Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:rpm/redhat/podman@4:4.9.4-5.1.rhaos4.16?arch=el8

Type rpm

Namespace redhat

Name podman

Version 4:4.9.4-5.1.rhaos4.16

Qualifiers

arch	el8

Subpath

Is_vulnerable true

Next_non_vulnerable_version null

Latest_non_vulnerable_version null

Affected_by_vulnerabilities

url

VCID-1rpd-33se-hkex

vulnerability_id

VCID-1rpd-33se-hkex

summary

jose vulnerable to resource exhaustion via specifically crafted JWE with compressed plaintext
A vulnerability has been identified in the JSON Web Encryption (JWE) decryption interfaces, specifically related to the [support for decompressing plaintext after its decryption](https://www.rfc-editor.org/rfc/rfc7516.html#section-4.1.3). This allows an adversary to exploit specific scenarios where the compression ratio becomes exceptionally high. As a result, the length of the JWE token, which is determined by the compressed content's size, can land below application-defined limits. In such cases, other existing application level mechanisms for preventing resource exhaustion may be rendered ineffective.

Note that as per [RFC 8725](https://www.rfc-editor.org/rfc/rfc8725.html#name-avoid-compression-of-encryp) compression of data SHOULD NOT be done before encryption, because such compressed data often reveals information about the plaintext. For this reason the v5.x major version of `jose` removed support for compressed payloads entirely and is therefore NOT affected by this advisory.

### Impact

Under certain conditions it is possible to have the user's environment consume unreasonable amount of CPU time or memory during JWE Decryption operations.

### Affected users

The impact is limited only to Node.js users utilizing the JWE decryption APIs to decrypt JWEs from untrusted sources.

You are NOT affected if any of the following applies to you

- Your code uses jose version v5.x where JWE Compression is not supported anymore
- Your code runs in an environment other than Node.js (e.g. Deno, CF Workers), which is the only runtime where JWE Compression is implemented out of the box
- Your code does not use the JWE decryption APIs
- Your code only accepts JWEs produced by trusted sources

### Patches

`v2.0.7` and `v4.15.5` releases limit the decompression routine to only allow decompressing up to 250 kB of plaintext. In v4.x it is possible to further adjust this limit via the `inflateRaw` decryption option implementation. In v2.x it is possible to further adjust this limit via the `inflateRawSyncLimit` decryption option.

### Workarounds

If you cannot upgrade and do not want to support compressed JWEs you may detect and reject these tokens early by checking the token's protected header

```js
const { zip } = jose.decodeProtectedHeader(token)
if (zip !== undefined) {
  throw new Error('JWE Compression is not supported')
}
```

If you wish to continue supporting JWEs with compressed payloads in these legacy release lines you must upgrade (v1.x and v2.x to version v2.0.7, v3.x and v4.x to version v4.15.5) and review the limits put forth by the patched releases.

### For more information
If you have any questions or comments about this advisory please open a discussion in the project's [repository](https://github.com/panva/jose/discussions/new?category=q-a&title=GHSA-hhhv-q57g-882q%20advisory%20question)

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-28176.json

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-28176.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-28176

reference_id

reference_type

scores

value	0.00572
scoring_system	epss
scoring_elements	0.68681
published_at	2026-04-21T12:55:00Z

value	0.00572
scoring_system	epss
scoring_elements	0.68702
published_at	2026-04-18T12:55:00Z

value	0.00572
scoring_system	epss
scoring_elements	0.68691
published_at	2026-04-16T12:55:00Z

value	0.00572
scoring_system	epss
scoring_elements	0.68602
published_at	2026-04-02T12:55:00Z

value	0.00572
scoring_system	epss
scoring_elements	0.6862
published_at	2026-04-04T12:55:00Z

value	0.00572
scoring_system	epss
scoring_elements	0.68597
published_at	2026-04-07T12:55:00Z

value	0.00572
scoring_system	epss
scoring_elements	0.68648
published_at	2026-04-13T12:55:00Z

value	0.00572
scoring_system	epss
scoring_elements	0.68666
published_at	2026-04-09T12:55:00Z

value	0.00572
scoring_system	epss
scoring_elements	0.6869
published_at	2026-04-11T12:55:00Z

value	0.00572
scoring_system	epss
scoring_elements	0.68677
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-28176

reference_url

https://github.com/panva/jose

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/panva/jose

reference_url

https://github.com/panva/jose/commit/02a65794f7873cdaf12e81e80ad076fcdc4a9314

reference_id

reference_type

scores

value	4.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-11T14:26:36Z/

url

https://github.com/panva/jose/commit/02a65794f7873cdaf12e81e80ad076fcdc4a9314

reference_url

https://github.com/panva/jose/commit/1b91d88d2f8233f3477a5f4579aa5f8057b2ee8b

reference_id

reference_type

scores

value	4.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-11T14:26:36Z/

url

https://github.com/panva/jose/commit/1b91d88d2f8233f3477a5f4579aa5f8057b2ee8b

reference_url

https://github.com/panva/jose/security/advisories/GHSA-hhhv-q57g-882q

reference_id

reference_type

scores

value	4.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

value	MODERATE
scoring_system	cvssv3.1_qr
scoring_elements

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-11T14:26:36Z/

url

https://github.com/panva/jose/security/advisories/GHSA-hhhv-q57g-882q

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I6MMWFBOXJA6ZCXNVPDFJ4XMK5PVG5RG

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I6MMWFBOXJA6ZCXNVPDFJ4XMK5PVG5RG

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KXKGNCRU7OTM5AHC7YIYBNOWI742PRMY

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KXKGNCRU7OTM5AHC7YIYBNOWI742PRMY

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UG5FSEYJ3GP27FZXC5YAAMMEC5XWKJHG

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UG5FSEYJ3GP27FZXC5YAAMMEC5XWKJHG

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UJO2U5ACZVACNQXJ5EBRFLFW6DP5BROY

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UJO2U5ACZVACNQXJ5EBRFLFW6DP5BROY

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XJDO5VSIAOGT2WP63AXAAWNRSVJCNCRH

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XJDO5VSIAOGT2WP63AXAAWNRSVJCNCRH

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2024-28176

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2024-28176

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2268820
reference_id	2268820
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2268820

reference_url

https://github.com/advisories/GHSA-hhhv-q57g-882q

reference_id

GHSA-hhhv-q57g-882q

reference_type

scores

value	MODERATE
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-hhhv-q57g-882q

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I6MMWFBOXJA6ZCXNVPDFJ4XMK5PVG5RG/

reference_id

I6MMWFBOXJA6ZCXNVPDFJ4XMK5PVG5RG

reference_type

scores

value	4.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-11T14:26:36Z/

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I6MMWFBOXJA6ZCXNVPDFJ4XMK5PVG5RG/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KXKGNCRU7OTM5AHC7YIYBNOWI742PRMY/

reference_id

KXKGNCRU7OTM5AHC7YIYBNOWI742PRMY

reference_type

scores

value	4.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-11T14:26:36Z/

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KXKGNCRU7OTM5AHC7YIYBNOWI742PRMY/

reference_url	https://access.redhat.com/errata/RHSA-2024:3826
reference_id	RHSA-2024:3826
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:3826

reference_url	https://access.redhat.com/errata/RHSA-2024:3827
reference_id	RHSA-2024:3827
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:3827

reference_url	https://access.redhat.com/errata/RHSA-2024:3968
reference_id	RHSA-2024:3968
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:3968

reference_url	https://access.redhat.com/errata/RHSA-2024:5094
reference_id	RHSA-2024:5094
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:5094

reference_url	https://access.redhat.com/errata/RHSA-2024:5294
reference_id	RHSA-2024:5294
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:5294

reference_url	https://access.redhat.com/errata/RHSA-2024:6755
reference_id	RHSA-2024:6755
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:6755

reference_url	https://access.redhat.com/errata/RHSA-2024:8676
reference_id	RHSA-2024:8676
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:8676

reference_url	https://access.redhat.com/errata/RHSA-2024:9181
reference_id	RHSA-2024:9181
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:9181

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UG5FSEYJ3GP27FZXC5YAAMMEC5XWKJHG/

reference_id

UG5FSEYJ3GP27FZXC5YAAMMEC5XWKJHG

reference_type

scores

value	4.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-11T14:26:36Z/

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UG5FSEYJ3GP27FZXC5YAAMMEC5XWKJHG/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UJO2U5ACZVACNQXJ5EBRFLFW6DP5BROY/

reference_id

UJO2U5ACZVACNQXJ5EBRFLFW6DP5BROY

reference_type

scores

value	4.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-11T14:26:36Z/

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UJO2U5ACZVACNQXJ5EBRFLFW6DP5BROY/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XJDO5VSIAOGT2WP63AXAAWNRSVJCNCRH/

reference_id

XJDO5VSIAOGT2WP63AXAAWNRSVJCNCRH

reference_type

scores

value	4.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-11T14:26:36Z/

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XJDO5VSIAOGT2WP63AXAAWNRSVJCNCRH/

fixed_packages

aliases

CVE-2024-28176, GHSA-hhhv-q57g-882q

risk_score

3.1

exploitability

0.5

weighted_severity

6.2

resource_url

http://public2.vulnerablecode.io/vulnerabilities/VCID-1rpd-33se-hkex

url

VCID-4psv-cefc-7kad

vulnerability_id

VCID-4psv-cefc-7kad

summary

Multiple vulnerabilities have been discovered in Go, the worst of which could lead to information leakage or a denial of service.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-24783.json

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-24783.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-24783

reference_id

reference_type

scores

value	0.00602
scoring_system	epss
scoring_elements	0.69569
published_at	2026-04-18T12:55:00Z

value	0.00602
scoring_system	epss
scoring_elements	0.69466
published_at	2026-04-02T12:55:00Z

value	0.00602
scoring_system	epss
scoring_elements	0.69482
published_at	2026-04-04T12:55:00Z

value	0.00602
scoring_system	epss
scoring_elements	0.69461
published_at	2026-04-07T12:55:00Z

value	0.00602
scoring_system	epss
scoring_elements	0.69512
published_at	2026-04-08T12:55:00Z

value	0.00602
scoring_system	epss
scoring_elements	0.69528
published_at	2026-04-09T12:55:00Z

value	0.00602
scoring_system	epss
scoring_elements	0.6955
published_at	2026-04-21T12:55:00Z

value	0.00602
scoring_system	epss
scoring_elements	0.69534
published_at	2026-04-12T12:55:00Z

value	0.00602
scoring_system	epss
scoring_elements	0.6952
published_at	2026-04-13T12:55:00Z

value	0.00602
scoring_system	epss
scoring_elements	0.6956
published_at	2026-04-16T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-24783

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24783

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2268019
reference_id	2268019
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2268019

reference_url

https://go.dev/cl/569339

reference_id

569339

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-06T18:26:26Z/

url

https://go.dev/cl/569339

reference_url

https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg

reference_id

5pwGVUPoMbg

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-06T18:26:26Z/

url

https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg

reference_url

https://go.dev/issue/65390

reference_id

65390

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-06T18:26:26Z/

url

https://go.dev/issue/65390

reference_url	https://security.gentoo.org/glsa/202408-07
reference_id	GLSA-202408-07
reference_type
scores
url	https://security.gentoo.org/glsa/202408-07

reference_url

https://pkg.go.dev/vuln/GO-2024-2598

reference_id

GO-2024-2598

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-06T18:26:26Z/

url

https://pkg.go.dev/vuln/GO-2024-2598

reference_url

https://security.netapp.com/advisory/ntap-20240329-0005/

reference_id

ntap-20240329-0005

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-06T18:26:26Z/

url

https://security.netapp.com/advisory/ntap-20240329-0005/

reference_url	https://access.redhat.com/errata/RHSA-2024:1616
reference_id	RHSA-2024:1616
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1616

reference_url	https://access.redhat.com/errata/RHSA-2024:2096
reference_id	RHSA-2024:2096
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:2096

reference_url	https://access.redhat.com/errata/RHSA-2024:2724
reference_id	RHSA-2024:2724
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:2724

reference_url	https://access.redhat.com/errata/RHSA-2024:2901
reference_id	RHSA-2024:2901
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:2901

reference_url	https://access.redhat.com/errata/RHSA-2024:2941
reference_id	RHSA-2024:2941
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:2941

reference_url	https://access.redhat.com/errata/RHSA-2024:3259
reference_id	RHSA-2024:3259
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:3259

reference_url	https://access.redhat.com/errata/RHSA-2024:3346
reference_id	RHSA-2024:3346
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:3346

reference_url	https://access.redhat.com/errata/RHSA-2024:3617
reference_id	RHSA-2024:3617
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:3617

reference_url	https://access.redhat.com/errata/RHSA-2024:3621
reference_id	RHSA-2024:3621
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:3621

reference_url	https://access.redhat.com/errata/RHSA-2024:3637
reference_id	RHSA-2024:3637
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:3637

reference_url	https://access.redhat.com/errata/RHSA-2024:3781
reference_id	RHSA-2024:3781
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:3781

reference_url	https://access.redhat.com/errata/RHSA-2024:3790
reference_id	RHSA-2024:3790
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:3790

reference_url	https://access.redhat.com/errata/RHSA-2024:3868
reference_id	RHSA-2024:3868
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:3868

reference_url	https://access.redhat.com/errata/RHSA-2024:4023
reference_id	RHSA-2024:4023
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:4023

reference_url	https://access.redhat.com/errata/RHSA-2024:4034
reference_id	RHSA-2024:4034
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:4034

reference_url	https://access.redhat.com/errata/RHSA-2024:4125
reference_id	RHSA-2024:4125
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:4125

reference_url	https://access.redhat.com/errata/RHSA-2024:4520
reference_id	RHSA-2024:4520
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:4520

reference_url	https://access.redhat.com/errata/RHSA-2024:4893
reference_id	RHSA-2024:4893
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:4893

reference_url	https://access.redhat.com/errata/RHSA-2024:5013
reference_id	RHSA-2024:5013
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:5013

reference_url	https://access.redhat.com/errata/RHSA-2024:6186
reference_id	RHSA-2024:6186
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:6186

reference_url	https://access.redhat.com/errata/RHSA-2024:6187
reference_id	RHSA-2024:6187
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:6187

reference_url	https://access.redhat.com/errata/RHSA-2024:6188
reference_id	RHSA-2024:6188
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:6188

reference_url	https://access.redhat.com/errata/RHSA-2024:6189
reference_id	RHSA-2024:6189
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:6189

reference_url	https://access.redhat.com/errata/RHSA-2024:6194
reference_id	RHSA-2024:6194
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:6194

reference_url	https://access.redhat.com/errata/RHSA-2024:6195
reference_id	RHSA-2024:6195
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:6195

reference_url	https://access.redhat.com/errata/RHSA-2024:6221
reference_id	RHSA-2024:6221
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:6221

reference_url	https://access.redhat.com/errata/RHSA-2024:6969
reference_id	RHSA-2024:6969
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:6969

reference_url	https://access.redhat.com/errata/RHSA-2024:9485
reference_id	RHSA-2024:9485
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:9485

reference_url	https://access.redhat.com/errata/RHSA-2025:0536
reference_id	RHSA-2025:0536
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:0536

reference_url	https://access.redhat.com/errata/RHSA-2025:9776
reference_id	RHSA-2025:9776
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:9776

reference_url	https://usn.ubuntu.com/6886-1/
reference_id	USN-6886-1
reference_type
scores
url	https://usn.ubuntu.com/6886-1/

reference_url	https://usn.ubuntu.com/7109-1/
reference_id	USN-7109-1
reference_type
scores
url	https://usn.ubuntu.com/7109-1/

reference_url	https://usn.ubuntu.com/7111-1/
reference_id	USN-7111-1
reference_type
scores
url	https://usn.ubuntu.com/7111-1/

fixed_packages

aliases

CVE-2024-24783

risk_score

2.6

exploitability

0.5

weighted_severity

5.3

resource_url

http://public2.vulnerablecode.io/vulnerabilities/VCID-4psv-cefc-7kad

url

VCID-52c5-4udv-jydb

vulnerability_id

VCID-52c5-4udv-jydb

summary

github.com/containers/image allows unexpected authenticated registry accesses
A flaw was found in the github.com/containers/image library. This flaw allows attackers to trigger unexpected authenticated registry accesses on behalf of a victim user, causing resource exhaustion, local path traversal, and other attacks.

references

reference_url

https://access.redhat.com/errata/RHSA-2024:0045

reference_id

reference_type

scores

value	8.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-13T17:59:41Z/

url

https://access.redhat.com/errata/RHSA-2024:0045

reference_url

https://access.redhat.com/errata/RHSA-2024:3718

reference_id

reference_type

scores

value	8.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-13T17:59:41Z/

url

https://access.redhat.com/errata/RHSA-2024:3718

reference_url

https://access.redhat.com/errata/RHSA-2024:4159

reference_id

reference_type

scores

value	8.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-13T17:59:41Z/

url

https://access.redhat.com/errata/RHSA-2024:4159

reference_url

https://access.redhat.com/errata/RHSA-2024:4613

reference_id

reference_type

scores

value	8.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-13T17:59:41Z/

url

https://access.redhat.com/errata/RHSA-2024:4613

reference_url

https://access.redhat.com/errata/RHSA-2024:4850

reference_id

reference_type

scores

value	8.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-13T17:59:41Z/

url

https://access.redhat.com/errata/RHSA-2024:4850

reference_url

https://access.redhat.com/errata/RHSA-2024:4960

reference_id

reference_type

scores

value	8.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-13T17:59:41Z/

url

https://access.redhat.com/errata/RHSA-2024:4960

reference_url

https://access.redhat.com/errata/RHSA-2024:5258

reference_id

reference_type

scores

value	8.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-13T17:59:41Z/

url

https://access.redhat.com/errata/RHSA-2024:5258

reference_url

https://access.redhat.com/errata/RHSA-2024:5951

reference_id

reference_type

scores

value	8.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-13T17:59:41Z/

url

https://access.redhat.com/errata/RHSA-2024:5951

reference_url

https://access.redhat.com/errata/RHSA-2024:6054

reference_id

reference_type

scores

value	8.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-13T17:59:41Z/

url

https://access.redhat.com/errata/RHSA-2024:6054

reference_url

https://access.redhat.com/errata/RHSA-2024:6122

reference_id

reference_type

scores

value	8.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-13T17:59:41Z/

url

https://access.redhat.com/errata/RHSA-2024:6122

reference_url

https://access.redhat.com/errata/RHSA-2024:6708

reference_id

reference_type

scores

value	8.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-13T17:59:41Z/

url

https://access.redhat.com/errata/RHSA-2024:6708

reference_url

https://access.redhat.com/errata/RHSA-2024:6818

reference_id

reference_type

scores

value	8.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-13T17:59:41Z/

url

https://access.redhat.com/errata/RHSA-2024:6818

reference_url

https://access.redhat.com/errata/RHSA-2024:6824

reference_id

reference_type

scores

value	8.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-13T17:59:41Z/

url

https://access.redhat.com/errata/RHSA-2024:6824

reference_url

https://access.redhat.com/errata/RHSA-2024:7164

reference_id

reference_type

scores

value	8.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-13T17:59:41Z/

url

https://access.redhat.com/errata/RHSA-2024:7164

reference_url

https://access.redhat.com/errata/RHSA-2024:7174

reference_id

reference_type

scores

value	8.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-13T17:59:41Z/

url

https://access.redhat.com/errata/RHSA-2024:7174

reference_url

https://access.redhat.com/errata/RHSA-2024:7182

reference_id

reference_type

scores

value	8.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-13T17:59:41Z/

url

https://access.redhat.com/errata/RHSA-2024:7182

reference_url

https://access.redhat.com/errata/RHSA-2024:7187

reference_id

reference_type

scores

value	8.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-13T17:59:41Z/

url

https://access.redhat.com/errata/RHSA-2024:7187

reference_url

https://access.redhat.com/errata/RHSA-2024:7922

reference_id

reference_type

scores

value	8.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-13T17:59:41Z/

url

https://access.redhat.com/errata/RHSA-2024:7922

reference_url

https://access.redhat.com/errata/RHSA-2024:7941

reference_id

reference_type

scores

value	8.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-13T17:59:41Z/

url

https://access.redhat.com/errata/RHSA-2024:7941

reference_url

https://access.redhat.com/errata/RHSA-2024:8260

reference_id

reference_type

scores

value	8.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-13T17:59:41Z/

url

https://access.redhat.com/errata/RHSA-2024:8260

reference_url

https://access.redhat.com/errata/RHSA-2024:8425

reference_id

reference_type

scores

value	8.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-13T17:59:41Z/

url

https://access.redhat.com/errata/RHSA-2024:8425

reference_url

https://access.redhat.com/errata/RHSA-2024:9097

reference_id

reference_type

scores

value	8.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-13T17:59:41Z/

url

https://access.redhat.com/errata/RHSA-2024:9097

reference_url

https://access.redhat.com/errata/RHSA-2024:9098

reference_id

reference_type

scores

value	8.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-13T17:59:41Z/

url

https://access.redhat.com/errata/RHSA-2024:9098

reference_url

https://access.redhat.com/errata/RHSA-2024:9102

reference_id

reference_type

scores

value	8.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-13T17:59:41Z/

url

https://access.redhat.com/errata/RHSA-2024:9102

reference_url

https://access.redhat.com/errata/RHSA-2024:9960

reference_id

reference_type

scores

value	8.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-13T17:59:41Z/

url

https://access.redhat.com/errata/RHSA-2024:9960

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-3727.json

reference_id

reference_type

scores

value	8.3
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-3727.json

reference_url

https://access.redhat.com/security/cve/CVE-2024-3727

reference_id

reference_type

scores

value	8.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-13T17:59:41Z/

url

https://access.redhat.com/security/cve/CVE-2024-3727

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-3727

reference_id

reference_type

scores

value	0.00488
scoring_system	epss
scoring_elements	0.65523
published_at	2026-04-21T12:55:00Z

value	0.00559
scoring_system	epss
scoring_elements	0.68289
published_at	2026-04-18T12:55:00Z

value	0.00559
scoring_system	epss
scoring_elements	0.68285
published_at	2026-04-11T12:55:00Z

value	0.00559
scoring_system	epss
scoring_elements	0.68272
published_at	2026-04-12T12:55:00Z

value	0.00559
scoring_system	epss
scoring_elements	0.68238
published_at	2026-04-13T12:55:00Z

value	0.00559
scoring_system	epss
scoring_elements	0.68278
published_at	2026-04-16T12:55:00Z

value	0.00575
scoring_system	epss
scoring_elements	0.68745
published_at	2026-04-08T12:55:00Z

value	0.00575
scoring_system	epss
scoring_elements	0.68693
published_at	2026-04-07T12:55:00Z

value	0.00575
scoring_system	epss
scoring_elements	0.68715
published_at	2026-04-04T12:55:00Z

value	0.00575
scoring_system	epss
scoring_elements	0.68697
published_at	2026-04-02T12:55:00Z

value	0.00575
scoring_system	epss
scoring_elements	0.68764
published_at	2026-04-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-3727

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=2274767

reference_id

reference_type

scores

value	8.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-13T17:59:41Z/

url

https://bugzilla.redhat.com/show_bug.cgi?id=2274767

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3727
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3727

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	8.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://github.com/advisories/GHSA-6wvf-f2vw-3425

reference_id

reference_type

scores

value	8.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/advisories/GHSA-6wvf-f2vw-3425

reference_url

https://github.com/containers/image

reference_id

reference_type

scores

value	8.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/containers/image

reference_url

https://github.com/containers/image/commit/132678b47bae29c710589012668cb85859d88385

reference_id

reference_type

scores

value	8.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/containers/image/commit/132678b47bae29c710589012668cb85859d88385

reference_url

https://github.com/containers/image/commit/e8948046055060605bd68289d406ce149590c33a

reference_id

reference_type

scores

value	8.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/containers/image/commit/e8948046055060605bd68289d406ce149590c33a

reference_url

https://github.com/containers/image/releases/tag/v5.29.3

reference_id

reference_type

scores

value	8.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/containers/image/releases/tag/v5.29.3

reference_url

https://github.com/containers/image/releases/tag/v5.30.1

reference_id

reference_type

scores

value	8.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/containers/image/releases/tag/v5.30.1

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4HEYS34N55G7NOQZKNEXZKQVNDGEICCD

reference_id

reference_type

scores

value	8.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4HEYS34N55G7NOQZKNEXZKQVNDGEICCD

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6B37TXOKTKDBE2V26X2NSP7JKNMZOFVP

reference_id

reference_type

scores

value	8.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6B37TXOKTKDBE2V26X2NSP7JKNMZOFVP

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CYT3D2P3OJKISNFKOOHGY6HCUCQZYAVR

reference_id

reference_type

scores

value	8.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CYT3D2P3OJKISNFKOOHGY6HCUCQZYAVR

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DLND3YDQQRWVRIUPL2G5UKXP5L3VSBBT

reference_id

reference_type

scores

value	8.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DLND3YDQQRWVRIUPL2G5UKXP5L3VSBBT

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DTOMYERG5ND4QFDHC4ZSGCED3T3ESRSC

reference_id

reference_type

scores

value	8.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DTOMYERG5ND4QFDHC4ZSGCED3T3ESRSC

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FBZQ2ZRMFEUQ35235B2HWPSXGDCBZHFV

reference_id

reference_type

scores

value	8.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FBZQ2ZRMFEUQ35235B2HWPSXGDCBZHFV

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GD2GSBQTBLYADASUBHHZV2CZPTSLIPQJ

reference_id

reference_type

scores

value	8.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GD2GSBQTBLYADASUBHHZV2CZPTSLIPQJ

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QFXMF3VVKIZN7ZMB7PKZCSWV6MOMTGMQ

reference_id

reference_type

scores

value	8.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QFXMF3VVKIZN7ZMB7PKZCSWV6MOMTGMQ

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SFVSMR7TNLO2KPWJSW4CF64C2QMQXCIN

reference_id

reference_type

scores

value	8.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SFVSMR7TNLO2KPWJSW4CF64C2QMQXCIN

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2024-3727

reference_id

reference_type

scores

value	8.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2024-3727

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1070858
reference_id	1070858
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1070858

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:acm:2
reference_id	cpe:/a:redhat:acm:2
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:acm:2

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:advanced_cluster_security:3
reference_id	cpe:/a:redhat:advanced_cluster_security:3
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:advanced_cluster_security:3

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:advanced_cluster_security:4.4::el8
reference_id	cpe:/a:redhat:advanced_cluster_security:4.4::el8
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:advanced_cluster_security:4.4::el8

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:advanced_cluster_security:4.5::el8
reference_id	cpe:/a:redhat:advanced_cluster_security:4.5::el8
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:advanced_cluster_security:4.5::el8

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ansible_automation_platform
reference_id	cpe:/a:redhat:ansible_automation_platform
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ansible_automation_platform

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ansible_automation_platform:2
reference_id	cpe:/a:redhat:ansible_automation_platform:2
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ansible_automation_platform:2

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:assisted_installer:1
reference_id	cpe:/a:redhat:assisted_installer:1
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:assisted_installer:1

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:container_native_virtualization:4
reference_id	cpe:/a:redhat:container_native_virtualization:4
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:container_native_virtualization:4

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:container_native_virtualization:4.15::el9
reference_id	cpe:/a:redhat:container_native_virtualization:4.15::el9
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:container_native_virtualization:4.15::el9

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream
reference_id	cpe:/a:redhat:enterprise_linux:8::appstream
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream
reference_id	cpe:/a:redhat:enterprise_linux:9::appstream
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:multicluster_engine
reference_id	cpe:/a:redhat:multicluster_engine
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:multicluster_engine

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ocp_tools
reference_id	cpe:/a:redhat:ocp_tools
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ocp_tools

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:3.11
reference_id	cpe:/a:redhat:openshift:3.11
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:3.11

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4
reference_id	cpe:/a:redhat:openshift:4
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.13::el8
reference_id	cpe:/a:redhat:openshift:4.13::el8
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.13::el8

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.13::el9
reference_id	cpe:/a:redhat:openshift:4.13::el9
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.13::el9

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.14::el8
reference_id	cpe:/a:redhat:openshift:4.14::el8
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.14::el8

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.14::el9
reference_id	cpe:/a:redhat:openshift:4.14::el9
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.14::el9

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.15::el8
reference_id	cpe:/a:redhat:openshift:4.15::el8
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.15::el8

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.15::el9
reference_id	cpe:/a:redhat:openshift:4.15::el9
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.15::el9

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.16::el8
reference_id	cpe:/a:redhat:openshift:4.16::el8
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.16::el8

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.16::el9
reference_id	cpe:/a:redhat:openshift:4.16::el9
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.16::el9

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.17::el9
reference_id	cpe:/a:redhat:openshift:4.17::el9
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.17::el9

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.18::el9
reference_id	cpe:/a:redhat:openshift:4.18::el9
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.18::el9

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift_api_data_protection:1.3::el9
reference_id	cpe:/a:redhat:openshift_api_data_protection:1.3::el9
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift_api_data_protection:1.3::el9

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift_devspaces:3
reference_id	cpe:/a:redhat:openshift_devspaces:3
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift_devspaces:3

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift_ironic:4.13::el9
reference_id	cpe:/a:redhat:openshift_ironic:4.13::el9
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift_ironic:4.13::el9

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift_ironic:4.14::el9
reference_id	cpe:/a:redhat:openshift_ironic:4.14::el9
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift_ironic:4.14::el9

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift_ironic:4.15::el9
reference_id	cpe:/a:redhat:openshift_ironic:4.15::el9
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift_ironic:4.15::el9

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift_ironic:4.16::el9
reference_id	cpe:/a:redhat:openshift_ironic:4.16::el9
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift_ironic:4.16::el9

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift_sandboxed_containers:1
reference_id	cpe:/a:redhat:openshift_sandboxed_containers:1
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift_sandboxed_containers:1

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openstack:16.2
reference_id	cpe:/a:redhat:openstack:16.2
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openstack:16.2

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:quay:3
reference_id	cpe:/a:redhat:quay:3
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:quay:3

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhmt:1.8::el8
reference_id	cpe:/a:redhat:rhmt:1.8::el8
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhmt:1.8::el8

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:serverless:1
reference_id	cpe:/a:redhat:serverless:1
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:serverless:1

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:source_to_image:1
reference_id	cpe:/a:redhat:source_to_image:1
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:source_to_image:1

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10
reference_id	cpe:/o:redhat:enterprise_linux:10
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7
reference_id	cpe:/o:redhat:enterprise_linux:7
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8
reference_id	cpe:/o:redhat:enterprise_linux:8
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9
reference_id	cpe:/o:redhat:enterprise_linux:9
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9

fixed_packages

aliases

CVE-2024-3727, GHSA-6wvf-f2vw-3425

risk_score

4.0

exploitability

0.5

weighted_severity

8.0

resource_url

http://public2.vulnerablecode.io/vulnerabilities/VCID-52c5-4udv-jydb

url

VCID-86md-jx8m-1kck

vulnerability_id

VCID-86md-jx8m-1kck

summary

Multiple vulnerabilities have been discovered in Go, the worst of which could lead to information leakage or a denial of service.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-24784.json

reference_id

reference_type

scores

value	5.4
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-24784.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-24784

reference_id

reference_type

scores

value	0.02017
scoring_system	epss
scoring_elements	0.83779
published_at	2026-04-21T12:55:00Z

value	0.02017
scoring_system	epss
scoring_elements	0.83691
published_at	2026-04-02T12:55:00Z

value	0.02017
scoring_system	epss
scoring_elements	0.83706
published_at	2026-04-04T12:55:00Z

value	0.02017
scoring_system	epss
scoring_elements	0.83708
published_at	2026-04-07T12:55:00Z

value	0.02017
scoring_system	epss
scoring_elements	0.83732
published_at	2026-04-08T12:55:00Z

value	0.02017
scoring_system	epss
scoring_elements	0.83738
published_at	2026-04-09T12:55:00Z

value	0.02017
scoring_system	epss
scoring_elements	0.83755
published_at	2026-04-11T12:55:00Z

value	0.02017
scoring_system	epss
scoring_elements	0.83748
published_at	2026-04-12T12:55:00Z

value	0.02017
scoring_system	epss
scoring_elements	0.83744
published_at	2026-04-13T12:55:00Z

value	0.02017
scoring_system	epss
scoring_elements	0.83778
published_at	2026-04-16T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-24784

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24784
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24784

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2268021
reference_id	2268021
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2268021

reference_url

https://go.dev/cl/555596

reference_id

555596

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-05T20:13:24Z/

url

https://go.dev/cl/555596

reference_url

https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg

reference_id

5pwGVUPoMbg

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-05T20:13:24Z/

url

https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg

reference_url

https://go.dev/issue/65083

reference_id

65083

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-05T20:13:24Z/

url

https://go.dev/issue/65083

reference_url	https://security.gentoo.org/glsa/202408-07
reference_id	GLSA-202408-07
reference_type
scores
url	https://security.gentoo.org/glsa/202408-07

reference_url

https://pkg.go.dev/vuln/GO-2024-2609

reference_id

GO-2024-2609

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-05T20:13:24Z/

url

https://pkg.go.dev/vuln/GO-2024-2609

reference_url

https://security.netapp.com/advisory/ntap-20240329-0007/

reference_id

ntap-20240329-0007

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-05T20:13:24Z/

url

https://security.netapp.com/advisory/ntap-20240329-0007/

reference_url	https://access.redhat.com/errata/RHSA-2024:1616
reference_id	RHSA-2024:1616
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1616

reference_url	https://access.redhat.com/errata/RHSA-2024:2941
reference_id	RHSA-2024:2941
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:2941

reference_url	https://access.redhat.com/errata/RHSA-2024:3259
reference_id	RHSA-2024:3259
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:3259

reference_url	https://access.redhat.com/errata/RHSA-2024:3617
reference_id	RHSA-2024:3617
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:3617

reference_url	https://access.redhat.com/errata/RHSA-2024:3621
reference_id	RHSA-2024:3621
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:3621

reference_url	https://access.redhat.com/errata/RHSA-2024:3637
reference_id	RHSA-2024:3637
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:3637

reference_url	https://access.redhat.com/errata/RHSA-2024:3790
reference_id	RHSA-2024:3790
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:3790

reference_url	https://access.redhat.com/errata/RHSA-2024:4023
reference_id	RHSA-2024:4023
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:4023

reference_url	https://access.redhat.com/errata/RHSA-2024:4520
reference_id	RHSA-2024:4520
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:4520

reference_url	https://access.redhat.com/errata/RHSA-2024:6969
reference_id	RHSA-2024:6969
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:6969

reference_url	https://access.redhat.com/errata/RHSA-2024:9485
reference_id	RHSA-2024:9485
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:9485

reference_url	https://access.redhat.com/errata/RHSA-2025:9776
reference_id	RHSA-2025:9776
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:9776

reference_url	https://usn.ubuntu.com/6886-1/
reference_id	USN-6886-1
reference_type
scores
url	https://usn.ubuntu.com/6886-1/

reference_url	https://usn.ubuntu.com/7109-1/
reference_id	USN-7109-1
reference_type
scores
url	https://usn.ubuntu.com/7109-1/

reference_url	https://usn.ubuntu.com/7111-1/
reference_id	USN-7111-1
reference_type
scores
url	https://usn.ubuntu.com/7111-1/

fixed_packages

aliases

CVE-2024-24784

risk_score

3.4

exploitability

0.5

weighted_severity

6.8

resource_url

http://public2.vulnerablecode.io/vulnerabilities/VCID-86md-jx8m-1kck

url

VCID-f8ak-21d8-juff

vulnerability_id

VCID-f8ak-21d8-juff

summary

Golang protojson.Unmarshal function infinite loop when unmarshaling certain forms of invalid JSON
The protojson.Unmarshal function can enter an infinite loop when unmarshaling certain forms of invalid JSON. This condition can occur when unmarshaling into a message which contains a google.protobuf.Any value, or when the UnmarshalOptions.DiscardUnknown option is set.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-24786.json

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-24786.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-24786

reference_id

reference_type

scores

value	0.00313
scoring_system	epss
scoring_elements	0.54531
published_at	2026-04-18T12:55:00Z

value	0.00313
scoring_system	epss
scoring_elements	0.54528
published_at	2026-04-16T12:55:00Z

value	0.00313
scoring_system	epss
scoring_elements	0.5449
published_at	2026-04-13T12:55:00Z

value	0.00313
scoring_system	epss
scoring_elements	0.54511
published_at	2026-04-12T12:55:00Z

value	0.00313
scoring_system	epss
scoring_elements	0.54529
published_at	2026-04-11T12:55:00Z

value	0.00313
scoring_system	epss
scoring_elements	0.54517
published_at	2026-04-09T12:55:00Z

value	0.00313
scoring_system	epss
scoring_elements	0.54523
published_at	2026-04-08T12:55:00Z

value	0.00322
scoring_system	epss
scoring_elements	0.55266
published_at	2026-04-02T12:55:00Z

value	0.00322
scoring_system	epss
scoring_elements	0.5527
published_at	2026-04-07T12:55:00Z

value	0.00322
scoring_system	epss
scoring_elements	0.55289
published_at	2026-04-04T12:55:00Z

value	0.00393
scoring_system	epss
scoring_elements	0.60287
published_at	2026-04-21T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-24786

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24786
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24786

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://github.com/protocolbuffers/protobuf-go

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	6.6
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/protocolbuffers/protobuf-go

reference_url

https://github.com/protocolbuffers/protobuf-go/commit/f01a588e5810b90996452eec4a28f22a0afae023

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	6.6
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/protocolbuffers/protobuf-go/commit/f01a588e5810b90996452eec4a28f22a0afae023

reference_url

https://github.com/protocolbuffers/protobuf-go/releases/tag/v1.33.0

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	6.6
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/protocolbuffers/protobuf-go/releases/tag/v1.33.0

reference_url

https://go.dev/cl/569356

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	6.6
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-07T16:22:27Z/

url

https://go.dev/cl/569356

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JDMBHAVSDU2FBDZ45U3A2VLSM35OJ2HU

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	6.6
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JDMBHAVSDU2FBDZ45U3A2VLSM35OJ2HU

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2024-24786

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	6.6
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2024-24786

reference_url

https://pkg.go.dev/vuln/GO-2024-2611

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	6.6
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-07T16:22:27Z/

url

https://pkg.go.dev/vuln/GO-2024-2611

reference_url

https://security.netapp.com/advisory/ntap-20240517-0002

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	6.6
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://security.netapp.com/advisory/ntap-20240517-0002

reference_url

http://www.openwall.com/lists/oss-security/2024/03/08/4

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	6.6
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-07T16:22:27Z/

url

http://www.openwall.com/lists/oss-security/2024/03/08/4

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1065684
reference_id	1065684
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1065684

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2268046
reference_id	2268046
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2268046

reference_url	https://security.gentoo.org/glsa/202407-12
reference_id	GLSA-202407-12
reference_type
scores
url	https://security.gentoo.org/glsa/202407-12

reference_url	https://security.gentoo.org/glsa/202407-25
reference_id	GLSA-202407-25
reference_type
scores
url	https://security.gentoo.org/glsa/202407-25

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JDMBHAVSDU2FBDZ45U3A2VLSM35OJ2HU/

reference_id

JDMBHAVSDU2FBDZ45U3A2VLSM35OJ2HU

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-07T16:22:27Z/

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JDMBHAVSDU2FBDZ45U3A2VLSM35OJ2HU/

reference_url

https://security.netapp.com/advisory/ntap-20240517-0002/

reference_id

ntap-20240517-0002

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-07T16:22:27Z/

url

https://security.netapp.com/advisory/ntap-20240517-0002/

reference_url	https://access.redhat.com/errata/RHSA-2024:0040
reference_id	RHSA-2024:0040
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0040

reference_url	https://access.redhat.com/errata/RHSA-2024:0043
reference_id	RHSA-2024:0043
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0043

reference_url	https://access.redhat.com/errata/RHSA-2024:10852
reference_id	RHSA-2024:10852
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:10852

reference_url	https://access.redhat.com/errata/RHSA-2024:1362
reference_id	RHSA-2024:1362
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1362

reference_url	https://access.redhat.com/errata/RHSA-2024:1363
reference_id	RHSA-2024:1363
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1363

reference_url	https://access.redhat.com/errata/RHSA-2024:1456
reference_id	RHSA-2024:1456
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1456

reference_url	https://access.redhat.com/errata/RHSA-2024:1461
reference_id	RHSA-2024:1461
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1461

reference_url	https://access.redhat.com/errata/RHSA-2024:1474
reference_id	RHSA-2024:1474
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1474

reference_url	https://access.redhat.com/errata/RHSA-2024:1507
reference_id	RHSA-2024:1507
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1507

reference_url	https://access.redhat.com/errata/RHSA-2024:1508
reference_id	RHSA-2024:1508
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1508

reference_url	https://access.redhat.com/errata/RHSA-2024:1537
reference_id	RHSA-2024:1537
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1537

reference_url	https://access.redhat.com/errata/RHSA-2024:1538
reference_id	RHSA-2024:1538
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1538

reference_url	https://access.redhat.com/errata/RHSA-2024:1616
reference_id	RHSA-2024:1616
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1616

reference_url	https://access.redhat.com/errata/RHSA-2024:1765
reference_id	RHSA-2024:1765
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1765

reference_url	https://access.redhat.com/errata/RHSA-2024:1795
reference_id	RHSA-2024:1795
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1795

reference_url	https://access.redhat.com/errata/RHSA-2024:1859
reference_id	RHSA-2024:1859
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1859

reference_url	https://access.redhat.com/errata/RHSA-2024:1874
reference_id	RHSA-2024:1874
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1874

reference_url	https://access.redhat.com/errata/RHSA-2024:1925
reference_id	RHSA-2024:1925
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1925

reference_url	https://access.redhat.com/errata/RHSA-2024:1946
reference_id	RHSA-2024:1946
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1946

reference_url	https://access.redhat.com/errata/RHSA-2024:2096
reference_id	RHSA-2024:2096
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:2096

reference_url	https://access.redhat.com/errata/RHSA-2024:2549
reference_id	RHSA-2024:2549
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:2549

reference_url	https://access.redhat.com/errata/RHSA-2024:2550
reference_id	RHSA-2024:2550
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:2550

reference_url	https://access.redhat.com/errata/RHSA-2024:2639
reference_id	RHSA-2024:2639
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:2639

reference_url	https://access.redhat.com/errata/RHSA-2024:2666
reference_id	RHSA-2024:2666
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:2666

reference_url	https://access.redhat.com/errata/RHSA-2024:2773
reference_id	RHSA-2024:2773
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:2773

reference_url	https://access.redhat.com/errata/RHSA-2024:2781
reference_id	RHSA-2024:2781
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:2781

reference_url	https://access.redhat.com/errata/RHSA-2024:2874
reference_id	RHSA-2024:2874
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:2874

reference_url	https://access.redhat.com/errata/RHSA-2024:2901
reference_id	RHSA-2024:2901
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:2901

reference_url	https://access.redhat.com/errata/RHSA-2024:3316
reference_id	RHSA-2024:3316
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:3316

reference_url	https://access.redhat.com/errata/RHSA-2024:3617
reference_id	RHSA-2024:3617
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:3617

reference_url	https://access.redhat.com/errata/RHSA-2024:3621
reference_id	RHSA-2024:3621
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:3621

reference_url	https://access.redhat.com/errata/RHSA-2024:3634
reference_id	RHSA-2024:3634
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:3634

reference_url	https://access.redhat.com/errata/RHSA-2024:3635
reference_id	RHSA-2024:3635
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:3635

reference_url	https://access.redhat.com/errata/RHSA-2024:3636
reference_id	RHSA-2024:3636
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:3636

reference_url	https://access.redhat.com/errata/RHSA-2024:3637
reference_id	RHSA-2024:3637
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:3637

reference_url	https://access.redhat.com/errata/RHSA-2024:3683
reference_id	RHSA-2024:3683
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:3683

reference_url	https://access.redhat.com/errata/RHSA-2024:3715
reference_id	RHSA-2024:3715
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:3715

reference_url	https://access.redhat.com/errata/RHSA-2024:3717
reference_id	RHSA-2024:3717
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:3717

reference_url	https://access.redhat.com/errata/RHSA-2024:3868
reference_id	RHSA-2024:3868
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:3868

reference_url	https://access.redhat.com/errata/RHSA-2024:4150
reference_id	RHSA-2024:4150
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:4150

reference_url	https://access.redhat.com/errata/RHSA-2024:4163
reference_id	RHSA-2024:4163
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:4163

reference_url	https://access.redhat.com/errata/RHSA-2024:4246
reference_id	RHSA-2024:4246
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:4246

reference_url	https://access.redhat.com/errata/RHSA-2024:4455
reference_id	RHSA-2024:4455
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:4455

reference_url	https://access.redhat.com/errata/RHSA-2024:4597
reference_id	RHSA-2024:4597
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:4597

reference_url	https://access.redhat.com/errata/RHSA-2024:4626
reference_id	RHSA-2024:4626
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:4626

reference_url	https://access.redhat.com/errata/RHSA-2024:5013
reference_id	RHSA-2024:5013
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:5013

reference_url	https://access.redhat.com/errata/RHSA-2024:5054
reference_id	RHSA-2024:5054
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:5054

reference_url	https://access.redhat.com/errata/RHSA-2024:5422
reference_id	RHSA-2024:5422
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:5422

reference_url	https://access.redhat.com/errata/RHSA-2024:6004
reference_id	RHSA-2024:6004
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:6004

reference_url	https://access.redhat.com/errata/RHSA-2024:6221
reference_id	RHSA-2024:6221
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:6221

reference_url	https://access.redhat.com/errata/RHSA-2024:6409
reference_id	RHSA-2024:6409
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:6409

reference_url	https://access.redhat.com/errata/RHSA-2024:7184
reference_id	RHSA-2024:7184
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:7184

reference_url	https://access.redhat.com/errata/RHSA-2024:7548
reference_id	RHSA-2024:7548
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:7548

reference_url	https://access.redhat.com/errata/RHSA-2024:8040
reference_id	RHSA-2024:8040
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:8040

reference_url	https://access.redhat.com/errata/RHSA-2024:8434
reference_id	RHSA-2024:8434
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:8434

reference_url	https://access.redhat.com/errata/RHSA-2024:8676
reference_id	RHSA-2024:8676
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:8676

reference_url	https://access.redhat.com/errata/RHSA-2024:8677
reference_id	RHSA-2024:8677
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:8677

reference_url	https://access.redhat.com/errata/RHSA-2024:8704
reference_id	RHSA-2024:8704
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:8704

reference_url	https://access.redhat.com/errata/RHSA-2024:9615
reference_id	RHSA-2024:9615
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:9615

reference_url	https://access.redhat.com/errata/RHSA-2025:0654
reference_id	RHSA-2025:0654
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:0654

reference_url	https://access.redhat.com/errata/RHSA-2025:0664
reference_id	RHSA-2025:0664
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:0664

reference_url	https://access.redhat.com/errata/RHSA-2025:4204
reference_id	RHSA-2025:4204
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:4204

reference_url	https://access.redhat.com/errata/RHSA-2025:9776
reference_id	RHSA-2025:9776
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:9776

reference_url	https://usn.ubuntu.com/6746-1/
reference_id	USN-6746-1
reference_type
scores
url	https://usn.ubuntu.com/6746-1/

reference_url	https://usn.ubuntu.com/6746-2/
reference_id	USN-6746-2
reference_type
scores
url	https://usn.ubuntu.com/6746-2/

fixed_packages

aliases

CVE-2024-24786, GHSA-8r3f-844c-mc37

risk_score

3.4

exploitability

0.5

weighted_severity

6.8

resource_url

http://public2.vulnerablecode.io/vulnerabilities/VCID-f8ak-21d8-juff

url

VCID-h93z-zvkv-cyed

vulnerability_id

VCID-h93z-zvkv-cyed

summary

Multiple vulnerabilities have been discovered in Go, the worst of which could lead to information leakage or a denial of service.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-24785.json

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-24785.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-24785

reference_id

reference_type

scores

value	0.01065
scoring_system	epss
scoring_elements	0.77712
published_at	2026-04-21T12:55:00Z

value	0.01065
scoring_system	epss
scoring_elements	0.77719
published_at	2026-04-18T12:55:00Z

value	0.01251
scoring_system	epss
scoring_elements	0.79295
published_at	2026-04-02T12:55:00Z

value	0.01251
scoring_system	epss
scoring_elements	0.79365
published_at	2026-04-16T12:55:00Z

value	0.01251
scoring_system	epss
scoring_elements	0.79337
published_at	2026-04-13T12:55:00Z

value	0.01251
scoring_system	epss
scoring_elements	0.79349
published_at	2026-04-12T12:55:00Z

value	0.01251
scoring_system	epss
scoring_elements	0.79364
published_at	2026-04-11T12:55:00Z

value	0.01251
scoring_system	epss
scoring_elements	0.7934
published_at	2026-04-09T12:55:00Z

value	0.01251
scoring_system	epss
scoring_elements	0.79331
published_at	2026-04-08T12:55:00Z

value	0.01251
scoring_system	epss
scoring_elements	0.79305
published_at	2026-04-07T12:55:00Z

value	0.01251
scoring_system	epss
scoring_elements	0.79319
published_at	2026-04-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-24785

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24785
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24785

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2268022
reference_id	2268022
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2268022

reference_url

https://go.dev/cl/564196

reference_id

564196

reference_type

scores

value	5.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-06T18:49:44Z/

url

https://go.dev/cl/564196

reference_url

https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg

reference_id

5pwGVUPoMbg

reference_type

scores

value	5.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-06T18:49:44Z/

url

https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg

reference_url

https://go.dev/issue/65697

reference_id

65697

reference_type

scores

value	5.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-06T18:49:44Z/

url

https://go.dev/issue/65697

reference_url	https://security.gentoo.org/glsa/202408-07
reference_id	GLSA-202408-07
reference_type
scores
url	https://security.gentoo.org/glsa/202408-07

reference_url

https://pkg.go.dev/vuln/GO-2024-2610

reference_id

GO-2024-2610

reference_type

scores

value	5.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-06T18:49:44Z/

url

https://pkg.go.dev/vuln/GO-2024-2610

reference_url

https://security.netapp.com/advisory/ntap-20240329-0008/

reference_id

ntap-20240329-0008

reference_type

scores

value	5.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-06T18:49:44Z/

url

https://security.netapp.com/advisory/ntap-20240329-0008/

reference_url	https://access.redhat.com/errata/RHSA-2024:1616
reference_id	RHSA-2024:1616
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1616

reference_url	https://access.redhat.com/errata/RHSA-2024:2096
reference_id	RHSA-2024:2096
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:2096

reference_url	https://access.redhat.com/errata/RHSA-2024:2901
reference_id	RHSA-2024:2901
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:2901

reference_url	https://access.redhat.com/errata/RHSA-2024:3259
reference_id	RHSA-2024:3259
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:3259

reference_url	https://access.redhat.com/errata/RHSA-2024:3617
reference_id	RHSA-2024:3617
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:3617

reference_url	https://access.redhat.com/errata/RHSA-2024:3621
reference_id	RHSA-2024:3621
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:3621

reference_url	https://access.redhat.com/errata/RHSA-2024:3637
reference_id	RHSA-2024:3637
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:3637

reference_url	https://access.redhat.com/errata/RHSA-2024:3790
reference_id	RHSA-2024:3790
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:3790

reference_url	https://access.redhat.com/errata/RHSA-2024:3868
reference_id	RHSA-2024:3868
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:3868

reference_url	https://access.redhat.com/errata/RHSA-2024:4023
reference_id	RHSA-2024:4023
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:4023

reference_url	https://access.redhat.com/errata/RHSA-2024:4520
reference_id	RHSA-2024:4520
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:4520

reference_url	https://access.redhat.com/errata/RHSA-2024:4893
reference_id	RHSA-2024:4893
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:4893

reference_url	https://access.redhat.com/errata/RHSA-2024:5013
reference_id	RHSA-2024:5013
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:5013

reference_url	https://access.redhat.com/errata/RHSA-2024:6221
reference_id	RHSA-2024:6221
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:6221

reference_url	https://access.redhat.com/errata/RHSA-2024:9135
reference_id	RHSA-2024:9135
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:9135

reference_url	https://access.redhat.com/errata/RHSA-2024:9485
reference_id	RHSA-2024:9485
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:9485

reference_url	https://access.redhat.com/errata/RHSA-2025:9776
reference_id	RHSA-2025:9776
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:9776

reference_url	https://access.redhat.com/errata/RHSA-2026:3428
reference_id	RHSA-2026:3428
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:3428

reference_url	https://usn.ubuntu.com/6886-1/
reference_id	USN-6886-1
reference_type
scores
url	https://usn.ubuntu.com/6886-1/

reference_url	https://usn.ubuntu.com/7061-1/
reference_id	USN-7061-1
reference_type
scores
url	https://usn.ubuntu.com/7061-1/

reference_url	https://usn.ubuntu.com/7109-1/
reference_id	USN-7109-1
reference_type
scores
url	https://usn.ubuntu.com/7109-1/

fixed_packages

aliases

CVE-2024-24785

risk_score

3.0

exploitability

0.5

weighted_severity

5.9

resource_url

http://public2.vulnerablecode.io/vulnerabilities/VCID-h93z-zvkv-cyed

url

VCID-wq29-hzz2-5beh

vulnerability_id

VCID-wq29-hzz2-5beh

summary

Multiple vulnerabilities have been discovered in Go, the worst of which could lead to information leakage or a denial of service.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-45290.json

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-45290.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-45290

reference_id

reference_type

scores

value	0.00491
scoring_system	epss
scoring_elements	0.65559
published_at	2026-04-02T12:55:00Z

value	0.00491
scoring_system	epss
scoring_elements	0.65626
published_at	2026-04-21T12:55:00Z

value	0.00491
scoring_system	epss
scoring_elements	0.65588
published_at	2026-04-04T12:55:00Z

value	0.00491
scoring_system	epss
scoring_elements	0.65555
published_at	2026-04-07T12:55:00Z

value	0.00491
scoring_system	epss
scoring_elements	0.65607
published_at	2026-04-08T12:55:00Z

value	0.00491
scoring_system	epss
scoring_elements	0.6562
published_at	2026-04-09T12:55:00Z

value	0.00491
scoring_system	epss
scoring_elements	0.65639
published_at	2026-04-11T12:55:00Z

value	0.00491
scoring_system	epss
scoring_elements	0.65624
published_at	2026-04-12T12:55:00Z

value	0.00491
scoring_system	epss
scoring_elements	0.65595
published_at	2026-04-13T12:55:00Z

value	0.00491
scoring_system	epss
scoring_elements	0.6563
published_at	2026-04-16T12:55:00Z

value	0.00491
scoring_system	epss
scoring_elements	0.65643
published_at	2026-04-18T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-45290

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45290

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2268017
reference_id	2268017
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2268017

reference_url

https://go.dev/cl/569341

reference_id

569341

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-06T15:04:15Z/

url

https://go.dev/cl/569341

reference_url

https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg

reference_id

5pwGVUPoMbg

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-06T15:04:15Z/

url

https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg

reference_url

https://go.dev/issue/65383

reference_id

65383

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-06T15:04:15Z/

url

https://go.dev/issue/65383

reference_url	https://security.gentoo.org/glsa/202408-07
reference_id	GLSA-202408-07
reference_type
scores
url	https://security.gentoo.org/glsa/202408-07

reference_url

https://pkg.go.dev/vuln/GO-2024-2599

reference_id

GO-2024-2599

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-06T15:04:15Z/

url

https://pkg.go.dev/vuln/GO-2024-2599

reference_url

https://security.netapp.com/advisory/ntap-20240329-0004/

reference_id

ntap-20240329-0004

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-06T15:04:15Z/

url

https://security.netapp.com/advisory/ntap-20240329-0004/

reference_url	https://access.redhat.com/errata/RHSA-2024:1616
reference_id	RHSA-2024:1616
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1616

reference_url	https://access.redhat.com/errata/RHSA-2024:2096
reference_id	RHSA-2024:2096
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:2096

reference_url	https://access.redhat.com/errata/RHSA-2024:2724
reference_id	RHSA-2024:2724
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:2724

reference_url	https://access.redhat.com/errata/RHSA-2024:2901
reference_id	RHSA-2024:2901
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:2901

reference_url	https://access.redhat.com/errata/RHSA-2024:2941
reference_id	RHSA-2024:2941
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:2941

reference_url	https://access.redhat.com/errata/RHSA-2024:3259
reference_id	RHSA-2024:3259
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:3259

reference_url	https://access.redhat.com/errata/RHSA-2024:3346
reference_id	RHSA-2024:3346
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:3346

reference_url	https://access.redhat.com/errata/RHSA-2024:3617
reference_id	RHSA-2024:3617
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:3617

reference_url	https://access.redhat.com/errata/RHSA-2024:3621
reference_id	RHSA-2024:3621
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:3621

reference_url	https://access.redhat.com/errata/RHSA-2024:3637
reference_id	RHSA-2024:3637
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:3637

reference_url	https://access.redhat.com/errata/RHSA-2024:3781
reference_id	RHSA-2024:3781
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:3781

reference_url	https://access.redhat.com/errata/RHSA-2024:3790
reference_id	RHSA-2024:3790
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:3790

reference_url	https://access.redhat.com/errata/RHSA-2024:3826
reference_id	RHSA-2024:3826
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:3826

reference_url	https://access.redhat.com/errata/RHSA-2024:3827
reference_id	RHSA-2024:3827
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:3827

reference_url	https://access.redhat.com/errata/RHSA-2024:3830
reference_id	RHSA-2024:3830
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:3830

reference_url	https://access.redhat.com/errata/RHSA-2024:3831
reference_id	RHSA-2024:3831
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:3831

reference_url	https://access.redhat.com/errata/RHSA-2024:3868
reference_id	RHSA-2024:3868
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:3868

reference_url	https://access.redhat.com/errata/RHSA-2024:4023
reference_id	RHSA-2024:4023
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:4023

reference_url	https://access.redhat.com/errata/RHSA-2024:4520
reference_id	RHSA-2024:4520
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:4520

reference_url	https://access.redhat.com/errata/RHSA-2024:4893
reference_id	RHSA-2024:4893
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:4893

reference_url	https://access.redhat.com/errata/RHSA-2024:5013
reference_id	RHSA-2024:5013
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:5013

reference_url	https://access.redhat.com/errata/RHSA-2024:5075
reference_id	RHSA-2024:5075
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:5075

reference_url	https://access.redhat.com/errata/RHSA-2024:5077
reference_id	RHSA-2024:5077
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:5077

reference_url	https://access.redhat.com/errata/RHSA-2024:5202
reference_id	RHSA-2024:5202
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:5202

reference_url	https://access.redhat.com/errata/RHSA-2024:5433
reference_id	RHSA-2024:5433
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:5433

reference_url	https://access.redhat.com/errata/RHSA-2024:5436
reference_id	RHSA-2024:5436
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:5436

reference_url	https://access.redhat.com/errata/RHSA-2024:5439
reference_id	RHSA-2024:5439
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:5439

reference_url	https://access.redhat.com/errata/RHSA-2024:5442
reference_id	RHSA-2024:5442
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:5442

reference_url	https://access.redhat.com/errata/RHSA-2024:5444
reference_id	RHSA-2024:5444
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:5444

reference_url	https://access.redhat.com/errata/RHSA-2024:5446
reference_id	RHSA-2024:5446
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:5446

reference_url	https://access.redhat.com/errata/RHSA-2024:5808
reference_id	RHSA-2024:5808
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:5808

reference_url	https://access.redhat.com/errata/RHSA-2024:5810
reference_id	RHSA-2024:5810
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:5810

reference_url	https://access.redhat.com/errata/RHSA-2024:6221
reference_id	RHSA-2024:6221
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:6221

reference_url	https://access.redhat.com/errata/RHSA-2024:6969
reference_id	RHSA-2024:6969
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:6969

reference_url	https://access.redhat.com/errata/RHSA-2024:7548
reference_id	RHSA-2024:7548
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:7548

reference_url	https://access.redhat.com/errata/RHSA-2024:8038
reference_id	RHSA-2024:8038
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:8038

reference_url	https://access.redhat.com/errata/RHSA-2024:9135
reference_id	RHSA-2024:9135
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:9135

reference_url	https://access.redhat.com/errata/RHSA-2024:9485
reference_id	RHSA-2024:9485
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:9485

reference_url	https://access.redhat.com/errata/RHSA-2025:11889
reference_id	RHSA-2025:11889
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:11889

reference_url	https://access.redhat.com/errata/RHSA-2025:9776
reference_id	RHSA-2025:9776
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:9776

reference_url	https://usn.ubuntu.com/6886-1/
reference_id	USN-6886-1
reference_type
scores
url	https://usn.ubuntu.com/6886-1/

reference_url	https://usn.ubuntu.com/7109-1/
reference_id	USN-7109-1
reference_type
scores
url	https://usn.ubuntu.com/7109-1/

reference_url	https://usn.ubuntu.com/7111-1/
reference_id	USN-7111-1
reference_type
scores
url	https://usn.ubuntu.com/7111-1/

fixed_packages

aliases

CVE-2023-45290

risk_score

3.0

exploitability

0.5

weighted_severity

5.9

resource_url

http://public2.vulnerablecode.io/vulnerabilities/VCID-wq29-hzz2-5beh

Fixing_vulnerabilities

Risk_score 4.0

Resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/podman@4:4.9.4-5.1.rhaos4.16%3Farch=el8

Package Instance