Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:deb/debian/libpod@0?distro=bullseye
Typedeb
Namespacedebian
Namelibpod
Version0
Qualifiers
distro bullseye
Subpath
Is_vulnerablefalse
Next_non_vulnerable_version1.6.4+dfsg1-3
Latest_non_vulnerable_version4.3.1+ds1-8+deb12u1
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-3zm9-mtqp-5qdt
vulnerability_id VCID-3zm9-mtqp-5qdt
summary 
Podman Path Traversal Vulnerability leads to arbitrary file read/write
A path traversal vulnerability has been discovered in podman before version 1.4.0 in the way it handles symlinks inside containers. An attacker who has compromised an existing container can cause arbitrary files on the host filesystem to be read/written when an administrator tries to copy a file from/to the container.
references
0
reference_url http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00001.html
reference_id
reference_type
scores
0
value 7.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00001.html
1
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10152.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10152.json
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-10152
reference_id
reference_type
scores
0
value 0.00357
scoring_system epss
scoring_elements 0.58029
published_at 2026-04-18T12:55:00Z
1
value 0.00357
scoring_system epss
scoring_elements 0.57888
published_at 2026-04-01T12:55:00Z
2
value 0.00357
scoring_system epss
scoring_elements 0.57972
published_at 2026-04-02T12:55:00Z
3
value 0.00357
scoring_system epss
scoring_elements 0.57991
published_at 2026-04-04T12:55:00Z
4
value 0.00357
scoring_system epss
scoring_elements 0.57967
published_at 2026-04-07T12:55:00Z
5
value 0.00357
scoring_system epss
scoring_elements 0.58023
published_at 2026-04-08T12:55:00Z
6
value 0.00357
scoring_system epss
scoring_elements 0.58025
published_at 2026-04-09T12:55:00Z
7
value 0.00357
scoring_system epss
scoring_elements 0.58042
published_at 2026-04-11T12:55:00Z
8
value 0.00357
scoring_system epss
scoring_elements 0.5802
published_at 2026-04-12T12:55:00Z
9
value 0.00357
scoring_system epss
scoring_elements 0.58
published_at 2026-04-13T12:55:00Z
10
value 0.00357
scoring_system epss
scoring_elements 0.5803
published_at 2026-04-16T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-10152
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10152
reference_id
reference_type
scores
0
value 7.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10152
4
reference_url https://github.com/containers/libpod
reference_id
reference_type
scores
0
value 7.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/containers/libpod
5
reference_url https://github.com/containers/libpod/blob/master/RELEASE_NOTES.md#140
reference_id
reference_type
scores
0
value 7.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/containers/libpod/blob/master/RELEASE_NOTES.md#140
6
reference_url https://github.com/containers/libpod/issues/3211
reference_id
reference_type
scores
0
value 7.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/containers/libpod/issues/3211
7
reference_url https://github.com/containers/libpod/pull/3214
reference_id
reference_type
scores
0
value 7.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/containers/libpod/pull/3214
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-10152
reference_id
reference_type
scores
0
value 7.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2019-10152
9
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1715667
reference_id 1715667
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1715667
10
reference_url https://access.redhat.com/errata/RHSA-2019:1907
reference_id RHSA-2019:1907
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:1907
fixed_packages
0
url pkg:deb/debian/libpod@0?distro=bullseye
purl pkg:deb/debian/libpod@0?distro=bullseye
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libpod@0%3Fdistro=bullseye
1
url pkg:deb/debian/libpod@3.0.1%2Bdfsg1-3%2Bdeb11u5?distro=bullseye
purl pkg:deb/debian/libpod@3.0.1%2Bdfsg1-3%2Bdeb11u5?distro=bullseye
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libpod@3.0.1%252Bdfsg1-3%252Bdeb11u5%3Fdistro=bullseye
2
url pkg:deb/debian/libpod@4.3.1%2Bds1-8%2Bdeb12u1?distro=bullseye
purl pkg:deb/debian/libpod@4.3.1%2Bds1-8%2Bdeb12u1?distro=bullseye
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libpod@4.3.1%252Bds1-8%252Bdeb12u1%3Fdistro=bullseye
aliases CVE-2019-10152, GHSA-rh5f-2w6r-q7vj
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3zm9-mtqp-5qdt
1
url VCID-75hs-t8bs-23e9
vulnerability_id VCID-75hs-t8bs-23e9
summary 
Podman Symlink Vulnerability
An issue was discovered in Podman in libpod before 1.6.0. It resolves a symlink in the host context during a copy operation from the container to the host, because an undesired glob operation occurs. An attacker could create a container image containing particular symlinks that, when copied by a victim user to the host filesystem, may overwrite existing files with others from the host.
references
0
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00040.html
reference_id
reference_type
scores
url http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00040.html
1
reference_url https://access.redhat.com/errata/RHSA-2019:4269
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2019:4269
2
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-18466.json
reference_id
reference_type
scores
0
value 2.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-18466.json
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-18466
reference_id
reference_type
scores
0
value 0.00839
scoring_system epss
scoring_elements 0.74735
published_at 2026-04-18T12:55:00Z
1
value 0.00839
scoring_system epss
scoring_elements 0.74644
published_at 2026-04-01T12:55:00Z
2
value 0.00839
scoring_system epss
scoring_elements 0.74648
published_at 2026-04-02T12:55:00Z
3
value 0.00839
scoring_system epss
scoring_elements 0.74674
published_at 2026-04-04T12:55:00Z
4
value 0.00839
scoring_system epss
scoring_elements 0.74649
published_at 2026-04-07T12:55:00Z
5
value 0.00839
scoring_system epss
scoring_elements 0.74681
published_at 2026-04-08T12:55:00Z
6
value 0.00839
scoring_system epss
scoring_elements 0.74695
published_at 2026-04-09T12:55:00Z
7
value 0.00839
scoring_system epss
scoring_elements 0.74719
published_at 2026-04-11T12:55:00Z
8
value 0.00839
scoring_system epss
scoring_elements 0.74698
published_at 2026-04-12T12:55:00Z
9
value 0.00839
scoring_system epss
scoring_elements 0.7469
published_at 2026-04-13T12:55:00Z
10
value 0.00839
scoring_system epss
scoring_elements 0.74727
published_at 2026-04-16T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-18466
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1744588
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=1744588
5
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
6
reference_url https://github.com/containers/libpod
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/containers/libpod
7
reference_url https://github.com/containers/libpod/commit/5c09c4d2947a759724f9d5aef6bac04317e03f7e
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/containers/libpod/commit/5c09c4d2947a759724f9d5aef6bac04317e03f7e
8
reference_url https://github.com/containers/libpod/compare/v1.5.1...v1.6.0
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/containers/libpod/compare/v1.5.1...v1.6.0
9
reference_url https://github.com/containers/libpod/issues/3829
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/containers/libpod/issues/3829
10
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-18466
reference_id
reference_type
scores
0
value 5.8
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:N/I:P/A:P
1
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2019-18466
11
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libpod_project:libpod:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:libpod_project:libpod:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libpod_project:libpod:*:*:*:*:*:*:*:*
12
reference_url https://access.redhat.com/errata/RHSA-2020:1227
reference_id RHSA-2020:1227
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:1227
fixed_packages
0
url pkg:deb/debian/libpod@0?distro=bullseye
purl pkg:deb/debian/libpod@0?distro=bullseye
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libpod@0%3Fdistro=bullseye
1
url pkg:deb/debian/libpod@3.0.1%2Bdfsg1-3%2Bdeb11u5?distro=bullseye
purl pkg:deb/debian/libpod@3.0.1%2Bdfsg1-3%2Bdeb11u5?distro=bullseye
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libpod@3.0.1%252Bdfsg1-3%252Bdeb11u5%3Fdistro=bullseye
2
url pkg:deb/debian/libpod@4.3.1%2Bds1-8%2Bdeb12u1?distro=bullseye
purl pkg:deb/debian/libpod@4.3.1%2Bds1-8%2Bdeb12u1?distro=bullseye
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libpod@4.3.1%252Bds1-8%252Bdeb12u1%3Fdistro=bullseye
aliases CVE-2019-18466, GHSA-r34v-gqmw-qvgj
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-75hs-t8bs-23e9
2
url VCID-artb-94uw-33c5
vulnerability_id VCID-artb-94uw-33c5
summary 
Podman Elevated Container Privileges
It has been discovered that podman before version 0.6.1 does not drop capabilities when executing a container as a non-root user. This results in unnecessary privileges being granted to the container.
references
0
reference_url https://access.redhat.com/errata/RHSA-2018:2037
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2018:2037
1
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-10856.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-10856.json
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-10856
reference_id
reference_type
scores
0
value 0.00216
scoring_system epss
scoring_elements 0.4423
published_at 2026-04-18T12:55:00Z
1
value 0.00216
scoring_system epss
scoring_elements 0.44121
published_at 2026-04-01T12:55:00Z
2
value 0.00216
scoring_system epss
scoring_elements 0.44186
published_at 2026-04-02T12:55:00Z
3
value 0.00216
scoring_system epss
scoring_elements 0.44209
published_at 2026-04-04T12:55:00Z
4
value 0.00216
scoring_system epss
scoring_elements 0.44141
published_at 2026-04-07T12:55:00Z
5
value 0.00216
scoring_system epss
scoring_elements 0.44192
published_at 2026-04-08T12:55:00Z
6
value 0.00216
scoring_system epss
scoring_elements 0.44196
published_at 2026-04-09T12:55:00Z
7
value 0.00216
scoring_system epss
scoring_elements 0.44212
published_at 2026-04-11T12:55:00Z
8
value 0.00216
scoring_system epss
scoring_elements 0.4418
published_at 2026-04-13T12:55:00Z
9
value 0.00216
scoring_system epss
scoring_elements 0.4424
published_at 2026-04-16T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-10856
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10856
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10856
4
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
5
reference_url https://github.com/containers/podman
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/containers/podman
6
reference_url https://github.com/projectatomic/libpod/commit/bae80a0b663925ec751ad2784ca32989403cdc24
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/projectatomic/libpod/commit/bae80a0b663925ec751ad2784ca32989403cdc24
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2018-10856
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:S/C:P/I:P/A:P
1
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
2
value 8.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
3
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
4
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
5
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2018-10856
8
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1592166
reference_id 1592166
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1592166
9
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libpod_project:libpod:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:libpod_project:libpod:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libpod_project:libpod:*:*:*:*:*:*:*:*
fixed_packages
0
url pkg:deb/debian/libpod@0?distro=bullseye
purl pkg:deb/debian/libpod@0?distro=bullseye
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libpod@0%3Fdistro=bullseye
1
url pkg:deb/debian/libpod@3.0.1%2Bdfsg1-3%2Bdeb11u5?distro=bullseye
purl pkg:deb/debian/libpod@3.0.1%2Bdfsg1-3%2Bdeb11u5?distro=bullseye
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libpod@3.0.1%252Bdfsg1-3%252Bdeb11u5%3Fdistro=bullseye
2
url pkg:deb/debian/libpod@4.3.1%2Bds1-8%2Bdeb12u1?distro=bullseye
purl pkg:deb/debian/libpod@4.3.1%2Bds1-8%2Bdeb12u1?distro=bullseye
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libpod@4.3.1%252Bds1-8%252Bdeb12u1%3Fdistro=bullseye
aliases CVE-2018-10856, GHSA-wp7w-vx86-vj9h
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-artb-94uw-33c5
3
url VCID-gzfd-vguv-dqa1
vulnerability_id VCID-gzfd-vguv-dqa1
summary 
Podman Time-of-check Time-of-use (TOCTOU) Race Condition
A Time-of-check Time-of-use (TOCTOU) flaw was found in podman. This issue may allow a malicious user to replace a normal file in a volume with a symlink while exporting the volume, allowing for access to arbitrary files on the host file system.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-0778.json
reference_id
reference_type
scores
0
value 6.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-0778.json
1
reference_url https://access.redhat.com/security/cve/CVE-2023-0778
reference_id
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/security/cve/CVE-2023-0778
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-0778
reference_id
reference_type
scores
0
value 0.00096
scoring_system epss
scoring_elements 0.26587
published_at 2026-04-11T12:55:00Z
1
value 0.00096
scoring_system epss
scoring_elements 0.26581
published_at 2026-04-09T12:55:00Z
2
value 0.00096
scoring_system epss
scoring_elements 0.26532
published_at 2026-04-08T12:55:00Z
3
value 0.00096
scoring_system epss
scoring_elements 0.26463
published_at 2026-04-07T12:55:00Z
4
value 0.00096
scoring_system epss
scoring_elements 0.26634
published_at 2026-04-02T12:55:00Z
5
value 0.00096
scoring_system epss
scoring_elements 0.26484
published_at 2026-04-13T12:55:00Z
6
value 0.00096
scoring_system epss
scoring_elements 0.26542
published_at 2026-04-12T12:55:00Z
7
value 0.00096
scoring_system epss
scoring_elements 0.26678
published_at 2026-04-04T12:55:00Z
8
value 0.00111
scoring_system epss
scoring_elements 0.29514
published_at 2026-04-18T12:55:00Z
9
value 0.00111
scoring_system epss
scoring_elements 0.29541
published_at 2026-04-16T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-0778
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2168256
reference_id
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-24T17:25:23Z/
url https://bugzilla.redhat.com/show_bug.cgi?id=2168256
4
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
5
reference_url https://github.com/containers/podman
reference_id
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/containers/podman
6
reference_url https://github.com/containers/podman/commit/6ca857feb07a5fdc96fd947afef03916291673d8
reference_id
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/containers/podman/commit/6ca857feb07a5fdc96fd947afef03916291673d8
7
reference_url https://github.com/containers/podman/pull/17528
reference_id
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/containers/podman/pull/17528
8
reference_url https://github.com/containers/podman/pull/17532
reference_id
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/containers/podman/pull/17532
9
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-0778
reference_id
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2023-0778
10
reference_url https://pkg.go.dev/vuln/GO-2023-1681
reference_id
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://pkg.go.dev/vuln/GO-2023-1681
11
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1032099
reference_id 1032099
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1032099
12
reference_url https://security.gentoo.org/glsa/202407-12
reference_id GLSA-202407-12
reference_type
scores
url https://security.gentoo.org/glsa/202407-12
13
reference_url https://access.redhat.com/errata/RHSA-2023:1325
reference_id RHSA-2023:1325
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:1325
14
reference_url https://access.redhat.com/errata/RHSA-2023:2758
reference_id RHSA-2023:2758
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:2758
15
reference_url https://access.redhat.com/errata/RHSA-2023:2802
reference_id RHSA-2023:2802
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:2802
fixed_packages
0
url pkg:deb/debian/libpod@0?distro=bullseye
purl pkg:deb/debian/libpod@0?distro=bullseye
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libpod@0%3Fdistro=bullseye
1
url pkg:deb/debian/libpod@3.0.1%2Bdfsg1-3%2Bdeb11u5?distro=bullseye
purl pkg:deb/debian/libpod@3.0.1%2Bdfsg1-3%2Bdeb11u5?distro=bullseye
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libpod@3.0.1%252Bdfsg1-3%252Bdeb11u5%3Fdistro=bullseye
2
url pkg:deb/debian/libpod@4.3.1%2Bds1-7?distro=bullseye
purl pkg:deb/debian/libpod@4.3.1%2Bds1-7?distro=bullseye
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libpod@4.3.1%252Bds1-7%3Fdistro=bullseye
3
url pkg:deb/debian/libpod@4.3.1%2Bds1-8%2Bdeb12u1?distro=bullseye
purl pkg:deb/debian/libpod@4.3.1%2Bds1-8%2Bdeb12u1?distro=bullseye
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libpod@4.3.1%252Bds1-8%252Bdeb12u1%3Fdistro=bullseye
aliases CVE-2023-0778, GHSA-qwqv-rqgf-8qh8
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-gzfd-vguv-dqa1
4
url VCID-mzjw-b6mh-nugs
vulnerability_id VCID-mzjw-b6mh-nugs
summary 
Exposure of Sensitive Information to an Unauthorized Actor and Origin Validation Error in podman
A flaw was found in podman. The `podman machine` function (used to create and manage Podman virtual machine containing a Podman process) spawns a `gvproxy` process on the host system. The `gvproxy` API is accessible on port 7777 on all IP addresses on the host. If that port is open on the host's firewall, an attacker can potentially use the `gvproxy` API to forward ports on the host to ports in the VM, making private services on the VM accessible to the network. This issue could be also used to interrupt the host's services by forwarding all ports to the VM.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-4024.json
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-4024.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-4024
reference_id
reference_type
scores
0
value 0.00095
scoring_system epss
scoring_elements 0.26419
published_at 2026-04-18T12:55:00Z
1
value 0.00095
scoring_system epss
scoring_elements 0.26449
published_at 2026-04-16T12:55:00Z
2
value 0.00095
scoring_system epss
scoring_elements 0.26636
published_at 2026-04-04T12:55:00Z
3
value 0.00095
scoring_system epss
scoring_elements 0.26541
published_at 2026-04-01T12:55:00Z
4
value 0.00095
scoring_system epss
scoring_elements 0.2649
published_at 2026-04-08T12:55:00Z
5
value 0.00095
scoring_system epss
scoring_elements 0.26592
published_at 2026-04-02T12:55:00Z
6
value 0.00095
scoring_system epss
scoring_elements 0.26421
published_at 2026-04-07T12:55:00Z
7
value 0.00095
scoring_system epss
scoring_elements 0.26442
published_at 2026-04-13T12:55:00Z
8
value 0.00095
scoring_system epss
scoring_elements 0.26499
published_at 2026-04-12T12:55:00Z
9
value 0.00095
scoring_system epss
scoring_elements 0.26546
published_at 2026-04-11T12:55:00Z
10
value 0.00095
scoring_system epss
scoring_elements 0.26539
published_at 2026-04-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-4024
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2026675,
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=2026675,
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/containers/podman
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/containers/podman
5
reference_url https://github.com/containers/podman/releases/tag/v3.4.3
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/containers/podman/releases/tag/v3.4.3
6
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QFFVJ6S3ZRMPDYB7KYAWEMDHXFZYQPU3
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QFFVJ6S3ZRMPDYB7KYAWEMDHXFZYQPU3
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-4024
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-4024
8
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1000844
reference_id 1000844
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1000844
9
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2026675
reference_id 2026675
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2026675
10
reference_url https://security.archlinux.org/AVG-2591
reference_id AVG-2591
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2591
11
reference_url https://security.gentoo.org/glsa/202407-12
reference_id GLSA-202407-12
reference_type
scores
url https://security.gentoo.org/glsa/202407-12
12
reference_url https://access.redhat.com/errata/RHSA-2022:7954
reference_id RHSA-2022:7954
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:7954
13
reference_url https://access.redhat.com/errata/RHSA-2024:10289
reference_id RHSA-2024:10289
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:10289
fixed_packages
0
url pkg:deb/debian/libpod@0?distro=bullseye
purl pkg:deb/debian/libpod@0?distro=bullseye
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libpod@0%3Fdistro=bullseye
1
url pkg:deb/debian/libpod@3.0.1%2Bdfsg1-3%2Bdeb11u5?distro=bullseye
purl pkg:deb/debian/libpod@3.0.1%2Bdfsg1-3%2Bdeb11u5?distro=bullseye
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libpod@3.0.1%252Bdfsg1-3%252Bdeb11u5%3Fdistro=bullseye
2
url pkg:deb/debian/libpod@3.4.3%2Bds1-1?distro=bullseye
purl pkg:deb/debian/libpod@3.4.3%2Bds1-1?distro=bullseye
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libpod@3.4.3%252Bds1-1%3Fdistro=bullseye
3
url pkg:deb/debian/libpod@4.3.1%2Bds1-8%2Bdeb12u1?distro=bullseye
purl pkg:deb/debian/libpod@4.3.1%2Bds1-8%2Bdeb12u1?distro=bullseye
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libpod@4.3.1%252Bds1-8%252Bdeb12u1%3Fdistro=bullseye
aliases CVE-2021-4024, GHSA-3cf2-x423-x582
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-mzjw-b6mh-nugs
5
url VCID-tuub-p4f4-nqer
vulnerability_id VCID-tuub-p4f4-nqer
summary 
Podman Improper Certificate Validation; machine missing TLS verification
### Impact
The podman machine init command fails to verify the TLS certificate when downloading the VM images from an OCI registry (which it does by default since 5.0.0) allowing a possible Man In The Middle attack.

### Patches
https://github.com/containers/podman/commit/726b506acc8a00d99f1a3a1357ecf619a1f798c3
Fixed in v5.5.2

### Workarounds
Download the disk image manually via some other tool that verifies the TLS connection. Then pass the local image as file path (podman machine init --image ./somepath)
references
0
reference_url https://access.redhat.com/errata/RHSA-2025:10295
reference_id
reference_type
scores
0
value 8.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-24T14:11:17Z/
url https://access.redhat.com/errata/RHSA-2025:10295
1
reference_url https://access.redhat.com/errata/RHSA-2025:10549
reference_id
reference_type
scores
0
value 8.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-24T14:11:17Z/
url https://access.redhat.com/errata/RHSA-2025:10549
2
reference_url https://access.redhat.com/errata/RHSA-2025:10550
reference_id
reference_type
scores
0
value 8.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-24T14:11:17Z/
url https://access.redhat.com/errata/RHSA-2025:10550
3
reference_url https://access.redhat.com/errata/RHSA-2025:10551
reference_id
reference_type
scores
0
value 8.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-24T14:11:17Z/
url https://access.redhat.com/errata/RHSA-2025:10551
4
reference_url https://access.redhat.com/errata/RHSA-2025:10668
reference_id
reference_type
scores
0
value 8.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-24T14:11:17Z/
url https://access.redhat.com/errata/RHSA-2025:10668
5
reference_url https://access.redhat.com/errata/RHSA-2025:11359
reference_id
reference_type
scores
0
value 8.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-24T14:11:17Z/
url https://access.redhat.com/errata/RHSA-2025:11359
6
reference_url https://access.redhat.com/errata/RHSA-2025:11363
reference_id
reference_type
scores
0
value 8.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-24T14:11:17Z/
url https://access.redhat.com/errata/RHSA-2025:11363
7
reference_url https://access.redhat.com/errata/RHSA-2025:11677
reference_id
reference_type
scores
0
value 8.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-24T14:11:17Z/
url https://access.redhat.com/errata/RHSA-2025:11677
8
reference_url https://access.redhat.com/errata/RHSA-2025:11681
reference_id
reference_type
scores
0
value 8.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-24T14:11:17Z/
url https://access.redhat.com/errata/RHSA-2025:11681
9
reference_url https://access.redhat.com/errata/RHSA-2025:15397
reference_id
reference_type
scores
0
value 8.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-24T14:11:17Z/
url https://access.redhat.com/errata/RHSA-2025:15397
10
reference_url https://access.redhat.com/errata/RHSA-2025:9726
reference_id
reference_type
scores
0
value 8.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-24T14:11:17Z/
url https://access.redhat.com/errata/RHSA-2025:9726
11
reference_url https://access.redhat.com/errata/RHSA-2025:9751
reference_id
reference_type
scores
0
value 8.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-24T14:11:17Z/
url https://access.redhat.com/errata/RHSA-2025:9751
12
reference_url https://access.redhat.com/errata/RHSA-2025:9766
reference_id
reference_type
scores
0
value 8.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-24T14:11:17Z/
url https://access.redhat.com/errata/RHSA-2025:9766
13
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-6032.json
reference_id
reference_type
scores
0
value 8.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-6032.json
14
reference_url https://access.redhat.com/security/cve/CVE-2025-6032
reference_id
reference_type
scores
0
value 8.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-24T14:11:17Z/
url https://access.redhat.com/security/cve/CVE-2025-6032
15
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-6032
reference_id
reference_type
scores
0
value 0.00069
scoring_system epss
scoring_elements 0.2134
published_at 2026-04-04T12:55:00Z
1
value 0.00069
scoring_system epss
scoring_elements 0.21287
published_at 2026-04-02T12:55:00Z
2
value 0.00069
scoring_system epss
scoring_elements 0.21093
published_at 2026-04-07T12:55:00Z
3
value 0.00069
scoring_system epss
scoring_elements 0.21173
published_at 2026-04-08T12:55:00Z
4
value 0.00069
scoring_system epss
scoring_elements 0.21233
published_at 2026-04-09T12:55:00Z
5
value 0.00075
scoring_system epss
scoring_elements 0.22513
published_at 2026-04-16T12:55:00Z
6
value 0.00075
scoring_system epss
scoring_elements 0.22552
published_at 2026-04-12T12:55:00Z
7
value 0.00075
scoring_system epss
scoring_elements 0.22592
published_at 2026-04-11T12:55:00Z
8
value 0.00075
scoring_system epss
scoring_elements 0.22508
published_at 2026-04-18T12:55:00Z
9
value 0.00075
scoring_system epss
scoring_elements 0.22498
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-6032
16
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2372501
reference_id
reference_type
scores
0
value 8.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-24T14:11:17Z/
url https://bugzilla.redhat.com/show_bug.cgi?id=2372501
17
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
18
reference_url https://github.com/containers/podman
reference_id
reference_type
scores
0
value 8.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/containers/podman
19
reference_url https://github.com/containers/podman/commit/726b506acc8a00d99f1a3a1357ecf619a1f798c3
reference_id
reference_type
scores
0
value 8.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-24T14:11:17Z/
url https://github.com/containers/podman/commit/726b506acc8a00d99f1a3a1357ecf619a1f798c3
20
reference_url https://github.com/containers/podman/security/advisories/GHSA-65gg-3w2w-hr4h
reference_id
reference_type
scores
0
value 8.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-24T14:11:17Z/
url https://github.com/containers/podman/security/advisories/GHSA-65gg-3w2w-hr4h
21
reference_url https://nvd.nist.gov/vuln/detail/CVE-2025-6032
reference_id
reference_type
scores
0
value 8.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2025-6032
22
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1108473
reference_id 1108473
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1108473
23
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream
reference_id cpe:/a:redhat:enterprise_linux:8::appstream
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream
24
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream
reference_id cpe:/a:redhat:enterprise_linux:9::appstream
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream
25
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4
reference_id cpe:/a:redhat:openshift:4
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4
26
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.16::el8
reference_id cpe:/a:redhat:openshift:4.16::el8
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.16::el8
27
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.16::el9
reference_id cpe:/a:redhat:openshift:4.16::el9
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.16::el9
28
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.17::el8
reference_id cpe:/a:redhat:openshift:4.17::el8
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.17::el8
29
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.17::el9
reference_id cpe:/a:redhat:openshift:4.17::el9
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.17::el9
30
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.18::el8
reference_id cpe:/a:redhat:openshift:4.18::el8
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.18::el8
31
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.18::el9
reference_id cpe:/a:redhat:openshift:4.18::el9
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.18::el9
32
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.19::el9
reference_id cpe:/a:redhat:openshift:4.19::el9
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.19::el9
33
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.20::el9
reference_id cpe:/a:redhat:openshift:4.20::el9
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.20::el9
34
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream
reference_id cpe:/a:redhat:rhel_eus:9.4::appstream
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream
35
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0
reference_id cpe:/o:redhat:enterprise_linux:10.0
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0
fixed_packages
0
url pkg:deb/debian/libpod@0?distro=bullseye
purl pkg:deb/debian/libpod@0?distro=bullseye
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libpod@0%3Fdistro=bullseye
1
url pkg:deb/debian/libpod@3.0.1%2Bdfsg1-3%2Bdeb11u5?distro=bullseye
purl pkg:deb/debian/libpod@3.0.1%2Bdfsg1-3%2Bdeb11u5?distro=bullseye
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libpod@3.0.1%252Bdfsg1-3%252Bdeb11u5%3Fdistro=bullseye
2
url pkg:deb/debian/libpod@4.3.1%2Bds1-8%2Bdeb12u1?distro=bullseye
purl pkg:deb/debian/libpod@4.3.1%2Bds1-8%2Bdeb12u1?distro=bullseye
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libpod@4.3.1%252Bds1-8%252Bdeb12u1%3Fdistro=bullseye
aliases CVE-2025-6032, GHSA-65gg-3w2w-hr4h
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-tuub-p4f4-nqer
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:deb/debian/libpod@0%3Fdistro=bullseye