Django REST framework

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

Vulnerability_idVCID-b2qe-8u58-2qck
Summary
IPv6 enabled on IPv4-only network interfaces
In 26.0.0 and 26.0.1, IPv6 is not disabled on network interfaces, including those belonging to networks where `--ipv6=false`.

### Impact

A container with an `ipvlan` or `macvlan` interface will normally be configured to share an external network link with the host machine. Because of this direct access, with IPv6 enabled:

- Containers may be able to communicate with other hosts on the local network over link-local IPv6 addresses.
- If router advertisements are being broadcast over the local network, containers may get SLAAC-assigned addresses.
- The interface  will be a member of IPv6 multicast groups.

This means interfaces in IPv4-only networks present an unexpectedly and unnecessarily increased attack surface.

A container with an unexpected IPv6 address can do anything a container configured with an IPv6 address can do. That is, listen for connections on its IPv6 address, open connections to other nodes on the network over IPv6, or attempt a DoS attack by flooding packets from its IPv6 address. This has CVSS score AV:L/AC:H/PR:N/UI:R/S:C/C:N/I:N/A:L (2.7).

Because the container may not be constrained by an IPv6 firewall, there is increased potential for data exfiltration from the container. This has CVSS score AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N (4.7).

A remote attacker could send malicious Router Advertisements to divert traffic to itself, a black-hole, or another device. The same attack is possible today for IPv4 macvlan/ipvlan endpoints with ARP spoofing, TLS is commonly used by Internet APIs to mitigate this risk. The presence of an IPv6 route could impact the container's availability by indirectly abusing the behaviour of software which behaves poorly in a dual-stack environment. For example, it could resolve a name to a DNS AAAA record and keep trying to connect over IPv6 without ever falling back to IPv4, potentially denying service to the container. This has CVSS score AV:A/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H (4.5).

### Patches

The issue is patched in 26.0.2.

### Workarounds

To completely disable IPv6 in a container, use `--sysctl=net.ipv6.conf.all.disable_ipv6=1` in the `docker create` or `docker run` command. Or, in the service configuration of a `compose` file, the equivalent:

```
        sysctls:
            - net.ipv6.conf.all.disable_ipv6=1
```

### References

- sysctl configuration using `docker run`:
  - https://docs.docker.com/reference/cli/docker/container/run/#sysctl
- sysctl configuration using `docker compose`:
  - https://docs.docker.com/compose/compose-file/compose-file-v3/#sysctls
Aliases
0
alias CVE-2024-32473
1
alias GHSA-x84c-p2g9-rqv9
Fixed_packages
0
url pkg:apk/alpine/docker@26.0.2-r0?arch=riscv64&distroversion=v3.22&reponame=community
purl pkg:apk/alpine/docker@26.0.2-r0?arch=riscv64&distroversion=v3.22&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/docker@26.0.2-r0%3Farch=riscv64&distroversion=v3.22&reponame=community
1
url pkg:apk/alpine/docker@26.0.2-r0?arch=x86_64&distroversion=v3.22&reponame=community
purl pkg:apk/alpine/docker@26.0.2-r0?arch=x86_64&distroversion=v3.22&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/docker@26.0.2-r0%3Farch=x86_64&distroversion=v3.22&reponame=community
2
url pkg:apk/alpine/docker@26.0.2-r0?arch=aarch64&distroversion=v3.20&reponame=community
purl pkg:apk/alpine/docker@26.0.2-r0?arch=aarch64&distroversion=v3.20&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/docker@26.0.2-r0%3Farch=aarch64&distroversion=v3.20&reponame=community
3
url pkg:apk/alpine/docker@26.0.2-r0?arch=armhf&distroversion=v3.20&reponame=community
purl pkg:apk/alpine/docker@26.0.2-r0?arch=armhf&distroversion=v3.20&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/docker@26.0.2-r0%3Farch=armhf&distroversion=v3.20&reponame=community
4
url pkg:apk/alpine/docker@26.0.2-r0?arch=armv7&distroversion=v3.20&reponame=community
purl pkg:apk/alpine/docker@26.0.2-r0?arch=armv7&distroversion=v3.20&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/docker@26.0.2-r0%3Farch=armv7&distroversion=v3.20&reponame=community
5
url pkg:apk/alpine/docker@26.0.2-r0?arch=ppc64le&distroversion=v3.20&reponame=community
purl pkg:apk/alpine/docker@26.0.2-r0?arch=ppc64le&distroversion=v3.20&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/docker@26.0.2-r0%3Farch=ppc64le&distroversion=v3.20&reponame=community
6
url pkg:apk/alpine/docker@26.0.2-r0?arch=riscv64&distroversion=v3.20&reponame=community
purl pkg:apk/alpine/docker@26.0.2-r0?arch=riscv64&distroversion=v3.20&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/docker@26.0.2-r0%3Farch=riscv64&distroversion=v3.20&reponame=community
7
url pkg:apk/alpine/docker@26.0.2-r0?arch=s390x&distroversion=v3.20&reponame=community
purl pkg:apk/alpine/docker@26.0.2-r0?arch=s390x&distroversion=v3.20&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/docker@26.0.2-r0%3Farch=s390x&distroversion=v3.20&reponame=community
8
url pkg:apk/alpine/docker@26.0.2-r0?arch=x86&distroversion=v3.20&reponame=community
purl pkg:apk/alpine/docker@26.0.2-r0?arch=x86&distroversion=v3.20&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/docker@26.0.2-r0%3Farch=x86&distroversion=v3.20&reponame=community
9
url pkg:apk/alpine/docker@26.0.2-r0?arch=x86_64&distroversion=v3.20&reponame=community
purl pkg:apk/alpine/docker@26.0.2-r0?arch=x86_64&distroversion=v3.20&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/docker@26.0.2-r0%3Farch=x86_64&distroversion=v3.20&reponame=community
10
url pkg:apk/alpine/docker@26.0.2-r0?arch=aarch64&distroversion=v3.21&reponame=community
purl pkg:apk/alpine/docker@26.0.2-r0?arch=aarch64&distroversion=v3.21&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/docker@26.0.2-r0%3Farch=aarch64&distroversion=v3.21&reponame=community
11
url pkg:apk/alpine/docker@26.0.2-r0?arch=armhf&distroversion=v3.21&reponame=community
purl pkg:apk/alpine/docker@26.0.2-r0?arch=armhf&distroversion=v3.21&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/docker@26.0.2-r0%3Farch=armhf&distroversion=v3.21&reponame=community
12
url pkg:apk/alpine/docker@26.0.2-r0?arch=armv7&distroversion=v3.21&reponame=community
purl pkg:apk/alpine/docker@26.0.2-r0?arch=armv7&distroversion=v3.21&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/docker@26.0.2-r0%3Farch=armv7&distroversion=v3.21&reponame=community
13
url pkg:apk/alpine/docker@26.0.2-r0?arch=loongarch64&distroversion=v3.21&reponame=community
purl pkg:apk/alpine/docker@26.0.2-r0?arch=loongarch64&distroversion=v3.21&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/docker@26.0.2-r0%3Farch=loongarch64&distroversion=v3.21&reponame=community
14
url pkg:apk/alpine/docker@26.0.2-r0?arch=x86_64&distroversion=v3.21&reponame=community
purl pkg:apk/alpine/docker@26.0.2-r0?arch=x86_64&distroversion=v3.21&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/docker@26.0.2-r0%3Farch=x86_64&distroversion=v3.21&reponame=community
15
url pkg:apk/alpine/docker@26.0.2-r0?arch=loongarch64&distroversion=edge&reponame=community
purl pkg:apk/alpine/docker@26.0.2-r0?arch=loongarch64&distroversion=edge&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/docker@26.0.2-r0%3Farch=loongarch64&distroversion=edge&reponame=community
16
url pkg:apk/alpine/docker@26.0.2-r0?arch=ppc64le&distroversion=edge&reponame=community
purl pkg:apk/alpine/docker@26.0.2-r0?arch=ppc64le&distroversion=edge&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/docker@26.0.2-r0%3Farch=ppc64le&distroversion=edge&reponame=community
17
url pkg:apk/alpine/docker@26.0.2-r0?arch=ppc64le&distroversion=v3.22&reponame=community
purl pkg:apk/alpine/docker@26.0.2-r0?arch=ppc64le&distroversion=v3.22&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/docker@26.0.2-r0%3Farch=ppc64le&distroversion=v3.22&reponame=community
18
url pkg:apk/alpine/docker@26.0.2-r0?arch=ppc64le&distroversion=v3.23&reponame=community
purl pkg:apk/alpine/docker@26.0.2-r0?arch=ppc64le&distroversion=v3.23&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/docker@26.0.2-r0%3Farch=ppc64le&distroversion=v3.23&reponame=community
19
url pkg:apk/alpine/docker@26.0.2-r0?arch=x86&distroversion=v3.23&reponame=community
purl pkg:apk/alpine/docker@26.0.2-r0?arch=x86&distroversion=v3.23&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/docker@26.0.2-r0%3Farch=x86&distroversion=v3.23&reponame=community
20
url pkg:apk/alpine/docker@26.0.2-r0?arch=x86_64&distroversion=v3.23&reponame=community
purl pkg:apk/alpine/docker@26.0.2-r0?arch=x86_64&distroversion=v3.23&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/docker@26.0.2-r0%3Farch=x86_64&distroversion=v3.23&reponame=community
21
url pkg:apk/alpine/docker@26.0.2-r0?arch=ppc64le&distroversion=v3.21&reponame=community
purl pkg:apk/alpine/docker@26.0.2-r0?arch=ppc64le&distroversion=v3.21&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/docker@26.0.2-r0%3Farch=ppc64le&distroversion=v3.21&reponame=community
22
url pkg:apk/alpine/docker@26.0.2-r0?arch=riscv64&distroversion=v3.21&reponame=community
purl pkg:apk/alpine/docker@26.0.2-r0?arch=riscv64&distroversion=v3.21&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/docker@26.0.2-r0%3Farch=riscv64&distroversion=v3.21&reponame=community
23
url pkg:apk/alpine/docker@26.0.2-r0?arch=s390x&distroversion=v3.21&reponame=community
purl pkg:apk/alpine/docker@26.0.2-r0?arch=s390x&distroversion=v3.21&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/docker@26.0.2-r0%3Farch=s390x&distroversion=v3.21&reponame=community
24
url pkg:apk/alpine/docker@26.0.2-r0?arch=x86&distroversion=v3.21&reponame=community
purl pkg:apk/alpine/docker@26.0.2-r0?arch=x86&distroversion=v3.21&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/docker@26.0.2-r0%3Farch=x86&distroversion=v3.21&reponame=community
25
url pkg:apk/alpine/docker@26.0.2-r0?arch=aarch64&distroversion=edge&reponame=community
purl pkg:apk/alpine/docker@26.0.2-r0?arch=aarch64&distroversion=edge&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/docker@26.0.2-r0%3Farch=aarch64&distroversion=edge&reponame=community
26
url pkg:apk/alpine/docker@26.0.2-r0?arch=armhf&distroversion=edge&reponame=community
purl pkg:apk/alpine/docker@26.0.2-r0?arch=armhf&distroversion=edge&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/docker@26.0.2-r0%3Farch=armhf&distroversion=edge&reponame=community
27
url pkg:apk/alpine/docker@26.0.2-r0?arch=armv7&distroversion=edge&reponame=community
purl pkg:apk/alpine/docker@26.0.2-r0?arch=armv7&distroversion=edge&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/docker@26.0.2-r0%3Farch=armv7&distroversion=edge&reponame=community
28
url pkg:apk/alpine/docker@26.0.2-r0?arch=riscv64&distroversion=edge&reponame=community
purl pkg:apk/alpine/docker@26.0.2-r0?arch=riscv64&distroversion=edge&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/docker@26.0.2-r0%3Farch=riscv64&distroversion=edge&reponame=community
29
url pkg:apk/alpine/docker@26.0.2-r0?arch=s390x&distroversion=edge&reponame=community
purl pkg:apk/alpine/docker@26.0.2-r0?arch=s390x&distroversion=edge&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/docker@26.0.2-r0%3Farch=s390x&distroversion=edge&reponame=community
30
url pkg:apk/alpine/docker@26.0.2-r0?arch=x86&distroversion=edge&reponame=community
purl pkg:apk/alpine/docker@26.0.2-r0?arch=x86&distroversion=edge&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/docker@26.0.2-r0%3Farch=x86&distroversion=edge&reponame=community
31
url pkg:apk/alpine/docker@26.0.2-r0?arch=x86_64&distroversion=edge&reponame=community
purl pkg:apk/alpine/docker@26.0.2-r0?arch=x86_64&distroversion=edge&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/docker@26.0.2-r0%3Farch=x86_64&distroversion=edge&reponame=community
32
url pkg:apk/alpine/docker@26.0.2-r0?arch=aarch64&distroversion=v3.22&reponame=community
purl pkg:apk/alpine/docker@26.0.2-r0?arch=aarch64&distroversion=v3.22&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/docker@26.0.2-r0%3Farch=aarch64&distroversion=v3.22&reponame=community
33
url pkg:apk/alpine/docker@26.0.2-r0?arch=armhf&distroversion=v3.22&reponame=community
purl pkg:apk/alpine/docker@26.0.2-r0?arch=armhf&distroversion=v3.22&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/docker@26.0.2-r0%3Farch=armhf&distroversion=v3.22&reponame=community
34
url pkg:apk/alpine/docker@26.0.2-r0?arch=armv7&distroversion=v3.22&reponame=community
purl pkg:apk/alpine/docker@26.0.2-r0?arch=armv7&distroversion=v3.22&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/docker@26.0.2-r0%3Farch=armv7&distroversion=v3.22&reponame=community
35
url pkg:apk/alpine/docker@26.0.2-r0?arch=loongarch64&distroversion=v3.22&reponame=community
purl pkg:apk/alpine/docker@26.0.2-r0?arch=loongarch64&distroversion=v3.22&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/docker@26.0.2-r0%3Farch=loongarch64&distroversion=v3.22&reponame=community
36
url pkg:apk/alpine/docker@26.0.2-r0?arch=s390x&distroversion=v3.22&reponame=community
purl pkg:apk/alpine/docker@26.0.2-r0?arch=s390x&distroversion=v3.22&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/docker@26.0.2-r0%3Farch=s390x&distroversion=v3.22&reponame=community
37
url pkg:apk/alpine/docker@26.0.2-r0?arch=x86&distroversion=v3.22&reponame=community
purl pkg:apk/alpine/docker@26.0.2-r0?arch=x86&distroversion=v3.22&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/docker@26.0.2-r0%3Farch=x86&distroversion=v3.22&reponame=community
38
url pkg:apk/alpine/docker@26.0.2-r0?arch=aarch64&distroversion=v3.23&reponame=community
purl pkg:apk/alpine/docker@26.0.2-r0?arch=aarch64&distroversion=v3.23&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/docker@26.0.2-r0%3Farch=aarch64&distroversion=v3.23&reponame=community
39
url pkg:apk/alpine/docker@26.0.2-r0?arch=armhf&distroversion=v3.23&reponame=community
purl pkg:apk/alpine/docker@26.0.2-r0?arch=armhf&distroversion=v3.23&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/docker@26.0.2-r0%3Farch=armhf&distroversion=v3.23&reponame=community
40
url pkg:apk/alpine/docker@26.0.2-r0?arch=armv7&distroversion=v3.23&reponame=community
purl pkg:apk/alpine/docker@26.0.2-r0?arch=armv7&distroversion=v3.23&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/docker@26.0.2-r0%3Farch=armv7&distroversion=v3.23&reponame=community
41
url pkg:apk/alpine/docker@26.0.2-r0?arch=loongarch64&distroversion=v3.23&reponame=community
purl pkg:apk/alpine/docker@26.0.2-r0?arch=loongarch64&distroversion=v3.23&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/docker@26.0.2-r0%3Farch=loongarch64&distroversion=v3.23&reponame=community
42
url pkg:apk/alpine/docker@26.0.2-r0?arch=riscv64&distroversion=v3.23&reponame=community
purl pkg:apk/alpine/docker@26.0.2-r0?arch=riscv64&distroversion=v3.23&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/docker@26.0.2-r0%3Farch=riscv64&distroversion=v3.23&reponame=community
43
url pkg:apk/alpine/docker@26.0.2-r0?arch=s390x&distroversion=v3.23&reponame=community
purl pkg:apk/alpine/docker@26.0.2-r0?arch=s390x&distroversion=v3.23&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/docker@26.0.2-r0%3Farch=s390x&distroversion=v3.23&reponame=community
44
url pkg:deb/debian/docker.io@20.10.24%2Bdfsg1-1
purl pkg:deb/debian/docker.io@20.10.24%2Bdfsg1-1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/docker.io@20.10.24%252Bdfsg1-1
45
url pkg:deb/debian/docker.io@26.1.4%2Bdfsg1-9?distro=trixie
purl pkg:deb/debian/docker.io@26.1.4%2Bdfsg1-9?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/docker.io@26.1.4%252Bdfsg1-9%3Fdistro=trixie
46
url pkg:deb/debian/docker.io@26.1.5%2Bdfsg1-9
purl pkg:deb/debian/docker.io@26.1.5%2Bdfsg1-9
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/docker.io@26.1.5%252Bdfsg1-9
47
url pkg:deb/debian/docker.io@26.1.5%2Bdfsg1-9?distro=trixie
purl pkg:deb/debian/docker.io@26.1.5%2Bdfsg1-9?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/docker.io@26.1.5%252Bdfsg1-9%3Fdistro=trixie
48
url pkg:deb/debian/docker.io@28.5.2%2Bdfsg3-2?distro=trixie
purl pkg:deb/debian/docker.io@28.5.2%2Bdfsg3-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/docker.io@28.5.2%252Bdfsg3-2%3Fdistro=trixie
Affected_packages
0
url pkg:deb/debian/docker.io@20.10.5%2Bdfsg1-1%2Bdeb11u2?distro=trixie
purl pkg:deb/debian/docker.io@20.10.5%2Bdfsg1-1%2Bdeb11u2?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1sky-21r5-3qcu
1
vulnerability VCID-6tg9-3vhh-muae
2
vulnerability VCID-8e1u-z6kg-ryhc
3
vulnerability VCID-avqu-wswg-c3ga
4
vulnerability VCID-b2qe-8u58-2qck
5
vulnerability VCID-bzeb-kj67-vfds
6
vulnerability VCID-e82r-vc77-f7bz
7
vulnerability VCID-njcw-wc13-dqcz
8
vulnerability VCID-quyf-eq2s-dbda
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/docker.io@20.10.5%252Bdfsg1-1%252Bdeb11u2%3Fdistro=trixie
1
url pkg:deb/debian/docker.io@20.10.5%2Bdfsg1-1%2Bdeb11u2
purl pkg:deb/debian/docker.io@20.10.5%2Bdfsg1-1%2Bdeb11u2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1sky-21r5-3qcu
1
vulnerability VCID-41ft-14gt-bbbq
2
vulnerability VCID-6tg9-3vhh-muae
3
vulnerability VCID-8e1u-z6kg-ryhc
4
vulnerability VCID-avqu-wswg-c3ga
5
vulnerability VCID-b2qe-8u58-2qck
6
vulnerability VCID-bzeb-kj67-vfds
7
vulnerability VCID-e82r-vc77-f7bz
8
vulnerability VCID-njcw-wc13-dqcz
9
vulnerability VCID-quyf-eq2s-dbda
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/docker.io@20.10.5%252Bdfsg1-1%252Bdeb11u2
2
url pkg:deb/debian/docker.io@20.10.24%2Bdfsg1-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/docker.io@20.10.24%2Bdfsg1-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1sky-21r5-3qcu
1
vulnerability VCID-6tg9-3vhh-muae
2
vulnerability VCID-8e1u-z6kg-ryhc
3
vulnerability VCID-b2qe-8u58-2qck
4
vulnerability VCID-njcw-wc13-dqcz
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/docker.io@20.10.24%252Bdfsg1-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/docker.io@20.10.24%2Bdfsg1-1%2Bdeb12u1
purl pkg:deb/debian/docker.io@20.10.24%2Bdfsg1-1%2Bdeb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1sky-21r5-3qcu
1
vulnerability VCID-6tg9-3vhh-muae
2
vulnerability VCID-8e1u-z6kg-ryhc
3
vulnerability VCID-b2qe-8u58-2qck
4
vulnerability VCID-njcw-wc13-dqcz
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/docker.io@20.10.24%252Bdfsg1-1%252Bdeb12u1
References
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-32473.json
reference_id
reference_type
scores
0
value 4.7
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-32473.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-32473
reference_id
reference_type
scores
0
value 0.00095
scoring_system epss
scoring_elements 0.26254
published_at 2026-04-21T12:55:00Z
1
value 0.00095
scoring_system epss
scoring_elements 0.2629
published_at 2026-04-18T12:55:00Z
2
value 0.00095
scoring_system epss
scoring_elements 0.26317
published_at 2026-04-16T12:55:00Z
3
value 0.00095
scoring_system epss
scoring_elements 0.26307
published_at 2026-04-13T12:55:00Z
4
value 0.00095
scoring_system epss
scoring_elements 0.26366
published_at 2026-04-12T12:55:00Z
5
value 0.00095
scoring_system epss
scoring_elements 0.26412
published_at 2026-04-11T12:55:00Z
6
value 0.00095
scoring_system epss
scoring_elements 0.26403
published_at 2026-04-09T12:55:00Z
7
value 0.00095
scoring_system epss
scoring_elements 0.26353
published_at 2026-04-08T12:55:00Z
8
value 0.00095
scoring_system epss
scoring_elements 0.26286
published_at 2026-04-07T12:55:00Z
9
value 0.00095
scoring_system epss
scoring_elements 0.26467
published_at 2026-04-02T12:55:00Z
10
value 0.00095
scoring_system epss
scoring_elements 0.2651
published_at 2026-04-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-32473
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-32473
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-32473
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/moby/moby
reference_id
reference_type
scores
0
value 4.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/moby/moby
5
reference_url https://github.com/moby/moby/commit/7cef0d9cd1cf221d8c0b7b7aeda69552649e0642
reference_id
reference_type
scores
0
value 4.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-21T13:58:32Z/
url https://github.com/moby/moby/commit/7cef0d9cd1cf221d8c0b7b7aeda69552649e0642
6
reference_url https://github.com/moby/moby/security/advisories/GHSA-x84c-p2g9-rqv9
reference_id
reference_type
scores
0
value 4.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-21T13:58:32Z/
url https://github.com/moby/moby/security/advisories/GHSA-x84c-p2g9-rqv9
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2024-32473
reference_id
reference_type
scores
0
value 4.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2024-32473
8
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1070378
reference_id 1070378
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1070378
9
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2276026
reference_id 2276026
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2276026
Weaknesses
0
cwe_id 668
name Exposure of Resource to Wrong Sphere
description The product exposes a resource to the wrong control sphere, providing unintended actors with inappropriate access to the resource.
Exploits
Severity_range_score4.0 - 6.9
Exploitability0.5
Weighted_severity6.2
Risk_score3.1
Resource_urlhttp://public2.vulnerablecode.io/vulnerabilities/VCID-b2qe-8u58-2qck