Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:deb/debian/lxc@1:5.0.2-1?distro=trixie
Typedeb
Namespacedebian
Namelxc
Version1:5.0.2-1
Qualifiers
distro trixie
Subpath
Is_vulnerablefalse
Next_non_vulnerable_version1:5.0.2-1+deb12u3
Latest_non_vulnerable_version1:6.0.6-2
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-xq22-fmtf-8yhs
vulnerability_id VCID-xq22-fmtf-8yhs
summary lxc-user-nic in lxc through 5.0.1 is installed setuid root, and may allow local users to infer whether any file exists, even within a protected directory tree, because "Failed to open" often indicates that a file does not exist, whereas "does not refer to a network namespace path" often indicates that a file exists. NOTE: this is different from CVE-2018-6556 because the CVE-2018-6556 fix design was based on the premise that "we will report back to the user that the open() failed but the user has no way of knowing why it failed"; however, in many realistic cases, there are no plausible reasons for failing except that the file does not exist.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-47952
reference_id
reference_type
scores
0
value 0.01699
scoring_system epss
scoring_elements 0.82243
published_at 2026-04-07T12:55:00Z
1
value 0.01699
scoring_system epss
scoring_elements 0.82228
published_at 2026-04-02T12:55:00Z
2
value 0.01699
scoring_system epss
scoring_elements 0.82277
published_at 2026-04-09T12:55:00Z
3
value 0.01699
scoring_system epss
scoring_elements 0.8227
published_at 2026-04-08T12:55:00Z
4
value 0.01699
scoring_system epss
scoring_elements 0.82248
published_at 2026-04-04T12:55:00Z
5
value 0.01699
scoring_system epss
scoring_elements 0.82322
published_at 2026-04-21T12:55:00Z
6
value 0.01699
scoring_system epss
scoring_elements 0.8232
published_at 2026-04-18T12:55:00Z
7
value 0.01699
scoring_system epss
scoring_elements 0.82285
published_at 2026-04-13T12:55:00Z
8
value 0.01699
scoring_system epss
scoring_elements 0.82291
published_at 2026-04-12T12:55:00Z
9
value 0.01699
scoring_system epss
scoring_elements 0.82297
published_at 2026-04-11T12:55:00Z
10
value 0.02316
scoring_system epss
scoring_elements 0.84832
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-47952
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-47952
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-47952
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/1783591/comments/45
reference_id 45
reference_type
scores
0
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-10T19:15:58Z/
url https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/1783591/comments/45
4
reference_url https://github.com/MaherAzzouzi/CVE-2022-47952
reference_id CVE-2022-47952
reference_type
scores
0
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-10T19:15:58Z/
url https://github.com/MaherAzzouzi/CVE-2022-47952
5
reference_url https://github.com/lxc/lxc/blob/0b83d71c2c8f3bac9503f894cd84584f79258bb3/lxc.spec.in#L274
reference_id lxc.spec.in#L274
reference_type
scores
0
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-10T19:15:58Z/
url https://github.com/lxc/lxc/blob/0b83d71c2c8f3bac9503f894cd84584f79258bb3/lxc.spec.in#L274
6
reference_url https://github.com/lxc/lxc/blob/0b83d71c2c8f3bac9503f894cd84584f79258bb3/src/lxc/cmd/lxc_user_nic.c#L1085-L1104
reference_id lxc_user_nic.c#L1085-L1104
reference_type
scores
0
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-10T19:15:58Z/
url https://github.com/lxc/lxc/blob/0b83d71c2c8f3bac9503f894cd84584f79258bb3/src/lxc/cmd/lxc_user_nic.c#L1085-L1104
7
reference_url https://lists.debian.org/debian-lts-announce/2023/08/msg00025.html
reference_id msg00025.html
reference_type
scores
0
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-10T19:15:58Z/
url https://lists.debian.org/debian-lts-announce/2023/08/msg00025.html
fixed_packages
0
url pkg:deb/debian/lxc@1:4.0.6-2%2Bdeb11u2?distro=trixie
purl pkg:deb/debian/lxc@1:4.0.6-2%2Bdeb11u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/lxc@1:4.0.6-2%252Bdeb11u2%3Fdistro=trixie
1
url pkg:deb/debian/lxc@1:5.0.2-1?distro=trixie
purl pkg:deb/debian/lxc@1:5.0.2-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/lxc@1:5.0.2-1%3Fdistro=trixie
2
url pkg:deb/debian/lxc@1:5.0.2-1%2Bdeb12u3?distro=trixie
purl pkg:deb/debian/lxc@1:5.0.2-1%2Bdeb12u3?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/lxc@1:5.0.2-1%252Bdeb12u3%3Fdistro=trixie
3
url pkg:deb/debian/lxc@1:6.0.4-4%2Bdeb13u2?distro=trixie
purl pkg:deb/debian/lxc@1:6.0.4-4%2Bdeb13u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/lxc@1:6.0.4-4%252Bdeb13u2%3Fdistro=trixie
4
url pkg:deb/debian/lxc@1:6.0.6-1?distro=trixie
purl pkg:deb/debian/lxc@1:6.0.6-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/lxc@1:6.0.6-1%3Fdistro=trixie
5
url pkg:deb/debian/lxc@1:6.0.6-2?distro=trixie
purl pkg:deb/debian/lxc@1:6.0.6-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/lxc@1:6.0.6-2%3Fdistro=trixie
aliases CVE-2022-47952
risk_score 1.6
exploitability 0.5
weighted_severity 3.1
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-xq22-fmtf-8yhs
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:deb/debian/lxc@1:5.0.2-1%3Fdistro=trixie