Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:rpm/redhat/buildah@1:1.27.0-2?arch=el9
Typerpm
Namespaceredhat
Namebuildah
Version1:1.27.0-2
Qualifiers
arch el9
Subpath
Is_vulnerabletrue
Next_non_vulnerable_versionnull
Latest_non_vulnerable_versionnull
Affected_by_vulnerabilities
0
url VCID-1n1h-e2p4-9yhs
vulnerability_id VCID-1n1h-e2p4-9yhs
summary 
golang.org/x/crypto/ssh Denial of service via crafted Signer
The golang.org/x/crypto/ssh package before 0.0.0-20220314234659-1baeb1ce4c0b for Go allows an attacker to crash a server in certain circumstances involving AddHostKey.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-27191.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-27191.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-27191
reference_id
reference_type
scores
0
value 0.00089
scoring_system epss
scoring_elements 0.25199
published_at 2026-04-26T12:55:00Z
1
value 0.00089
scoring_system epss
scoring_elements 0.25479
published_at 2026-04-04T12:55:00Z
2
value 0.00089
scoring_system epss
scoring_elements 0.25318
published_at 2026-04-08T12:55:00Z
3
value 0.00089
scoring_system epss
scoring_elements 0.2525
published_at 2026-04-07T12:55:00Z
4
value 0.00089
scoring_system epss
scoring_elements 0.25443
published_at 2026-04-02T12:55:00Z
5
value 0.00089
scoring_system epss
scoring_elements 0.25209
published_at 2026-04-24T12:55:00Z
6
value 0.00089
scoring_system epss
scoring_elements 0.25246
published_at 2026-04-21T12:55:00Z
7
value 0.00089
scoring_system epss
scoring_elements 0.25276
published_at 2026-04-18T12:55:00Z
8
value 0.00089
scoring_system epss
scoring_elements 0.25286
published_at 2026-04-16T12:55:00Z
9
value 0.00089
scoring_system epss
scoring_elements 0.2528
published_at 2026-04-13T12:55:00Z
10
value 0.00089
scoring_system epss
scoring_elements 0.25333
published_at 2026-04-12T12:55:00Z
11
value 0.00089
scoring_system epss
scoring_elements 0.25374
published_at 2026-04-11T12:55:00Z
12
value 0.00089
scoring_system epss
scoring_elements 0.25363
published_at 2026-04-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-27191
2
reference_url https://cs.opensource.google/go/x/crypto
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://cs.opensource.google/go/x/crypto
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27191
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27191
4
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
5
reference_url https://go.dev/cl/392355
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://go.dev/cl/392355
6
reference_url https://go.googlesource.com/crypto/+/1baeb1ce4c0b006eff0f294c47cb7617598dfb3d
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://go.googlesource.com/crypto/+/1baeb1ce4c0b006eff0f294c47cb7617598dfb3d
7
reference_url https://groups.google.com/g/golang-announce
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://groups.google.com/g/golang-announce
8
reference_url https://groups.google.com/g/golang-announce/c/-cp44ypCT5s
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://groups.google.com/g/golang-announce/c/-cp44ypCT5s
9
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DLUJZV3HBP56ADXU6QH2V7RNYUPMVBXQ
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DLUJZV3HBP56ADXU6QH2V7RNYUPMVBXQ
10
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EZ3S7LB65N54HXXBCB67P4TTOHTNPP5O
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EZ3S7LB65N54HXXBCB67P4TTOHTNPP5O
11
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HHGBEGJ54DZZGTXFUQNS7ZIG3E624YAF
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HHGBEGJ54DZZGTXFUQNS7ZIG3E624YAF
12
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/J5WPM42UR6XIBQNQPNQHM32X7S4LJTRX
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/J5WPM42UR6XIBQNQPNQHM32X7S4LJTRX
13
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QTFOIDHQRGNI4P6LYN6ILH5G443RYYKB
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QTFOIDHQRGNI4P6LYN6ILH5G443RYYKB
14
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RQXU752ALW53OJAF5MG3WMR5CCZVLWW6
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RQXU752ALW53OJAF5MG3WMR5CCZVLWW6
15
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YHYRQB7TRMHDB3NEHW5XBRG7PPMUTPGV
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YHYRQB7TRMHDB3NEHW5XBRG7PPMUTPGV
16
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z55VUVGO7E5PJFXIOVAY373NZRHBNCI5
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z55VUVGO7E5PJFXIOVAY373NZRHBNCI5
17
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZFUNHFHQVJSADNH7EZ3B53CYDZVEEPBP
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZFUNHFHQVJSADNH7EZ3B53CYDZVEEPBP
18
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZQNPPQWSTP2IX7SHE6TS4SP4EVMI5EZK
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZQNPPQWSTP2IX7SHE6TS4SP4EVMI5EZK
19
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR
20
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-27191
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-27191
21
reference_url https://pkg.go.dev/vuln/GO-2021-0356
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://pkg.go.dev/vuln/GO-2021-0356
22
reference_url https://raw.githubusercontent.com/golang/vulndb/df2d3d326300e2ae768f00351ffa96cc2c56cf54/reports/GO-2021-0356.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://raw.githubusercontent.com/golang/vulndb/df2d3d326300e2ae768f00351ffa96cc2c56cf54/reports/GO-2021-0356.yaml
23
reference_url https://security.netapp.com/advisory/ntap-20220429-0002
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20220429-0002
24
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2064702
reference_id 2064702
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2064702
25
reference_url https://access.redhat.com/errata/RHSA-2022:5068
reference_id RHSA-2022:5068
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:5068
26
reference_url https://access.redhat.com/errata/RHSA-2022:5069
reference_id RHSA-2022:5069
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:5069
27
reference_url https://access.redhat.com/errata/RHSA-2022:6527
reference_id RHSA-2022:6527
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6527
28
reference_url https://access.redhat.com/errata/RHSA-2022:7401
reference_id RHSA-2022:7401
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:7401
29
reference_url https://access.redhat.com/errata/RHSA-2022:7457
reference_id RHSA-2022:7457
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:7457
30
reference_url https://access.redhat.com/errata/RHSA-2022:7469
reference_id RHSA-2022:7469
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:7469
31
reference_url https://access.redhat.com/errata/RHSA-2022:7954
reference_id RHSA-2022:7954
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:7954
32
reference_url https://access.redhat.com/errata/RHSA-2022:8634
reference_id RHSA-2022:8634
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:8634
33
reference_url https://access.redhat.com/errata/RHSA-2022:8893
reference_id RHSA-2022:8893
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:8893
34
reference_url https://access.redhat.com/errata/RHSA-2022:8932
reference_id RHSA-2022:8932
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:8932
35
reference_url https://access.redhat.com/errata/RHSA-2022:8938
reference_id RHSA-2022:8938
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:8938
36
reference_url https://access.redhat.com/errata/RHSA-2022:9096
reference_id RHSA-2022:9096
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:9096
37
reference_url https://access.redhat.com/errata/RHSA-2022:9107
reference_id RHSA-2022:9107
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:9107
38
reference_url https://access.redhat.com/errata/RHSA-2023:1325
reference_id RHSA-2023:1325
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:1325
39
reference_url https://access.redhat.com/errata/RHSA-2023:1326
reference_id RHSA-2023:1326
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:1326
40
reference_url https://access.redhat.com/errata/RHSA-2023:3366
reference_id RHSA-2023:3366
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:3366
41
reference_url https://access.redhat.com/errata/RHSA-2023:3943
reference_id RHSA-2023:3943
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:3943
42
reference_url https://access.redhat.com/errata/RHSA-2023:4488
reference_id RHSA-2023:4488
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:4488
fixed_packages
aliases CVE-2022-27191, GHSA-8c26-wmh5-6g9v
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1n1h-e2p4-9yhs
1
url VCID-35du-rm88-k7bw
vulnerability_id VCID-35du-rm88-k7bw
summary Multiple vulnerabilities have been found in Go, the worst of which could result in remote code execution.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-33195.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-33195.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-33195
reference_id
reference_type
scores
0
value 0.00032
scoring_system epss
scoring_elements 0.09083
published_at 2026-04-01T12:55:00Z
1
value 0.00032
scoring_system epss
scoring_elements 0.09147
published_at 2026-04-26T12:55:00Z
2
value 0.00032
scoring_system epss
scoring_elements 0.09159
published_at 2026-04-21T12:55:00Z
3
value 0.00032
scoring_system epss
scoring_elements 0.09202
published_at 2026-04-24T12:55:00Z
4
value 0.00032
scoring_system epss
scoring_elements 0.09088
published_at 2026-04-02T12:55:00Z
5
value 0.00032
scoring_system epss
scoring_elements 0.09141
published_at 2026-04-08T12:55:00Z
6
value 0.00032
scoring_system epss
scoring_elements 0.09062
published_at 2026-04-07T12:55:00Z
7
value 0.00032
scoring_system epss
scoring_elements 0.09173
published_at 2026-04-09T12:55:00Z
8
value 0.00032
scoring_system epss
scoring_elements 0.09172
published_at 2026-04-11T12:55:00Z
9
value 0.00032
scoring_system epss
scoring_elements 0.09139
published_at 2026-04-12T12:55:00Z
10
value 0.00032
scoring_system epss
scoring_elements 0.09126
published_at 2026-04-13T12:55:00Z
11
value 0.00032
scoring_system epss
scoring_elements 0.0902
published_at 2026-04-16T12:55:00Z
12
value 0.00032
scoring_system epss
scoring_elements 0.09
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-33195
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33195
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33195
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:N/I:H/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1989564
reference_id 1989564
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1989564
5
reference_url https://security.archlinux.org/ASA-202106-42
reference_id ASA-202106-42
reference_type
scores
url https://security.archlinux.org/ASA-202106-42
6
reference_url https://security.archlinux.org/AVG-2006
reference_id AVG-2006
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2006
7
reference_url https://security.gentoo.org/glsa/202208-02
reference_id GLSA-202208-02
reference_type
scores
url https://security.gentoo.org/glsa/202208-02
8
reference_url https://access.redhat.com/errata/RHSA-2021:2983
reference_id RHSA-2021:2983
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:2983
9
reference_url https://access.redhat.com/errata/RHSA-2021:2984
reference_id RHSA-2021:2984
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:2984
10
reference_url https://access.redhat.com/errata/RHSA-2021:3009
reference_id RHSA-2021:3009
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3009
11
reference_url https://access.redhat.com/errata/RHSA-2021:3146
reference_id RHSA-2021:3146
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3146
12
reference_url https://access.redhat.com/errata/RHSA-2021:3229
reference_id RHSA-2021:3229
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3229
13
reference_url https://access.redhat.com/errata/RHSA-2021:3248
reference_id RHSA-2021:3248
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3248
14
reference_url https://access.redhat.com/errata/RHSA-2021:3361
reference_id RHSA-2021:3361
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3361
15
reference_url https://access.redhat.com/errata/RHSA-2021:3431
reference_id RHSA-2021:3431
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3431
16
reference_url https://access.redhat.com/errata/RHSA-2021:3487
reference_id RHSA-2021:3487
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3487
17
reference_url https://access.redhat.com/errata/RHSA-2021:3555
reference_id RHSA-2021:3555
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3555
18
reference_url https://access.redhat.com/errata/RHSA-2021:3556
reference_id RHSA-2021:3556
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3556
19
reference_url https://access.redhat.com/errata/RHSA-2021:3598
reference_id RHSA-2021:3598
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3598
20
reference_url https://access.redhat.com/errata/RHSA-2021:3759
reference_id RHSA-2021:3759
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3759
21
reference_url https://access.redhat.com/errata/RHSA-2021:3820
reference_id RHSA-2021:3820
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3820
22
reference_url https://access.redhat.com/errata/RHSA-2021:4104
reference_id RHSA-2021:4104
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:4104
23
reference_url https://access.redhat.com/errata/RHSA-2021:4156
reference_id RHSA-2021:4156
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:4156
24
reference_url https://access.redhat.com/errata/RHSA-2021:4226
reference_id RHSA-2021:4226
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:4226
25
reference_url https://access.redhat.com/errata/RHSA-2021:5072
reference_id RHSA-2021:5072
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:5072
26
reference_url https://access.redhat.com/errata/RHSA-2021:5085
reference_id RHSA-2021:5085
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:5085
27
reference_url https://access.redhat.com/errata/RHSA-2021:5086
reference_id RHSA-2021:5086
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:5086
28
reference_url https://access.redhat.com/errata/RHSA-2022:0191
reference_id RHSA-2022:0191
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0191
29
reference_url https://access.redhat.com/errata/RHSA-2022:0577
reference_id RHSA-2022:0577
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0577
30
reference_url https://access.redhat.com/errata/RHSA-2022:1329
reference_id RHSA-2022:1329
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:1329
31
reference_url https://access.redhat.com/errata/RHSA-2022:1402
reference_id RHSA-2022:1402
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:1402
fixed_packages
aliases CVE-2021-33195
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-35du-rm88-k7bw
2
url VCID-5wtx-278c-nycq
vulnerability_id VCID-5wtx-278c-nycq
summary Multiple vulnerabilities have been found in Go, the worst of which could result in remote code execution.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-33198.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-33198.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-33198
reference_id
reference_type
scores
0
value 0.00031
scoring_system epss
scoring_elements 0.08775
published_at 2026-04-01T12:55:00Z
1
value 0.00031
scoring_system epss
scoring_elements 0.08824
published_at 2026-04-26T12:55:00Z
2
value 0.00031
scoring_system epss
scoring_elements 0.08702
published_at 2026-04-18T12:55:00Z
3
value 0.00031
scoring_system epss
scoring_elements 0.08872
published_at 2026-04-24T12:55:00Z
4
value 0.00031
scoring_system epss
scoring_elements 0.08801
published_at 2026-04-02T12:55:00Z
5
value 0.00031
scoring_system epss
scoring_elements 0.0885
published_at 2026-04-04T12:55:00Z
6
value 0.00031
scoring_system epss
scoring_elements 0.08782
published_at 2026-04-07T12:55:00Z
7
value 0.00031
scoring_system epss
scoring_elements 0.0886
published_at 2026-04-08T12:55:00Z
8
value 0.00031
scoring_system epss
scoring_elements 0.08886
published_at 2026-04-09T12:55:00Z
9
value 0.00031
scoring_system epss
scoring_elements 0.08885
published_at 2026-04-11T12:55:00Z
10
value 0.00031
scoring_system epss
scoring_elements 0.08853
published_at 2026-04-21T12:55:00Z
11
value 0.00031
scoring_system epss
scoring_elements 0.08839
published_at 2026-04-13T12:55:00Z
12
value 0.00031
scoring_system epss
scoring_elements 0.08727
published_at 2026-04-16T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-33198
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33198
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33198
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1989575
reference_id 1989575
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1989575
5
reference_url https://security.archlinux.org/ASA-202106-42
reference_id ASA-202106-42
reference_type
scores
url https://security.archlinux.org/ASA-202106-42
6
reference_url https://security.archlinux.org/AVG-2006
reference_id AVG-2006
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2006
7
reference_url https://security.gentoo.org/glsa/202208-02
reference_id GLSA-202208-02
reference_type
scores
url https://security.gentoo.org/glsa/202208-02
8
reference_url https://access.redhat.com/errata/RHSA-2021:2983
reference_id RHSA-2021:2983
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:2983
9
reference_url https://access.redhat.com/errata/RHSA-2021:2984
reference_id RHSA-2021:2984
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:2984
10
reference_url https://access.redhat.com/errata/RHSA-2021:3009
reference_id RHSA-2021:3009
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3009
11
reference_url https://access.redhat.com/errata/RHSA-2021:3146
reference_id RHSA-2021:3146
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3146
12
reference_url https://access.redhat.com/errata/RHSA-2021:3229
reference_id RHSA-2021:3229
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3229
13
reference_url https://access.redhat.com/errata/RHSA-2021:3248
reference_id RHSA-2021:3248
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3248
14
reference_url https://access.redhat.com/errata/RHSA-2021:3361
reference_id RHSA-2021:3361
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3361
15
reference_url https://access.redhat.com/errata/RHSA-2021:3487
reference_id RHSA-2021:3487
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3487
16
reference_url https://access.redhat.com/errata/RHSA-2021:3555
reference_id RHSA-2021:3555
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3555
17
reference_url https://access.redhat.com/errata/RHSA-2021:3556
reference_id RHSA-2021:3556
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3556
18
reference_url https://access.redhat.com/errata/RHSA-2021:3598
reference_id RHSA-2021:3598
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3598
19
reference_url https://access.redhat.com/errata/RHSA-2021:3759
reference_id RHSA-2021:3759
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3759
20
reference_url https://access.redhat.com/errata/RHSA-2021:3820
reference_id RHSA-2021:3820
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3820
21
reference_url https://access.redhat.com/errata/RHSA-2021:4104
reference_id RHSA-2021:4104
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:4104
22
reference_url https://access.redhat.com/errata/RHSA-2021:4156
reference_id RHSA-2021:4156
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:4156
23
reference_url https://access.redhat.com/errata/RHSA-2021:5072
reference_id RHSA-2021:5072
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:5072
24
reference_url https://access.redhat.com/errata/RHSA-2021:5085
reference_id RHSA-2021:5085
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:5085
25
reference_url https://access.redhat.com/errata/RHSA-2021:5086
reference_id RHSA-2021:5086
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:5086
26
reference_url https://access.redhat.com/errata/RHSA-2022:0191
reference_id RHSA-2022:0191
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0191
27
reference_url https://access.redhat.com/errata/RHSA-2022:0577
reference_id RHSA-2022:0577
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0577
28
reference_url https://access.redhat.com/errata/RHSA-2022:1329
reference_id RHSA-2022:1329
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:1329
29
reference_url https://access.redhat.com/errata/RHSA-2022:1402
reference_id RHSA-2022:1402
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:1402
30
reference_url https://access.redhat.com/errata/RHSA-2022:7955
reference_id RHSA-2022:7955
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:7955
31
reference_url https://access.redhat.com/errata/RHSA-2024:10289
reference_id RHSA-2024:10289
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:10289
32
reference_url https://access.redhat.com/errata/RHSA-2024:2586
reference_id RHSA-2024:2586
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:2586
33
reference_url https://access.redhat.com/errata/RHSA-2024:2988
reference_id RHSA-2024:2988
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:2988
fixed_packages
aliases CVE-2021-33198
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5wtx-278c-nycq
3
url VCID-fa27-n4rs-h7gp
vulnerability_id VCID-fa27-n4rs-h7gp
summary 
Buildah's incorrect handling of the supplementary groups may lead to data disclosure, modification
An incorrect handling of the supplementary groups in the Buildah container engine might lead to the sensitive information disclosure or possible data modification if an attacker has direct access to the affected container where supplementary groups are used to set access permissions and is able to execute a binary code in that container.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-2990.json
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-2990.json
1
reference_url https://access.redhat.com/security/cve/CVE-2022-2990
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/security/cve/CVE-2022-2990
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-2990
reference_id
reference_type
scores
0
value 0.0009
scoring_system epss
scoring_elements 0.25422
published_at 2026-04-21T12:55:00Z
1
value 0.0009
scoring_system epss
scoring_elements 0.25454
published_at 2026-04-18T12:55:00Z
2
value 0.0009
scoring_system epss
scoring_elements 0.25464
published_at 2026-04-16T12:55:00Z
3
value 0.0009
scoring_system epss
scoring_elements 0.25459
published_at 2026-04-13T12:55:00Z
4
value 0.0009
scoring_system epss
scoring_elements 0.25517
published_at 2026-04-12T12:55:00Z
5
value 0.0009
scoring_system epss
scoring_elements 0.25558
published_at 2026-04-11T12:55:00Z
6
value 0.0009
scoring_system epss
scoring_elements 0.25664
published_at 2026-04-04T12:55:00Z
7
value 0.0009
scoring_system epss
scoring_elements 0.25379
published_at 2026-04-26T12:55:00Z
8
value 0.0009
scoring_system epss
scoring_elements 0.25386
published_at 2026-04-24T12:55:00Z
9
value 0.0009
scoring_system epss
scoring_elements 0.25547
published_at 2026-04-09T12:55:00Z
10
value 0.0009
scoring_system epss
scoring_elements 0.255
published_at 2026-04-08T12:55:00Z
11
value 0.0009
scoring_system epss
scoring_elements 0.25627
published_at 2026-04-02T12:55:00Z
12
value 0.0009
scoring_system epss
scoring_elements 0.25431
published_at 2026-04-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-2990
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2121453
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=2121453
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2990
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2990
5
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
6
reference_url https://github.com/containers/buildah
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/containers/buildah
7
reference_url https://github.com/containers/buildah/commit/4a8bf740e862f2438279c6feee2ea59ddf0cda0b
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/containers/buildah/commit/4a8bf740e862f2438279c6feee2ea59ddf0cda0b
8
reference_url https://github.com/containers/buildah/pull/4200
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/containers/buildah/pull/4200
9
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-2990
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-2990
10
reference_url https://pkg.go.dev/vuln/GO-2022-1008
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://pkg.go.dev/vuln/GO-2022-1008
11
reference_url https://www.benthamsgaze.org/2022/08/22/vulnerability-in-linux-containers-investigation-and-mitigation
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.benthamsgaze.org/2022/08/22/vulnerability-in-linux-containers-investigation-and-mitigation
12
reference_url https://access.redhat.com/errata/RHSA-2022:7457
reference_id RHSA-2022:7457
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:7457
13
reference_url https://access.redhat.com/errata/RHSA-2023:1325
reference_id RHSA-2023:1325
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:1325
fixed_packages
aliases CVE-2022-2990, GHSA-fjm8-m7m6-2fjp
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-fa27-n4rs-h7gp
4
url VCID-pqs8-s3dm-7ff2
vulnerability_id VCID-pqs8-s3dm-7ff2
summary 
Improper Locking in github.com/containers/storage
A deadlock vulnerability was found in `github.com/containers/storage` in versions before 1.28.1. When a container image is processed, each layer is unpacked using `tar`. If one of those layers is not a valid `tar` archive this causes an error leading to an unexpected situation where the code indefinitely waits for the tar unpacked stream, which never finishes. An attacker could use this vulnerability to craft a malicious image, which when downloaded and stored by an application using containers/storage, would then cause a deadlock leading to a Denial of Service (DoS).
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-20291.json
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-20291.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-20291
reference_id
reference_type
scores
0
value 0.01026
scoring_system epss
scoring_elements 0.77355
published_at 2026-04-26T12:55:00Z
1
value 0.01026
scoring_system epss
scoring_elements 0.77283
published_at 2026-04-13T12:55:00Z
2
value 0.01026
scoring_system epss
scoring_elements 0.77349
published_at 2026-04-24T12:55:00Z
3
value 0.01026
scoring_system epss
scoring_elements 0.77315
published_at 2026-04-21T12:55:00Z
4
value 0.01026
scoring_system epss
scoring_elements 0.77323
published_at 2026-04-18T12:55:00Z
5
value 0.01026
scoring_system epss
scoring_elements 0.77324
published_at 2026-04-16T12:55:00Z
6
value 0.01026
scoring_system epss
scoring_elements 0.77221
published_at 2026-04-01T12:55:00Z
7
value 0.01026
scoring_system epss
scoring_elements 0.77228
published_at 2026-04-02T12:55:00Z
8
value 0.01026
scoring_system epss
scoring_elements 0.77257
published_at 2026-04-04T12:55:00Z
9
value 0.01026
scoring_system epss
scoring_elements 0.77239
published_at 2026-04-07T12:55:00Z
10
value 0.01026
scoring_system epss
scoring_elements 0.7727
published_at 2026-04-08T12:55:00Z
11
value 0.01026
scoring_system epss
scoring_elements 0.77279
published_at 2026-04-09T12:55:00Z
12
value 0.01026
scoring_system epss
scoring_elements 0.77306
published_at 2026-04-11T12:55:00Z
13
value 0.01026
scoring_system epss
scoring_elements 0.77286
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-20291
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1939485
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=1939485
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20291
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20291
4
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
5
reference_url https://github.com/containers/storage
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/containers/storage
6
reference_url https://github.com/containers/storage/commit/306fcabc964470e4b3b87a43a8f6b7d698209ee1
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/containers/storage/commit/306fcabc964470e4b3b87a43a8f6b7d698209ee1
7
reference_url https://github.com/containers/storage/pull/860
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/containers/storage/pull/860
8
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R5D7XL7FL24TWFMGQ3K2S72EOUSLZMKL
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R5D7XL7FL24TWFMGQ3K2S72EOUSLZMKL
9
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SPYOHNG2Q7DCAQZMGYLMENLKALGDLG3X
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SPYOHNG2Q7DCAQZMGYLMENLKALGDLG3X
10
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WX24EITRXVHDM5M223BVTJA2ODF2FSHI
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WX24EITRXVHDM5M223BVTJA2ODF2FSHI
11
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZNMB7O2UIXE34PGSCSOULGHPX5LIJBMM
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZNMB7O2UIXE34PGSCSOULGHPX5LIJBMM
12
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-20291
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-20291
13
reference_url https://pkg.go.dev/vuln/GO-2021-0100
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://pkg.go.dev/vuln/GO-2021-0100
14
reference_url https://unit42.paloaltonetworks.com/cve-2021-20291
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://unit42.paloaltonetworks.com/cve-2021-20291
15
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=988942
reference_id 988942
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=988942
16
reference_url https://access.redhat.com/errata/RHSA-2021:1150
reference_id RHSA-2021:1150
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:1150
17
reference_url https://access.redhat.com/errata/RHSA-2021:2438
reference_id RHSA-2021:2438
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:2438
18
reference_url https://access.redhat.com/errata/RHSA-2021:4154
reference_id RHSA-2021:4154
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:4154
19
reference_url https://access.redhat.com/errata/RHSA-2022:7954
reference_id RHSA-2022:7954
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:7954
20
reference_url https://access.redhat.com/errata/RHSA-2022:7955
reference_id RHSA-2022:7955
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:7955
fixed_packages
aliases CVE-2021-20291, GHSA-7qw8-847f-pggm
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-pqs8-s3dm-7ff2
5
url VCID-ttsj-3bd1-tfhu
vulnerability_id VCID-ttsj-3bd1-tfhu
summary 
Podman's incorrect handling of the supplementary groups may lead to data disclosure, modification
An incorrect handling of the supplementary groups in the Podman container engine might lead to the sensitive information disclosure or possible data modification if an attacker has direct access to the affected container where supplementary groups are used to set access permissions and is able to execute a binary code in that container.
references
0
reference_url https://access.redhat.com/errata/RHSA-2022:7822
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2022:7822
1
reference_url https://access.redhat.com/errata/RHSA-2022:8008
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2022:8008
2
reference_url https://access.redhat.com/errata/RHSA-2022:8431
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2022:8431
3
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-2989.json
reference_id
reference_type
scores
0
value 3.6
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-2989.json
4
reference_url https://access.redhat.com/security/cve/CVE-2022-2989
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/security/cve/CVE-2022-2989
5
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-2989
reference_id
reference_type
scores
0
value 0.00046
scoring_system epss
scoring_elements 0.143
published_at 2026-04-11T12:55:00Z
1
value 0.00046
scoring_system epss
scoring_elements 0.14217
published_at 2026-04-07T12:55:00Z
2
value 0.00046
scoring_system epss
scoring_elements 0.1441
published_at 2026-04-04T12:55:00Z
3
value 0.00046
scoring_system epss
scoring_elements 0.14346
published_at 2026-04-02T12:55:00Z
4
value 0.00046
scoring_system epss
scoring_elements 0.14179
published_at 2026-04-26T12:55:00Z
5
value 0.00046
scoring_system epss
scoring_elements 0.14203
published_at 2026-04-24T12:55:00Z
6
value 0.00046
scoring_system epss
scoring_elements 0.1417
published_at 2026-04-21T12:55:00Z
7
value 0.00046
scoring_system epss
scoring_elements 0.14095
published_at 2026-04-18T12:55:00Z
8
value 0.00046
scoring_system epss
scoring_elements 0.14096
published_at 2026-04-16T12:55:00Z
9
value 0.00046
scoring_system epss
scoring_elements 0.14206
published_at 2026-04-13T12:55:00Z
10
value 0.00046
scoring_system epss
scoring_elements 0.14261
published_at 2026-04-12T12:55:00Z
11
value 0.00046
scoring_system epss
scoring_elements 0.14354
published_at 2026-04-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-2989
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2121445
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-05T18:14:40Z/
url https://bugzilla.redhat.com/show_bug.cgi?id=2121445
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2989
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2989
8
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
9
reference_url https://github.com/containers/podman
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/containers/podman
10
reference_url https://github.com/containers/podman/pull/15618
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/containers/podman/pull/15618
11
reference_url https://github.com/containers/podman/pull/15677
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/containers/podman/pull/15677
12
reference_url https://github.com/containers/podman/pull/15696
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/containers/podman/pull/15696
13
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-2989
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-2989
14
reference_url https://www.benthamsgaze.org/2022/08/22/vulnerability-in-linux-containers-investigation-and-mitigation
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.benthamsgaze.org/2022/08/22/vulnerability-in-linux-containers-investigation-and-mitigation
15
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019591
reference_id 1019591
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019591
16
reference_url https://security.gentoo.org/glsa/202407-12
reference_id GLSA-202407-12
reference_type
scores
url https://security.gentoo.org/glsa/202407-12
17
reference_url https://access.redhat.com/errata/RHSA-2023:2802
reference_id RHSA-2023:2802
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:2802
18
reference_url https://access.redhat.com/errata/RHSA-2023:3613
reference_id RHSA-2023:3613
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:3613
19
reference_url https://usn.ubuntu.com/6295-1/
reference_id USN-6295-1
reference_type
scores
url https://usn.ubuntu.com/6295-1/
20
reference_url https://www.benthamsgaze.org/2022/08/22/vulnerability-in-linux-containers-investigation-and-mitigation/
reference_id vulnerability-in-linux-containers-investigation-and-mitigation
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-05T18:14:40Z/
url https://www.benthamsgaze.org/2022/08/22/vulnerability-in-linux-containers-investigation-and-mitigation/
fixed_packages
aliases CVE-2022-2989, GHSA-4wjj-jwc9-2x96
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ttsj-3bd1-tfhu
6
url VCID-z1ct-cecz-mqer
vulnerability_id VCID-z1ct-cecz-mqer
summary Multiple vulnerabilities have been found in Go, the worst of which could result in remote code execution.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-33197.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-33197.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-33197
reference_id
reference_type
scores
0
value 0.00039
scoring_system epss
scoring_elements 0.11881
published_at 2026-04-01T12:55:00Z
1
value 0.00039
scoring_system epss
scoring_elements 0.11845
published_at 2026-04-26T12:55:00Z
2
value 0.00039
scoring_system epss
scoring_elements 0.11905
published_at 2026-04-21T12:55:00Z
3
value 0.00039
scoring_system epss
scoring_elements 0.11876
published_at 2026-04-24T12:55:00Z
4
value 0.00039
scoring_system epss
scoring_elements 0.11994
published_at 2026-04-02T12:55:00Z
5
value 0.00039
scoring_system epss
scoring_elements 0.12037
published_at 2026-04-04T12:55:00Z
6
value 0.00039
scoring_system epss
scoring_elements 0.11839
published_at 2026-04-07T12:55:00Z
7
value 0.00039
scoring_system epss
scoring_elements 0.11922
published_at 2026-04-08T12:55:00Z
8
value 0.00039
scoring_system epss
scoring_elements 0.11974
published_at 2026-04-09T12:55:00Z
9
value 0.00039
scoring_system epss
scoring_elements 0.11981
published_at 2026-04-11T12:55:00Z
10
value 0.00039
scoring_system epss
scoring_elements 0.11944
published_at 2026-04-12T12:55:00Z
11
value 0.00039
scoring_system epss
scoring_elements 0.11918
published_at 2026-04-13T12:55:00Z
12
value 0.00039
scoring_system epss
scoring_elements 0.11787
published_at 2026-04-16T12:55:00Z
13
value 0.00039
scoring_system epss
scoring_elements 0.11785
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-33197
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33197
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33197
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1989570
reference_id 1989570
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1989570
5
reference_url https://security.archlinux.org/ASA-202106-42
reference_id ASA-202106-42
reference_type
scores
url https://security.archlinux.org/ASA-202106-42
6
reference_url https://security.archlinux.org/AVG-2006
reference_id AVG-2006
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2006
7
reference_url https://security.gentoo.org/glsa/202208-02
reference_id GLSA-202208-02
reference_type
scores
url https://security.gentoo.org/glsa/202208-02
8
reference_url https://access.redhat.com/errata/RHSA-2021:2983
reference_id RHSA-2021:2983
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:2983
9
reference_url https://access.redhat.com/errata/RHSA-2021:2984
reference_id RHSA-2021:2984
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:2984
10
reference_url https://access.redhat.com/errata/RHSA-2021:3009
reference_id RHSA-2021:3009
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3009
11
reference_url https://access.redhat.com/errata/RHSA-2021:3146
reference_id RHSA-2021:3146
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3146
12
reference_url https://access.redhat.com/errata/RHSA-2021:3229
reference_id RHSA-2021:3229
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3229
13
reference_url https://access.redhat.com/errata/RHSA-2021:3248
reference_id RHSA-2021:3248
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3248
14
reference_url https://access.redhat.com/errata/RHSA-2021:3361
reference_id RHSA-2021:3361
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3361
15
reference_url https://access.redhat.com/errata/RHSA-2021:3431
reference_id RHSA-2021:3431
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3431
16
reference_url https://access.redhat.com/errata/RHSA-2021:3487
reference_id RHSA-2021:3487
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3487
17
reference_url https://access.redhat.com/errata/RHSA-2021:3555
reference_id RHSA-2021:3555
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3555
18
reference_url https://access.redhat.com/errata/RHSA-2021:3556
reference_id RHSA-2021:3556
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3556
19
reference_url https://access.redhat.com/errata/RHSA-2021:3598
reference_id RHSA-2021:3598
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3598
20
reference_url https://access.redhat.com/errata/RHSA-2021:3759
reference_id RHSA-2021:3759
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3759
21
reference_url https://access.redhat.com/errata/RHSA-2021:3820
reference_id RHSA-2021:3820
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3820
22
reference_url https://access.redhat.com/errata/RHSA-2021:4104
reference_id RHSA-2021:4104
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:4104
23
reference_url https://access.redhat.com/errata/RHSA-2021:4156
reference_id RHSA-2021:4156
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:4156
24
reference_url https://access.redhat.com/errata/RHSA-2021:4226
reference_id RHSA-2021:4226
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:4226
25
reference_url https://access.redhat.com/errata/RHSA-2021:5072
reference_id RHSA-2021:5072
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:5072
26
reference_url https://access.redhat.com/errata/RHSA-2021:5085
reference_id RHSA-2021:5085
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:5085
27
reference_url https://access.redhat.com/errata/RHSA-2021:5086
reference_id RHSA-2021:5086
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:5086
28
reference_url https://access.redhat.com/errata/RHSA-2022:0191
reference_id RHSA-2022:0191
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0191
29
reference_url https://access.redhat.com/errata/RHSA-2022:0577
reference_id RHSA-2022:0577
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0577
30
reference_url https://access.redhat.com/errata/RHSA-2022:1329
reference_id RHSA-2022:1329
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:1329
31
reference_url https://access.redhat.com/errata/RHSA-2022:1402
reference_id RHSA-2022:1402
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:1402
32
reference_url https://access.redhat.com/errata/RHSA-2022:7954
reference_id RHSA-2022:7954
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:7954
fixed_packages
aliases CVE-2021-33197
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-z1ct-cecz-mqer
Fixing_vulnerabilities
Risk_score4.0
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:rpm/redhat/buildah@1:1.27.0-2%3Farch=el9