063
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2331063

reference_url

https://github.com/advisories/GHSA-mwcw-c2x4-8c55

reference_id

GHSA-mwcw-c2x4-8c55

reference_type

scores

value	MODERATE
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-mwcw-c2x4-8c55

reference_url	https://access.redhat.com/errata/RHSA-2024:10990
reference_id	RHSA-2024:10990
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:10990

reference_url	https://access.redhat.com/errata/RHSA-2025:0079
reference_id	RHSA-2025:0079
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:0079

reference_url	https://access.redhat.com/errata/RHSA-2025:0082
reference_id	RHSA-2025:0082
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:0082

reference_url	https://access.redhat.com/errata/RHSA-2025:0340
reference_id	RHSA-2025:0340
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:0340

reference_url	https://access.redhat.com/errata/RHSA-2025:0654
reference_id	RHSA-2025:0654
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:0654

reference_url	https://access.redhat.com/errata/RHSA-2025:0723
reference_id	RHSA-2025:0723
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:0723

reference_url	https://access.redhat.com/errata/RHSA-2025:0778
reference_id	RHSA-2025:0778
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:0778

reference_url	https://access.redhat.com/errata/RHSA-2025:0785
reference_id	RHSA-2025:0785
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:0785

reference_url	https://access.redhat.com/errata/RHSA-2025:0851
reference_id	RHSA-2025:0851
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:0851

reference_url	https://access.redhat.com/errata/RHSA-2025:0875
reference_id	RHSA-2025:0875
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:0875

reference_url	https://access.redhat.com/errata/RHSA-2025:0892
reference_id	RHSA-2025:0892
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:0892

reference_url	https://access.redhat.com/errata/RHSA-2025:1051
reference_id	RHSA-2025:1051
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:1051

reference_url	https://access.redhat.com/errata/RHSA-2025:1448
reference_id	RHSA-2025:1448
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:1448

reference_url	https://access.redhat.com/errata/RHSA-2025:2652
reference_id	RHSA-2025:2652
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:2652

reference_url	https://access.redhat.com/errata/RHSA-2025:3368
reference_id	RHSA-2025:3368
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:3368

reference_url	https://access.redhat.com/errata/RHSA-2025:3374
reference_id	RHSA-2025:3374
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:3374

reference_url	https://access.redhat.com/errata/RHSA-2025:3397
reference_id	RHSA-2025:3397
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:3397

reference_url	https://access.redhat.com/errata/RHSA-2026:2737
reference_id	RHSA-2026:2737
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:2737

reference_url	https://access.redhat.com/errata/RHSA-2026:3406
reference_id	RHSA-2026:3406
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:3406

fixed_packages

aliases

CVE-2024-55565, GHSA-mwcw-c2x4-8c55

risk_score

3.1

exploitability

0.5

weighted_severity

6.2

resource_url

http://public2.vulnerablecode.io/vulnerabilities/VCID-s6f3-3mxh-ekfr

url

VCID-sty6-gwh1-hbcy

vulnerability_id

VCID-sty6-gwh1-hbcy

summary

golang.org/x/crypto/ssh/agent: golang.org/x/crypto/ssh/agent: SSH client panic due to unexpected SSH_AGENT_SUCCESS

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-47913.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-47913.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-47913

reference_id

reference_type

scores

value	0.00012
scoring_system	epss
scoring_elements	0.01899
published_at	2026-04-21T12:55:00Z

value	0.00013
scoring_system	epss
scoring_elements	0.02274
published_at	2026-04-11T12:55:00Z

value	0.00013
scoring_system	epss
scoring_elements	0.02031
published_at	2026-04-18T12:55:00Z

value	0.00013
scoring_system	epss
scoring_elements	0.02017
published_at	2026-04-16T12:55:00Z

value	0.00013
scoring_system	epss
scoring_elements	0.02039
published_at	2026-04-13T12:55:00Z

value	0.00013
scoring_system	epss
scoring_elements	0.02044
published_at	2026-04-12T12:55:00Z

value	0.00039
scoring_system	epss
scoring_elements	0.11781
published_at	2026-04-02T12:55:00Z

value	0.00039
scoring_system	epss
scoring_elements	0.11824
published_at	2026-04-04T12:55:00Z

value	0.00039
scoring_system	epss
scoring_elements	0.11611
published_at	2026-04-07T12:55:00Z

value	0.00039
scoring_system	epss
scoring_elements	0.11696
published_at	2026-04-08T12:55:00Z

value	0.00039
scoring_system	epss
scoring_elements	0.11751
published_at	2026-04-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-47913

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-47913
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-47913

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2414943
reference_id	2414943
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2414943

reference_url

https://go.dev/cl/700295

reference_id

700295

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-11-13T21:47:44Z/

url

https://go.dev/cl/700295

reference_url

https://go.dev/issue/75178

reference_id

75178

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-11-13T21:47:44Z/

url

https://go.dev/issue/75178

reference_url

https://github.com/advisories/GHSA-56w8-48fp-6mgv

reference_id

GHSA-56w8-48fp-6mgv

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-11-13T21:47:44Z/

url

https://github.com/advisories/GHSA-56w8-48fp-6mgv

reference_url

https://pkg.go.dev/vuln/GO-2025-4116

reference_id

GO-2025-4116

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-11-13T21:47:44Z/

url

https://pkg.go.dev/vuln/GO-2025-4116

reference_url	https://access.redhat.com/errata/RHSA-2025:22743
reference_id	RHSA-2025:22743
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:22743

reference_url	https://access.redhat.com/errata/RHSA-2025:22955
reference_id	RHSA-2025:22955
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:22955

reference_url	https://access.redhat.com/errata/RHSA-2025:23028
reference_id	RHSA-2025:23028
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:23028

reference_url	https://access.redhat.com/errata/RHSA-2025:23059
reference_id	RHSA-2025:23059
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:23059

reference_url	https://access.redhat.com/errata/RHSA-2025:23060
reference_id	RHSA-2025:23060
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:23060

reference_url	https://access.redhat.com/errata/RHSA-2025:23061
reference_id	RHSA-2025:23061
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:23061

reference_url	https://access.redhat.com/errata/RHSA-2025:23064
reference_id	RHSA-2025:23064
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:23064

reference_url	https://access.redhat.com/errata/RHSA-2025:23176
reference_id	RHSA-2025:23176
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:23176

reference_url	https://access.redhat.com/errata/RHSA-2025:23531
reference_id	RHSA-2025:23531
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:23531

reference_url	https://access.redhat.com/errata/RHSA-2025:23546
reference_id	RHSA-2025:23546
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:23546

reference_url	https://access.redhat.com/errata/RHSA-2026:0436
reference_id	RHSA-2026:0436
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:0436

reference_url	https://access.redhat.com/errata/RHSA-2026:0437
reference_id	RHSA-2026:0437
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:0437

reference_url	https://access.redhat.com/errata/RHSA-2026:0470
reference_id	RHSA-2026:0470
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:0470

reference_url	https://access.redhat.com/errata/RHSA-2026:0527
reference_id	RHSA-2026:0527
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:0527

reference_url	https://access.redhat.com/errata/RHSA-2026:0545
reference_id	RHSA-2026:0545
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:0545

reference_url	https://access.redhat.com/errata/RHSA-2026:0753
reference_id	RHSA-2026:0753
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:0753

reference_url	https://access.redhat.com/errata/RHSA-2026:1018
reference_id	RHSA-2026:1018
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:1018

reference_url	https://access.redhat.com/errata/RHSA-2026:1084
reference_id	RHSA-2026:1084
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:1084

reference_url	https://access.redhat.com/errata/RHSA-2026:1942
reference_id	RHSA-2026:1942
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:1942

reference_url	https://access.redhat.com/errata/RHSA-2026:2136
reference_id	RHSA-2026:2136
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:2136

reference_url	https://access.redhat.com/errata/RHSA-2026:2454
reference_id	RHSA-2026:2454
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:2454

reference_url	https://access.redhat.com/errata/RHSA-2026:2737
reference_id	RHSA-2026:2737
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:2737

reference_url	https://access.redhat.com/errata/RHSA-2026:2922
reference_id	RHSA-2026:2922
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:2922

reference_url	https://access.redhat.com/errata/RHSA-2026:3122
reference_id	RHSA-2026:3122
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:3122

reference_url	https://access.redhat.com/errata/RHSA-2026:3827
reference_id	RHSA-2026:3827
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:3827

reference_url	https://access.redhat.com/errata/RHSA-2026:4215
reference_id	RHSA-2026:4215
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:4215

reference_url	https://access.redhat.com/errata/RHSA-2026:4532
reference_id	RHSA-2026:4532
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:4532

reference_url	https://access.redhat.com/errata/RHSA-2026:4693
reference_id	RHSA-2026:4693
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:4693

reference_url	https://access.redhat.com/errata/RHSA-2026:5167
reference_id	RHSA-2026:5167
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:5167

reference_url	https://access.redhat.com/errata/RHSA-2026:5222
reference_id	RHSA-2026:5222
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:5222

reference_url	https://access.redhat.com/errata/RHSA-2026:6503
reference_id	RHSA-2026:6503
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:6503

reference_url	https://access.redhat.com/errata/RHSA-2026:8325
reference_id	RHSA-2026:8325
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8325

fixed_packages

aliases

CVE-2025-47913

risk_score

3.4

exploitability

0.5

weighted_severity

6.8

resource_url

http://public2.vulnerablecode.io/vulnerabilities/VCID-sty6-gwh1-hbcy

url

VCID-vzq7-t235-ukd5

vulnerability_id

VCID-vzq7-t235-ukd5

summary

DOMPurify allows Cross-site Scripting (XSS)
DOMPurify before 3.2.4 has an incorrect template literal regular expression when SAFE_FOR_TEMPLATES is set to true, sometimes leading to mutation cross-site scripting (mXSS).

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-26791.json

reference_id

reference_type

scores

value	4.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-26791.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-26791

reference_id

reference_type

scores

value	0.00095
scoring_system	epss
scoring_elements	0.26497
published_at	2026-04-08T12:55:00Z

value	0.00095
scoring_system	epss
scoring_elements	0.26426
published_at	2026-04-18T12:55:00Z

value	0.00095
scoring_system	epss
scoring_elements	0.26455
published_at	2026-04-16T12:55:00Z

value	0.00095
scoring_system	epss
scoring_elements	0.26449
published_at	2026-04-13T12:55:00Z

value	0.00095
scoring_system	epss
scoring_elements	0.26427
published_at	2026-04-07T12:55:00Z

value	0.00095
scoring_system	epss
scoring_elements	0.26552
published_at	2026-04-11T12:55:00Z

value	0.00095
scoring_system	epss
scoring_elements	0.26546
published_at	2026-04-09T12:55:00Z

value	0.00095
scoring_system	epss
scoring_elements	0.26506
published_at	2026-04-12T12:55:00Z

value	0.00098
scoring_system	epss
scoring_elements	0.26935
published_at	2026-04-21T12:55:00Z

value	0.00166
scoring_system	epss
scoring_elements	0.37796
published_at	2026-04-04T12:55:00Z

value	0.00166
scoring_system	epss
scoring_elements	0.37771
published_at	2026-04-02T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-26791

reference_url

https://ensy.zip/posts/dompurify-323-bypass

reference_id

reference_type

scores

value	4.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://ensy.zip/posts/dompurify-323-bypass

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://github.com/cure53/DOMPurify

reference_id

reference_type

scores

value	4.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/cure53/DOMPurify

reference_url

https://github.com/cure53/DOMPurify/commit/d18ffcb554e0001748865da03ac75dd7829f0f02

reference_id

reference_type

scores

value	4.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-14T15:30:30Z/

url

https://github.com/cure53/DOMPurify/commit/d18ffcb554e0001748865da03ac75dd7829f0f02

reference_url

https://github.com/cure53/DOMPurify/releases/tag/3.2.4

reference_id

reference_type

scores

value	4.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-14T15:30:30Z/

url

https://github.com/cure53/DOMPurify/releases/tag/3.2.4

reference_url

https://nsysean.github.io/posts/dompurify-323-bypass

reference_id

reference_type

scores

value	4.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nsysean.github.io/posts/dompurify-323-bypass

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2025-26791

reference_id

reference_type

scores

value	4.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2025-26791

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098325
reference_id	1098325
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098325

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2345695
reference_id	2345695
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2345695

reference_url

https://ensy.zip/posts/dompurify-323-bypass/

reference_id

dompurify-323-bypass

reference_type

scores

value	4.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-14T15:30:30Z/

url

https://ensy.zip/posts/dompurify-323-bypass/

reference_url

https://nsysean.github.io/posts/dompurify-323-bypass/

reference_id

dompurify-323-bypass

reference_type

scores

value	4.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-14T15:30:30Z/

url

https://nsysean.github.io/posts/dompurify-323-bypass/

reference_url

https://github.com/advisories/GHSA-vhxf-7vqr-mrjg

reference_id

GHSA-vhxf-7vqr-mrjg

reference_type

scores

value	MODERATE
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-vhxf-7vqr-mrjg

reference_url	https://access.redhat.com/errata/RHSA-2025:10020
reference_id	RHSA-2025:10020
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:10020

reference_url	https://access.redhat.com/errata/RHSA-2025:1875
reference_id	RHSA-2025:1875
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:1875

reference_url	https://access.redhat.com/errata/RHSA-2025:2518
reference_id	RHSA-2025:2518
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:2518

reference_url	https://access.redhat.com/errata/RHSA-2025:3368
reference_id	RHSA-2025:3368
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:3368

reference_url	https://access.redhat.com/errata/RHSA-2025:3397
reference_id	RHSA-2025:3397
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:3397

reference_url	https://access.redhat.com/errata/RHSA-2025:3886
reference_id	RHSA-2025:3886
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:3886

reference_url	https://access.redhat.com/errata/RHSA-2025:7626
reference_id	RHSA-2025:7626
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:7626

reference_url	https://access.redhat.com/errata/RHSA-2026:2737
reference_id	RHSA-2026:2737
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:2737

reference_url	https://access.redhat.com/errata/RHSA-2026:3406
reference_id	RHSA-2026:3406
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:3406

fixed_packages

aliases

CVE-2025-26791, GHSA-vhxf-7vqr-mrjg

risk_score

3.1

exploitability

0.5

weighted_severity

6.2

resource_url

http://public2.vulnerablecode.io/vulnerabilities/VCID-vzq7-t235-ukd5

Fixing_vulnerabilities

Risk_score 4.5

Resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/ceph@2:18.2.1-381%3Farch=el8cp

Package Instance