Django REST framework

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

Vulnerability_idVCID-3brf-dmwm-qkgj
Summary
Supplementary groups are not set up properly in github.com/containerd/containerd
### Impact

A bug was found in containerd where supplementary groups are not set up properly inside a container.  If an attacker has direct access to a container and manipulates their supplementary group access, they may be able to use supplementary group access to bypass primary group restrictions in some cases, potentially gaining access to sensitive information or gaining the ability to execute code in that container.

Downstream applications that use the containerd client library may be affected as well.

### Patches
This bug has been fixed in containerd v1.6.18 and v.1.5.18.  Users should update to these versions and recreate containers to resolve this issue.  Users who rely on a downstream application that uses containerd's client library should check that application for a separate advisory and instructions.

### Workarounds

Ensure that the `"USER $USERNAME"` Dockerfile instruction is not used.  Instead, set the container entrypoint to a value similar to `ENTRYPOINT ["su", "-", "user"]` to allow `su` to properly set up supplementary groups.

### References

- https://www.benthamsgaze.org/2022/08/22/vulnerability-in-linux-containers-investigation-and-mitigation/
- Docker/Moby: CVE-2022-36109, fixed in Docker 20.10.18
- CRI-O: CVE-2022-2995, fixed in CRI-O 1.25.0
- Podman: CVE-2022-2989, fixed in Podman 3.0.1 and 4.2.0
- Buildah: CVE-2022-2990, fixed in Buildah 1.27.1

Note that CVE IDs apply to a particular implementation, even if an issue is common.

### For more information

If you have any questions or comments about this advisory:

* Open an issue in [containerd](https://github.com/containerd/containerd/issues/new/choose)
* Email us at [security@containerd.io](mailto:security@containerd.io)

To report a security issue in containerd:
* [Report a new vulnerability](https://github.com/containerd/containerd/security/advisories/new)
* Email us at [security@containerd.io](mailto:security@containerd.io)
Aliases
0
alias CVE-2023-25173
1
alias GHSA-hmfx-3pcx-653p
Fixed_packages
0
url pkg:apk/alpine/containerd@1.6.18-r0?arch=armv7&distroversion=v3.18&reponame=community
purl pkg:apk/alpine/containerd@1.6.18-r0?arch=armv7&distroversion=v3.18&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/containerd@1.6.18-r0%3Farch=armv7&distroversion=v3.18&reponame=community
1
url pkg:apk/alpine/containerd@1.6.18-r0?arch=s390x&distroversion=v3.18&reponame=community
purl pkg:apk/alpine/containerd@1.6.18-r0?arch=s390x&distroversion=v3.18&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/containerd@1.6.18-r0%3Farch=s390x&distroversion=v3.18&reponame=community
2
url pkg:apk/alpine/containerd@1.6.18-r0?arch=x86&distroversion=v3.18&reponame=community
purl pkg:apk/alpine/containerd@1.6.18-r0?arch=x86&distroversion=v3.18&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/containerd@1.6.18-r0%3Farch=x86&distroversion=v3.18&reponame=community
3
url pkg:apk/alpine/containerd@1.6.18-r0?arch=x86_64&distroversion=v3.18&reponame=community
purl pkg:apk/alpine/containerd@1.6.18-r0?arch=x86_64&distroversion=v3.18&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/containerd@1.6.18-r0%3Farch=x86_64&distroversion=v3.18&reponame=community
4
url pkg:apk/alpine/containerd@1.6.18-r0?arch=x86_64&distroversion=v3.17&reponame=community
purl pkg:apk/alpine/containerd@1.6.18-r0?arch=x86_64&distroversion=v3.17&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/containerd@1.6.18-r0%3Farch=x86_64&distroversion=v3.17&reponame=community
5
url pkg:apk/alpine/containerd@1.6.18-r0?arch=x86_64&distroversion=edge&reponame=community
purl pkg:apk/alpine/containerd@1.6.18-r0?arch=x86_64&distroversion=edge&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/containerd@1.6.18-r0%3Farch=x86_64&distroversion=edge&reponame=community
6
url pkg:apk/alpine/containerd@1.6.18-r0?arch=ppc64le&distroversion=v3.20&reponame=community
purl pkg:apk/alpine/containerd@1.6.18-r0?arch=ppc64le&distroversion=v3.20&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/containerd@1.6.18-r0%3Farch=ppc64le&distroversion=v3.20&reponame=community
7
url pkg:apk/alpine/containerd@1.6.18-r0?arch=aarch64&distroversion=v3.22&reponame=community
purl pkg:apk/alpine/containerd@1.6.18-r0?arch=aarch64&distroversion=v3.22&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/containerd@1.6.18-r0%3Farch=aarch64&distroversion=v3.22&reponame=community
8
url pkg:apk/alpine/containerd@1.6.18-r0?arch=armhf&distroversion=v3.22&reponame=community
purl pkg:apk/alpine/containerd@1.6.18-r0?arch=armhf&distroversion=v3.22&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/containerd@1.6.18-r0%3Farch=armhf&distroversion=v3.22&reponame=community
9
url pkg:apk/alpine/containerd@1.6.18-r0?arch=ppc64le&distroversion=v3.22&reponame=community
purl pkg:apk/alpine/containerd@1.6.18-r0?arch=ppc64le&distroversion=v3.22&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/containerd@1.6.18-r0%3Farch=ppc64le&distroversion=v3.22&reponame=community
10
url pkg:apk/alpine/containerd@1.6.18-r0?arch=riscv64&distroversion=v3.22&reponame=community
purl pkg:apk/alpine/containerd@1.6.18-r0?arch=riscv64&distroversion=v3.22&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/containerd@1.6.18-r0%3Farch=riscv64&distroversion=v3.22&reponame=community
11
url pkg:apk/alpine/containerd@1.6.18-r0?arch=s390x&distroversion=v3.22&reponame=community
purl pkg:apk/alpine/containerd@1.6.18-r0?arch=s390x&distroversion=v3.22&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/containerd@1.6.18-r0%3Farch=s390x&distroversion=v3.22&reponame=community
12
url pkg:apk/alpine/containerd@1.6.18-r0?arch=x86&distroversion=v3.22&reponame=community
purl pkg:apk/alpine/containerd@1.6.18-r0?arch=x86&distroversion=v3.22&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/containerd@1.6.18-r0%3Farch=x86&distroversion=v3.22&reponame=community
13
url pkg:apk/alpine/containerd@1.6.18-r0?arch=x86_64&distroversion=v3.22&reponame=community
purl pkg:apk/alpine/containerd@1.6.18-r0?arch=x86_64&distroversion=v3.22&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/containerd@1.6.18-r0%3Farch=x86_64&distroversion=v3.22&reponame=community
14
url pkg:apk/alpine/containerd@1.6.18-r0?arch=aarch64&distroversion=v3.23&reponame=community
purl pkg:apk/alpine/containerd@1.6.18-r0?arch=aarch64&distroversion=v3.23&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/containerd@1.6.18-r0%3Farch=aarch64&distroversion=v3.23&reponame=community
15
url pkg:apk/alpine/containerd@1.6.18-r0?arch=armhf&distroversion=v3.23&reponame=community
purl pkg:apk/alpine/containerd@1.6.18-r0?arch=armhf&distroversion=v3.23&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/containerd@1.6.18-r0%3Farch=armhf&distroversion=v3.23&reponame=community
16
url pkg:apk/alpine/containerd@1.6.18-r0?arch=armv7&distroversion=v3.23&reponame=community
purl pkg:apk/alpine/containerd@1.6.18-r0?arch=armv7&distroversion=v3.23&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/containerd@1.6.18-r0%3Farch=armv7&distroversion=v3.23&reponame=community
17
url pkg:apk/alpine/containerd@1.6.18-r0?arch=ppc64le&distroversion=v3.23&reponame=community
purl pkg:apk/alpine/containerd@1.6.18-r0?arch=ppc64le&distroversion=v3.23&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/containerd@1.6.18-r0%3Farch=ppc64le&distroversion=v3.23&reponame=community
18
url pkg:apk/alpine/containerd@1.6.18-r0?arch=riscv64&distroversion=v3.23&reponame=community
purl pkg:apk/alpine/containerd@1.6.18-r0?arch=riscv64&distroversion=v3.23&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/containerd@1.6.18-r0%3Farch=riscv64&distroversion=v3.23&reponame=community
19
url pkg:apk/alpine/containerd@1.6.18-r0?arch=s390x&distroversion=v3.23&reponame=community
purl pkg:apk/alpine/containerd@1.6.18-r0?arch=s390x&distroversion=v3.23&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/containerd@1.6.18-r0%3Farch=s390x&distroversion=v3.23&reponame=community
20
url pkg:apk/alpine/containerd@1.6.18-r0?arch=x86&distroversion=v3.23&reponame=community
purl pkg:apk/alpine/containerd@1.6.18-r0?arch=x86&distroversion=v3.23&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/containerd@1.6.18-r0%3Farch=x86&distroversion=v3.23&reponame=community
21
url pkg:apk/alpine/containerd@1.6.18-r0?arch=x86_64&distroversion=v3.23&reponame=community
purl pkg:apk/alpine/containerd@1.6.18-r0?arch=x86_64&distroversion=v3.23&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/containerd@1.6.18-r0%3Farch=x86_64&distroversion=v3.23&reponame=community
22
url pkg:apk/alpine/containerd@1.6.18-r0?arch=armhf&distroversion=v3.19&reponame=community
purl pkg:apk/alpine/containerd@1.6.18-r0?arch=armhf&distroversion=v3.19&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/containerd@1.6.18-r0%3Farch=armhf&distroversion=v3.19&reponame=community
23
url pkg:apk/alpine/containerd@1.6.18-r0?arch=armv7&distroversion=v3.19&reponame=community
purl pkg:apk/alpine/containerd@1.6.18-r0?arch=armv7&distroversion=v3.19&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/containerd@1.6.18-r0%3Farch=armv7&distroversion=v3.19&reponame=community
24
url pkg:apk/alpine/containerd@1.6.18-r0?arch=ppc64le&distroversion=v3.19&reponame=community
purl pkg:apk/alpine/containerd@1.6.18-r0?arch=ppc64le&distroversion=v3.19&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/containerd@1.6.18-r0%3Farch=ppc64le&distroversion=v3.19&reponame=community
25
url pkg:apk/alpine/containerd@1.6.18-r0?arch=s390x&distroversion=v3.19&reponame=community
purl pkg:apk/alpine/containerd@1.6.18-r0?arch=s390x&distroversion=v3.19&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/containerd@1.6.18-r0%3Farch=s390x&distroversion=v3.19&reponame=community
26
url pkg:apk/alpine/containerd@1.6.18-r0?arch=x86&distroversion=v3.19&reponame=community
purl pkg:apk/alpine/containerd@1.6.18-r0?arch=x86&distroversion=v3.19&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/containerd@1.6.18-r0%3Farch=x86&distroversion=v3.19&reponame=community
27
url pkg:apk/alpine/containerd@1.6.18-r0?arch=x86_64&distroversion=v3.19&reponame=community
purl pkg:apk/alpine/containerd@1.6.18-r0?arch=x86_64&distroversion=v3.19&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/containerd@1.6.18-r0%3Farch=x86_64&distroversion=v3.19&reponame=community
28
url pkg:apk/alpine/containerd@1.6.18-r0?arch=aarch64&distroversion=v3.20&reponame=community
purl pkg:apk/alpine/containerd@1.6.18-r0?arch=aarch64&distroversion=v3.20&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/containerd@1.6.18-r0%3Farch=aarch64&distroversion=v3.20&reponame=community
29
url pkg:apk/alpine/containerd@1.6.18-r0?arch=armhf&distroversion=v3.20&reponame=community
purl pkg:apk/alpine/containerd@1.6.18-r0?arch=armhf&distroversion=v3.20&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/containerd@1.6.18-r0%3Farch=armhf&distroversion=v3.20&reponame=community
30
url pkg:apk/alpine/containerd@1.6.18-r0?arch=riscv64&distroversion=v3.20&reponame=community
purl pkg:apk/alpine/containerd@1.6.18-r0?arch=riscv64&distroversion=v3.20&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/containerd@1.6.18-r0%3Farch=riscv64&distroversion=v3.20&reponame=community
31
url pkg:apk/alpine/containerd@1.6.18-r0?arch=s390x&distroversion=v3.20&reponame=community
purl pkg:apk/alpine/containerd@1.6.18-r0?arch=s390x&distroversion=v3.20&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/containerd@1.6.18-r0%3Farch=s390x&distroversion=v3.20&reponame=community
32
url pkg:apk/alpine/containerd@1.6.18-r0?arch=x86&distroversion=v3.20&reponame=community
purl pkg:apk/alpine/containerd@1.6.18-r0?arch=x86&distroversion=v3.20&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/containerd@1.6.18-r0%3Farch=x86&distroversion=v3.20&reponame=community
33
url pkg:apk/alpine/containerd@1.6.18-r0?arch=x86_64&distroversion=v3.20&reponame=community
purl pkg:apk/alpine/containerd@1.6.18-r0?arch=x86_64&distroversion=v3.20&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/containerd@1.6.18-r0%3Farch=x86_64&distroversion=v3.20&reponame=community
34
url pkg:apk/alpine/containerd@1.6.18-r0?arch=aarch64&distroversion=v3.21&reponame=community
purl pkg:apk/alpine/containerd@1.6.18-r0?arch=aarch64&distroversion=v3.21&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/containerd@1.6.18-r0%3Farch=aarch64&distroversion=v3.21&reponame=community
35
url pkg:apk/alpine/containerd@1.6.18-r0?arch=armhf&distroversion=v3.21&reponame=community
purl pkg:apk/alpine/containerd@1.6.18-r0?arch=armhf&distroversion=v3.21&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/containerd@1.6.18-r0%3Farch=armhf&distroversion=v3.21&reponame=community
36
url pkg:apk/alpine/containerd@1.6.18-r0?arch=armv7&distroversion=v3.21&reponame=community
purl pkg:apk/alpine/containerd@1.6.18-r0?arch=armv7&distroversion=v3.21&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/containerd@1.6.18-r0%3Farch=armv7&distroversion=v3.21&reponame=community
37
url pkg:apk/alpine/containerd@1.6.18-r0?arch=riscv64&distroversion=v3.21&reponame=community
purl pkg:apk/alpine/containerd@1.6.18-r0?arch=riscv64&distroversion=v3.21&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/containerd@1.6.18-r0%3Farch=riscv64&distroversion=v3.21&reponame=community
38
url pkg:apk/alpine/containerd@1.6.18-r0?arch=s390x&distroversion=v3.21&reponame=community
purl pkg:apk/alpine/containerd@1.6.18-r0?arch=s390x&distroversion=v3.21&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/containerd@1.6.18-r0%3Farch=s390x&distroversion=v3.21&reponame=community
39
url pkg:apk/alpine/containerd@1.6.18-r0?arch=x86&distroversion=v3.21&reponame=community
purl pkg:apk/alpine/containerd@1.6.18-r0?arch=x86&distroversion=v3.21&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/containerd@1.6.18-r0%3Farch=x86&distroversion=v3.21&reponame=community
40
url pkg:apk/alpine/containerd@1.6.18-r0?arch=x86_64&distroversion=v3.21&reponame=community
purl pkg:apk/alpine/containerd@1.6.18-r0?arch=x86_64&distroversion=v3.21&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/containerd@1.6.18-r0%3Farch=x86_64&distroversion=v3.21&reponame=community
41
url pkg:apk/alpine/containerd@1.6.18-r0?arch=ppc64le&distroversion=v3.18&reponame=community
purl pkg:apk/alpine/containerd@1.6.18-r0?arch=ppc64le&distroversion=v3.18&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/containerd@1.6.18-r0%3Farch=ppc64le&distroversion=v3.18&reponame=community
42
url pkg:apk/alpine/containerd@1.6.18-r0?arch=aarch64&distroversion=v3.17&reponame=community
purl pkg:apk/alpine/containerd@1.6.18-r0?arch=aarch64&distroversion=v3.17&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/containerd@1.6.18-r0%3Farch=aarch64&distroversion=v3.17&reponame=community
43
url pkg:apk/alpine/containerd@1.6.18-r0?arch=armhf&distroversion=v3.17&reponame=community
purl pkg:apk/alpine/containerd@1.6.18-r0?arch=armhf&distroversion=v3.17&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/containerd@1.6.18-r0%3Farch=armhf&distroversion=v3.17&reponame=community
44
url pkg:apk/alpine/containerd@1.6.18-r0?arch=armv7&distroversion=v3.17&reponame=community
purl pkg:apk/alpine/containerd@1.6.18-r0?arch=armv7&distroversion=v3.17&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/containerd@1.6.18-r0%3Farch=armv7&distroversion=v3.17&reponame=community
45
url pkg:apk/alpine/containerd@1.6.18-r0?arch=ppc64le&distroversion=v3.17&reponame=community
purl pkg:apk/alpine/containerd@1.6.18-r0?arch=ppc64le&distroversion=v3.17&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/containerd@1.6.18-r0%3Farch=ppc64le&distroversion=v3.17&reponame=community
46
url pkg:apk/alpine/containerd@1.6.18-r0?arch=s390x&distroversion=v3.17&reponame=community
purl pkg:apk/alpine/containerd@1.6.18-r0?arch=s390x&distroversion=v3.17&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/containerd@1.6.18-r0%3Farch=s390x&distroversion=v3.17&reponame=community
47
url pkg:apk/alpine/containerd@1.6.18-r0?arch=x86&distroversion=v3.17&reponame=community
purl pkg:apk/alpine/containerd@1.6.18-r0?arch=x86&distroversion=v3.17&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/containerd@1.6.18-r0%3Farch=x86&distroversion=v3.17&reponame=community
48
url pkg:apk/alpine/containerd@1.6.18-r0?arch=aarch64&distroversion=edge&reponame=community
purl pkg:apk/alpine/containerd@1.6.18-r0?arch=aarch64&distroversion=edge&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/containerd@1.6.18-r0%3Farch=aarch64&distroversion=edge&reponame=community
49
url pkg:apk/alpine/containerd@1.6.18-r0?arch=armhf&distroversion=edge&reponame=community
purl pkg:apk/alpine/containerd@1.6.18-r0?arch=armhf&distroversion=edge&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/containerd@1.6.18-r0%3Farch=armhf&distroversion=edge&reponame=community
50
url pkg:apk/alpine/containerd@1.6.18-r0?arch=armv7&distroversion=edge&reponame=community
purl pkg:apk/alpine/containerd@1.6.18-r0?arch=armv7&distroversion=edge&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/containerd@1.6.18-r0%3Farch=armv7&distroversion=edge&reponame=community
51
url pkg:apk/alpine/containerd@1.6.18-r0?arch=loongarch64&distroversion=edge&reponame=community
purl pkg:apk/alpine/containerd@1.6.18-r0?arch=loongarch64&distroversion=edge&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/containerd@1.6.18-r0%3Farch=loongarch64&distroversion=edge&reponame=community
52
url pkg:apk/alpine/containerd@1.6.18-r0?arch=ppc64le&distroversion=edge&reponame=community
purl pkg:apk/alpine/containerd@1.6.18-r0?arch=ppc64le&distroversion=edge&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/containerd@1.6.18-r0%3Farch=ppc64le&distroversion=edge&reponame=community
53
url pkg:apk/alpine/containerd@1.6.18-r0?arch=riscv64&distroversion=edge&reponame=community
purl pkg:apk/alpine/containerd@1.6.18-r0?arch=riscv64&distroversion=edge&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/containerd@1.6.18-r0%3Farch=riscv64&distroversion=edge&reponame=community
54
url pkg:apk/alpine/containerd@1.6.18-r0?arch=s390x&distroversion=edge&reponame=community
purl pkg:apk/alpine/containerd@1.6.18-r0?arch=s390x&distroversion=edge&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/containerd@1.6.18-r0%3Farch=s390x&distroversion=edge&reponame=community
55
url pkg:apk/alpine/containerd@1.6.18-r0?arch=loongarch64&distroversion=v3.22&reponame=community
purl pkg:apk/alpine/containerd@1.6.18-r0?arch=loongarch64&distroversion=v3.22&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/containerd@1.6.18-r0%3Farch=loongarch64&distroversion=v3.22&reponame=community
56
url pkg:apk/alpine/containerd@1.6.18-r0?arch=loongarch64&distroversion=v3.23&reponame=community
purl pkg:apk/alpine/containerd@1.6.18-r0?arch=loongarch64&distroversion=v3.23&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/containerd@1.6.18-r0%3Farch=loongarch64&distroversion=v3.23&reponame=community
57
url pkg:apk/alpine/containerd@1.6.18-r0?arch=aarch64&distroversion=v3.19&reponame=community
purl pkg:apk/alpine/containerd@1.6.18-r0?arch=aarch64&distroversion=v3.19&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/containerd@1.6.18-r0%3Farch=aarch64&distroversion=v3.19&reponame=community
58
url pkg:apk/alpine/containerd@1.6.18-r0?arch=armv7&distroversion=v3.20&reponame=community
purl pkg:apk/alpine/containerd@1.6.18-r0?arch=armv7&distroversion=v3.20&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/containerd@1.6.18-r0%3Farch=armv7&distroversion=v3.20&reponame=community
59
url pkg:apk/alpine/containerd@1.6.18-r0?arch=loongarch64&distroversion=v3.21&reponame=community
purl pkg:apk/alpine/containerd@1.6.18-r0?arch=loongarch64&distroversion=v3.21&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/containerd@1.6.18-r0%3Farch=loongarch64&distroversion=v3.21&reponame=community
60
url pkg:apk/alpine/containerd@1.6.18-r0?arch=ppc64le&distroversion=v3.21&reponame=community
purl pkg:apk/alpine/containerd@1.6.18-r0?arch=ppc64le&distroversion=v3.21&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/containerd@1.6.18-r0%3Farch=ppc64le&distroversion=v3.21&reponame=community
61
url pkg:apk/alpine/containerd@1.6.18-r0?arch=aarch64&distroversion=v3.18&reponame=community
purl pkg:apk/alpine/containerd@1.6.18-r0?arch=aarch64&distroversion=v3.18&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/containerd@1.6.18-r0%3Farch=aarch64&distroversion=v3.18&reponame=community
62
url pkg:apk/alpine/containerd@1.6.18-r0?arch=armhf&distroversion=v3.18&reponame=community
purl pkg:apk/alpine/containerd@1.6.18-r0?arch=armhf&distroversion=v3.18&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/containerd@1.6.18-r0%3Farch=armhf&distroversion=v3.18&reponame=community
63
url pkg:apk/alpine/containerd@1.6.18-r0?arch=x86&distroversion=edge&reponame=community
purl pkg:apk/alpine/containerd@1.6.18-r0?arch=x86&distroversion=edge&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/containerd@1.6.18-r0%3Farch=x86&distroversion=edge&reponame=community
64
url pkg:apk/alpine/containerd@1.6.18-r0?arch=armv7&distroversion=v3.22&reponame=community
purl pkg:apk/alpine/containerd@1.6.18-r0?arch=armv7&distroversion=v3.22&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/containerd@1.6.18-r0%3Farch=armv7&distroversion=v3.22&reponame=community
65
url pkg:deb/debian/containerd@1.4.13~ds1-1~deb11u4?distro=trixie
purl pkg:deb/debian/containerd@1.4.13~ds1-1~deb11u4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/containerd@1.4.13~ds1-1~deb11u4%3Fdistro=trixie
66
url pkg:deb/debian/containerd@1.4.13~ds1-1~deb11u4
purl pkg:deb/debian/containerd@1.4.13~ds1-1~deb11u4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-f2yv-ut5v-m7ey
1
vulnerability VCID-twq1-g136-9kc3
2
vulnerability VCID-xd4a-qav4-uqd1
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/containerd@1.4.13~ds1-1~deb11u4
67
url pkg:deb/debian/containerd@1.6.18~ds1-1?distro=trixie
purl pkg:deb/debian/containerd@1.6.18~ds1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/containerd@1.6.18~ds1-1%3Fdistro=trixie
68
url pkg:deb/debian/containerd@1.6.20~ds1-1%2Bdeb12u2?distro=trixie
purl pkg:deb/debian/containerd@1.6.20~ds1-1%2Bdeb12u2?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-xd4a-qav4-uqd1
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/containerd@1.6.20~ds1-1%252Bdeb12u2%3Fdistro=trixie
69
url pkg:deb/debian/containerd@1.7.24~ds1-6%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/containerd@1.7.24~ds1-6%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/containerd@1.7.24~ds1-6%252Bdeb13u1%3Fdistro=trixie
70
url pkg:deb/debian/containerd@2.1.4~ds2-8?distro=trixie
purl pkg:deb/debian/containerd@2.1.4~ds2-8?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/containerd@2.1.4~ds2-8%3Fdistro=trixie
71
url pkg:deb/debian/containerd@2.1.6%2Bds1-1?distro=trixie
purl pkg:deb/debian/containerd@2.1.6%2Bds1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/containerd@2.1.6%252Bds1-1%3Fdistro=trixie
72
url pkg:ebuild/app-containers/containerd@1.6.19
purl pkg:ebuild/app-containers/containerd@1.6.19
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/app-containers/containerd@1.6.19
73
url pkg:golang/github.com/containerd/containerd@1.5.18
purl pkg:golang/github.com/containerd/containerd@1.5.18
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:golang/github.com/containerd/containerd@1.5.18
74
url pkg:golang/github.com/containerd/containerd@1.6.18
purl pkg:golang/github.com/containerd/containerd@1.6.18
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:golang/github.com/containerd/containerd@1.6.18
Affected_packages
0
url pkg:deb/debian/containerd@1.4.5~ds1-2
purl pkg:deb/debian/containerd@1.4.5~ds1-2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1ucu-ewxj-xfhp
1
vulnerability VCID-3brf-dmwm-qkgj
2
vulnerability VCID-9qpc-77v8-13hw
3
vulnerability VCID-f2yv-ut5v-m7ey
4
vulnerability VCID-kuwr-ugf2-rke4
5
vulnerability VCID-tc5s-4nx2-y7d9
6
vulnerability VCID-twq1-g136-9kc3
7
vulnerability VCID-xd4a-qav4-uqd1
8
vulnerability VCID-yyye-gaug-8uh2
9
vulnerability VCID-zedh-ff93-yka4
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/containerd@1.4.5~ds1-2
1
url pkg:deb/debian/containerd@1.4.13~ds1-1~deb11u2
purl pkg:deb/debian/containerd@1.4.13~ds1-1~deb11u2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3brf-dmwm-qkgj
1
vulnerability VCID-f2yv-ut5v-m7ey
2
vulnerability VCID-tc5s-4nx2-y7d9
3
vulnerability VCID-twq1-g136-9kc3
4
vulnerability VCID-xd4a-qav4-uqd1
5
vulnerability VCID-yyye-gaug-8uh2
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/containerd@1.4.13~ds1-1~deb11u2
2
url pkg:rpm/redhat/buildah@1:1.31.3-1?arch=el9
purl pkg:rpm/redhat/buildah@1:1.31.3-1?arch=el9
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3brf-dmwm-qkgj
1
vulnerability VCID-4ufj-v5z1-huec
2
vulnerability VCID-a473-9skg-tkbn
3
vulnerability VCID-b9yc-jqye-afan
4
vulnerability VCID-e44x-a9xm-6ke9
5
vulnerability VCID-evjj-hwvm-fbca
6
vulnerability VCID-jbd8-1tkr-4bb2
7
vulnerability VCID-rh89-8td9-tudk
8
vulnerability VCID-sdd3-35ng-g7a3
9
vulnerability VCID-uvxd-979q-ybdy
10
vulnerability VCID-zg2y-sb18-p3ah
resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/buildah@1:1.31.3-1%3Farch=el9
3
url pkg:rpm/redhat/openshift-serverless-clients@1.8.1-3?arch=el8
purl pkg:rpm/redhat/openshift-serverless-clients@1.8.1-3?arch=el8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3brf-dmwm-qkgj
1
vulnerability VCID-4ufj-v5z1-huec
2
vulnerability VCID-b9yc-jqye-afan
3
vulnerability VCID-e44x-a9xm-6ke9
4
vulnerability VCID-evjj-hwvm-fbca
5
vulnerability VCID-sdd3-35ng-g7a3
6
vulnerability VCID-yr11-kwf1-pqfz
7
vulnerability VCID-zg2y-sb18-p3ah
resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/openshift-serverless-clients@1.8.1-3%3Farch=el8
4
url pkg:rpm/redhat/podman@2:4.6.1-5?arch=el9
purl pkg:rpm/redhat/podman@2:4.6.1-5?arch=el9
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3brf-dmwm-qkgj
1
vulnerability VCID-4ufj-v5z1-huec
2
vulnerability VCID-a473-9skg-tkbn
3
vulnerability VCID-b9yc-jqye-afan
4
vulnerability VCID-e44x-a9xm-6ke9
5
vulnerability VCID-evjj-hwvm-fbca
6
vulnerability VCID-jbd8-1tkr-4bb2
7
vulnerability VCID-k6de-54xk-dkfv
8
vulnerability VCID-rh89-8td9-tudk
9
vulnerability VCID-sdd3-35ng-g7a3
10
vulnerability VCID-uvxd-979q-ybdy
11
vulnerability VCID-yr11-kwf1-pqfz
12
vulnerability VCID-zg2y-sb18-p3ah
resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/podman@2:4.6.1-5%3Farch=el9
References
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-25173.json
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-25173.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-25173
reference_id
reference_type
scores
0
value 0.00022
scoring_system epss
scoring_elements 0.05739
published_at 2026-04-02T12:55:00Z
1
value 0.00022
scoring_system epss
scoring_elements 0.05779
published_at 2026-04-04T12:55:00Z
2
value 0.00025
scoring_system epss
scoring_elements 0.06778
published_at 2026-04-13T12:55:00Z
3
value 0.00025
scoring_system epss
scoring_elements 0.06784
published_at 2026-04-12T12:55:00Z
4
value 0.00025
scoring_system epss
scoring_elements 0.06791
published_at 2026-04-11T12:55:00Z
5
value 0.00025
scoring_system epss
scoring_elements 0.06759
published_at 2026-04-08T12:55:00Z
6
value 0.00025
scoring_system epss
scoring_elements 0.06708
published_at 2026-04-07T12:55:00Z
7
value 0.00025
scoring_system epss
scoring_elements 0.06699
published_at 2026-04-18T12:55:00Z
8
value 0.00025
scoring_system epss
scoring_elements 0.06709
published_at 2026-04-16T12:55:00Z
9
value 0.00025
scoring_system epss
scoring_elements 0.06859
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-25173
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25173
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25173
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/advisories/GHSA-4wjj-jwc9-2x96
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
1
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-10T21:00:44Z/
url https://github.com/advisories/GHSA-4wjj-jwc9-2x96
5
reference_url https://github.com/advisories/GHSA-fjm8-m7m6-2fjp
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
1
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-10T21:00:44Z/
url https://github.com/advisories/GHSA-fjm8-m7m6-2fjp
6
reference_url https://github.com/advisories/GHSA-phjr-8j92-w5v7
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
1
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-10T21:00:44Z/
url https://github.com/advisories/GHSA-phjr-8j92-w5v7
7
reference_url https://github.com/containerd/containerd
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/containerd/containerd
8
reference_url https://github.com/containerd/containerd/commit/133f6bb6cd827ce35a5fb279c1ead12b9d21460a
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
1
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-10T21:00:44Z/
url https://github.com/containerd/containerd/commit/133f6bb6cd827ce35a5fb279c1ead12b9d21460a
9
reference_url https://github.com/containerd/containerd/releases/tag/v1.5.18
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
1
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-10T21:00:44Z/
url https://github.com/containerd/containerd/releases/tag/v1.5.18
10
reference_url https://github.com/containerd/containerd/releases/tag/v1.6.18
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
1
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-10T21:00:44Z/
url https://github.com/containerd/containerd/releases/tag/v1.6.18
11
reference_url https://github.com/containerd/containerd/security/advisories/GHSA-hmfx-3pcx-653p
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
1
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-10T21:00:44Z/
url https://github.com/containerd/containerd/security/advisories/GHSA-hmfx-3pcx-653p
12
reference_url https://github.com/moby/moby/security/advisories/GHSA-rc4r-wh2q-q6c4
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
1
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-10T21:00:44Z/
url https://github.com/moby/moby/security/advisories/GHSA-rc4r-wh2q-q6c4
13
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LYZOKMMVX4SIEHPJW3SJUQGMO5YZCPHC
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LYZOKMMVX4SIEHPJW3SJUQGMO5YZCPHC
14
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XNF4OLYZRQE75EB5TW5N42FSXHBXGWFE
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XNF4OLYZRQE75EB5TW5N42FSXHBXGWFE
15
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZTE4ITXXPIWZEQ4HYQCB6N6GZIMWXDAI
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZTE4ITXXPIWZEQ4HYQCB6N6GZIMWXDAI
16
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-25173
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2023-25173
17
reference_url https://pkg.go.dev/vuln/GO-2023-1574
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://pkg.go.dev/vuln/GO-2023-1574
18
reference_url https://www.benthamsgaze.org/2022/08/22/vulnerability-in-linux-containers-investigation-and-mitigation
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.benthamsgaze.org/2022/08/22/vulnerability-in-linux-containers-investigation-and-mitigation
19
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2174485
reference_id 2174485
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2174485
20
reference_url https://security.gentoo.org/glsa/202408-01
reference_id GLSA-202408-01
reference_type
scores
url https://security.gentoo.org/glsa/202408-01
21
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LYZOKMMVX4SIEHPJW3SJUQGMO5YZCPHC/
reference_id LYZOKMMVX4SIEHPJW3SJUQGMO5YZCPHC
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-10T21:00:44Z/
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LYZOKMMVX4SIEHPJW3SJUQGMO5YZCPHC/
22
reference_url https://access.redhat.com/errata/RHSA-2023:1326
reference_id RHSA-2023:1326
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:1326
23
reference_url https://access.redhat.com/errata/RHSA-2023:1372
reference_id RHSA-2023:1372
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:1372
24
reference_url https://access.redhat.com/errata/RHSA-2023:2107
reference_id RHSA-2023:2107
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:2107
25
reference_url https://access.redhat.com/errata/RHSA-2023:3450
reference_id RHSA-2023:3450
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:3450
26
reference_url https://access.redhat.com/errata/RHSA-2023:3455
reference_id RHSA-2023:3455
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:3455
27
reference_url https://access.redhat.com/errata/RHSA-2023:3537
reference_id RHSA-2023:3537
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:3537
28
reference_url https://access.redhat.com/errata/RHSA-2023:4025
reference_id RHSA-2023:4025
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:4025
29
reference_url https://access.redhat.com/errata/RHSA-2023:4226
reference_id RHSA-2023:4226
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:4226
30
reference_url https://access.redhat.com/errata/RHSA-2023:4488
reference_id RHSA-2023:4488
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:4488
31
reference_url https://access.redhat.com/errata/RHSA-2023:4671
reference_id RHSA-2023:4671
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:4671
32
reference_url https://access.redhat.com/errata/RHSA-2023:5006
reference_id RHSA-2023:5006
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5006
33
reference_url https://access.redhat.com/errata/RHSA-2023:5314
reference_id RHSA-2023:5314
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5314
34
reference_url https://access.redhat.com/errata/RHSA-2023:6473
reference_id RHSA-2023:6473
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:6473
35
reference_url https://access.redhat.com/errata/RHSA-2023:6474
reference_id RHSA-2023:6474
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:6474
36
reference_url https://access.redhat.com/errata/RHSA-2023:6817
reference_id RHSA-2023:6817
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:6817
37
reference_url https://access.redhat.com/errata/RHSA-2023:6939
reference_id RHSA-2023:6939
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:6939
38
reference_url https://usn.ubuntu.com/6202-1/
reference_id USN-6202-1
reference_type
scores
url https://usn.ubuntu.com/6202-1/
39
reference_url https://www.benthamsgaze.org/2022/08/22/vulnerability-in-linux-containers-investigation-and-mitigation/
reference_id vulnerability-in-linux-containers-investigation-and-mitigation
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-10T21:00:44Z/
url https://www.benthamsgaze.org/2022/08/22/vulnerability-in-linux-containers-investigation-and-mitigation/
40
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XNF4OLYZRQE75EB5TW5N42FSXHBXGWFE/
reference_id XNF4OLYZRQE75EB5TW5N42FSXHBXGWFE
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-10T21:00:44Z/
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XNF4OLYZRQE75EB5TW5N42FSXHBXGWFE/
41
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZTE4ITXXPIWZEQ4HYQCB6N6GZIMWXDAI/
reference_id ZTE4ITXXPIWZEQ4HYQCB6N6GZIMWXDAI
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-10T21:00:44Z/
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZTE4ITXXPIWZEQ4HYQCB6N6GZIMWXDAI/
Weaknesses
0
cwe_id 269
name Improper Privilege Management
description The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.
1
cwe_id 863
name Incorrect Authorization
description The product performs an authorization check when an actor attempts to access a resource or perform an action, but it does not correctly perform the check. This allows attackers to bypass intended access restrictions.
2
cwe_id 842
name Placement of User into Incorrect Group
description The product or the administrator places a user into an incorrect group.
Exploits
Severity_range_score4.0 - 7.3
Exploitability0.5
Weighted_severity6.6
Risk_score3.3
Resource_urlhttp://public2.vulnerablecode.io/vulnerabilities/VCID-3brf-dmwm-qkgj