Django REST framework

Lookup for vulnerabilities affecting packages.

Vulnerability_id VCID-d42a-4prp-m7hb

Summary

Unprivileged pod using `hostPath` can side-step active LSM when it is SELinux
### Impact

Containers launched through containerd’s CRI implementation on Linux systems which use the SELinux security module and containerd versions since v1.5.0 can cause arbitrary files and directories on the host to be relabeled to match the container process label through the use of specially-configured bind mounts in a hostPath volume. This relabeling elevates permissions for the container, granting full read/write access over the affected files and directories. Kubernetes and crictl can both be configured to use containerd’s CRI implementation.

If you are not using containerd’s CRI implementation (through one of the mechanisms described above), you are not affected by this issue.

### Patches

This bug has been fixed in containerd 1.5.9.  Because file labels persist independently of containerd, users should both update to these versions as soon as they are released and validate that all files on their host are correctly labeled.

### Workarounds

Ensure that no sensitive files or directories are used as a hostPath volume source location.  Policy enforcement mechanisms such a Kubernetes Pod Security Policy [AllowedHostPaths](https://kubernetes.io/docs/concepts/policy/pod-security-policy/#volumes-and-file-systems) may be specified to limit the files and directories that can be bind-mounted to containers.

### For more information

If you have any questions or comments about this advisory:

* Open an issue in [containerd](https://github.com/containerd/containerd/issues/new/choose)
* Email us at [security@containerd.io](mailto:security@containerd.io)

Aliases

alias	CVE-2021-43816

alias	GHSA-mvff-h3cj-wj9c

Fixed_packages

url	pkg:apk/alpine/containerd@1.5.9-r0?arch=aarch64&distroversion=v3.23&reponame=community
purl	pkg:apk/alpine/containerd@1.5.9-r0?arch=aarch64&distroversion=v3.23&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/containerd@1.5.9-r0%3Farch=aarch64&distroversion=v3.23&reponame=community

url	pkg:apk/alpine/containerd@1.5.9-r0?arch=ppc64le&distroversion=v3.23&reponame=community
purl	pkg:apk/alpine/containerd@1.5.9-r0?arch=ppc64le&distroversion=v3.23&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/containerd@1.5.9-r0%3Farch=ppc64le&distroversion=v3.23&reponame=community

url	pkg:apk/alpine/containerd@1.5.9-r0?arch=aarch64&distroversion=edge&reponame=community
purl	pkg:apk/alpine/containerd@1.5.9-r0?arch=aarch64&distroversion=edge&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/containerd@1.5.9-r0%3Farch=aarch64&distroversion=edge&reponame=community

url	pkg:apk/alpine/containerd@1.5.9-r0?arch=s390x&distroversion=edge&reponame=community
purl	pkg:apk/alpine/containerd@1.5.9-r0?arch=s390x&distroversion=edge&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/containerd@1.5.9-r0%3Farch=s390x&distroversion=edge&reponame=community

url	pkg:apk/alpine/containerd@1.5.9-r0?arch=x86&distroversion=edge&reponame=community
purl	pkg:apk/alpine/containerd@1.5.9-r0?arch=x86&distroversion=edge&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/containerd@1.5.9-r0%3Farch=x86&distroversion=edge&reponame=community

url	pkg:apk/alpine/containerd@1.5.9-r0?arch=x86_64&distroversion=edge&reponame=community
purl	pkg:apk/alpine/containerd@1.5.9-r0?arch=x86_64&distroversion=edge&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/containerd@1.5.9-r0%3Farch=x86_64&distroversion=edge&reponame=community

url	pkg:apk/alpine/containerd@1.5.9-r0?arch=aarch64&distroversion=v3.15&reponame=community
purl	pkg:apk/alpine/containerd@1.5.9-r0?arch=aarch64&distroversion=v3.15&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/containerd@1.5.9-r0%3Farch=aarch64&distroversion=v3.15&reponame=community

url	pkg:apk/alpine/containerd@1.5.9-r0?arch=armv7&distroversion=v3.15&reponame=community
purl	pkg:apk/alpine/containerd@1.5.9-r0?arch=armv7&distroversion=v3.15&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/containerd@1.5.9-r0%3Farch=armv7&distroversion=v3.15&reponame=community

url	pkg:apk/alpine/containerd@1.5.9-r0?arch=x86_64&distroversion=v3.15&reponame=community
purl	pkg:apk/alpine/containerd@1.5.9-r0?arch=x86_64&distroversion=v3.15&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/containerd@1.5.9-r0%3Farch=x86_64&distroversion=v3.15&reponame=community

url	pkg:apk/alpine/containerd@1.5.9-r0?arch=armhf&distroversion=v3.19&reponame=community
purl	pkg:apk/alpine/containerd@1.5.9-r0?arch=armhf&distroversion=v3.19&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/containerd@1.5.9-r0%3Farch=armhf&distroversion=v3.19&reponame=community

url	pkg:apk/alpine/containerd@1.5.9-r0?arch=armv7&distroversion=v3.18&reponame=community
purl	pkg:apk/alpine/containerd@1.5.9-r0?arch=armv7&distroversion=v3.18&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/containerd@1.5.9-r0%3Farch=armv7&distroversion=v3.18&reponame=community

url	pkg:apk/alpine/containerd@1.5.9-r0?arch=ppc64le&distroversion=v3.18&reponame=community
purl	pkg:apk/alpine/containerd@1.5.9-r0?arch=ppc64le&distroversion=v3.18&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/containerd@1.5.9-r0%3Farch=ppc64le&distroversion=v3.18&reponame=community

url	pkg:apk/alpine/containerd@1.5.9-r0?arch=s390x&distroversion=v3.18&reponame=community
purl	pkg:apk/alpine/containerd@1.5.9-r0?arch=s390x&distroversion=v3.18&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/containerd@1.5.9-r0%3Farch=s390x&distroversion=v3.18&reponame=community

url	pkg:apk/alpine/containerd@1.5.9-r0?arch=armhf&distroversion=v3.23&reponame=community
purl	pkg:apk/alpine/containerd@1.5.9-r0?arch=armhf&distroversion=v3.23&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/containerd@1.5.9-r0%3Farch=armhf&distroversion=v3.23&reponame=community

url	pkg:apk/alpine/containerd@1.5.9-r0?arch=loongarch64&distroversion=v3.23&reponame=community
purl	pkg:apk/alpine/containerd@1.5.9-r0?arch=loongarch64&distroversion=v3.23&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/containerd@1.5.9-r0%3Farch=loongarch64&distroversion=v3.23&reponame=community

url	pkg:apk/alpine/containerd@1.5.9-r0?arch=x86_64&distroversion=v3.17&reponame=community
purl	pkg:apk/alpine/containerd@1.5.9-r0?arch=x86_64&distroversion=v3.17&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/containerd@1.5.9-r0%3Farch=x86_64&distroversion=v3.17&reponame=community

url	pkg:apk/alpine/containerd@1.5.9-r0?arch=armhf&distroversion=v3.21&reponame=community
purl	pkg:apk/alpine/containerd@1.5.9-r0?arch=armhf&distroversion=v3.21&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/containerd@1.5.9-r0%3Farch=armhf&distroversion=v3.21&reponame=community

url	pkg:apk/alpine/containerd@1.5.9-r0?arch=armv7&distroversion=v3.21&reponame=community
purl	pkg:apk/alpine/containerd@1.5.9-r0?arch=armv7&distroversion=v3.21&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/containerd@1.5.9-r0%3Farch=armv7&distroversion=v3.21&reponame=community

url	pkg:apk/alpine/containerd@1.5.9-r0?arch=ppc64le&distroversion=v3.15&reponame=community
purl	pkg:apk/alpine/containerd@1.5.9-r0?arch=ppc64le&distroversion=v3.15&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/containerd@1.5.9-r0%3Farch=ppc64le&distroversion=v3.15&reponame=community

url	pkg:apk/alpine/containerd@1.5.9-r0?arch=riscv64&distroversion=v3.20&reponame=community
purl	pkg:apk/alpine/containerd@1.5.9-r0?arch=riscv64&distroversion=v3.20&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/containerd@1.5.9-r0%3Farch=riscv64&distroversion=v3.20&reponame=community

url	pkg:apk/alpine/containerd@1.5.9-r0?arch=aarch64&distroversion=v3.17&reponame=community
purl	pkg:apk/alpine/containerd@1.5.9-r0?arch=aarch64&distroversion=v3.17&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/containerd@1.5.9-r0%3Farch=aarch64&distroversion=v3.17&reponame=community

url	pkg:apk/alpine/containerd@1.5.9-r0?arch=armhf&distroversion=v3.17&reponame=community
purl	pkg:apk/alpine/containerd@1.5.9-r0?arch=armhf&distroversion=v3.17&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/containerd@1.5.9-r0%3Farch=armhf&distroversion=v3.17&reponame=community

url	pkg:apk/alpine/containerd@1.5.9-r0?arch=armv7&distroversion=v3.17&reponame=community
purl	pkg:apk/alpine/containerd@1.5.9-r0?arch=armv7&distroversion=v3.17&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/containerd@1.5.9-r0%3Farch=armv7&distroversion=v3.17&reponame=community

url	pkg:apk/alpine/containerd@1.5.9-r0?arch=ppc64le&distroversion=v3.17&reponame=community
purl	pkg:apk/alpine/containerd@1.5.9-r0?arch=ppc64le&distroversion=v3.17&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/containerd@1.5.9-r0%3Farch=ppc64le&distroversion=v3.17&reponame=community

url	pkg:apk/alpine/containerd@1.5.9-r0?arch=s390x&distroversion=v3.17&reponame=community
purl	pkg:apk/alpine/containerd@1.5.9-r0?arch=s390x&distroversion=v3.17&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/containerd@1.5.9-r0%3Farch=s390x&distroversion=v3.17&reponame=community

url	pkg:apk/alpine/containerd@1.5.9-r0?arch=x86&distroversion=v3.17&reponame=community
purl	pkg:apk/alpine/containerd@1.5.9-r0?arch=x86&distroversion=v3.17&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/containerd@1.5.9-r0%3Farch=x86&distroversion=v3.17&reponame=community

url	pkg:apk/alpine/containerd@1.5.9-r0?arch=aarch64&distroversion=v3.22&reponame=community
purl	pkg:apk/alpine/containerd@1.5.9-r0?arch=aarch64&distroversion=v3.22&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/containerd@1.5.9-r0%3Farch=aarch64&distroversion=v3.22&reponame=community

url	pkg:apk/alpine/containerd@1.5.9-r0?arch=armhf&distroversion=v3.22&reponame=community
purl	pkg:apk/alpine/containerd@1.5.9-r0?arch=armhf&distroversion=v3.22&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/containerd@1.5.9-r0%3Farch=armhf&distroversion=v3.22&reponame=community

url	pkg:apk/alpine/containerd@1.5.9-r0?arch=loongarch64&distroversion=v3.22&reponame=community
purl	pkg:apk/alpine/containerd@1.5.9-r0?arch=loongarch64&distroversion=v3.22&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/containerd@1.5.9-r0%3Farch=loongarch64&distroversion=v3.22&reponame=community

url	pkg:apk/alpine/containerd@1.5.9-r0?arch=ppc64le&distroversion=v3.22&reponame=community
purl	pkg:apk/alpine/containerd@1.5.9-r0?arch=ppc64le&distroversion=v3.22&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/containerd@1.5.9-r0%3Farch=ppc64le&distroversion=v3.22&reponame=community

url	pkg:apk/alpine/containerd@1.5.9-r0?arch=riscv64&distroversion=v3.22&reponame=community
purl	pkg:apk/alpine/containerd@1.5.9-r0?arch=riscv64&distroversion=v3.22&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/containerd@1.5.9-r0%3Farch=riscv64&distroversion=v3.22&reponame=community

url	pkg:apk/alpine/containerd@1.5.9-r0?arch=s390x&distroversion=v3.22&reponame=community
purl	pkg:apk/alpine/containerd@1.5.9-r0?arch=s390x&distroversion=v3.22&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/containerd@1.5.9-r0%3Farch=s390x&distroversion=v3.22&reponame=community

url	pkg:apk/alpine/containerd@1.5.9-r0?arch=x86&distroversion=v3.22&reponame=community
purl	pkg:apk/alpine/containerd@1.5.9-r0?arch=x86&distroversion=v3.22&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/containerd@1.5.9-r0%3Farch=x86&distroversion=v3.22&reponame=community

url	pkg:apk/alpine/containerd@1.5.9-r0?arch=x86_64&distroversion=v3.22&reponame=community
purl	pkg:apk/alpine/containerd@1.5.9-r0?arch=x86_64&distroversion=v3.22&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/containerd@1.5.9-r0%3Farch=x86_64&distroversion=v3.22&reponame=community

url	pkg:apk/alpine/containerd@1.5.9-r0?arch=aarch64&distroversion=v3.21&reponame=community
purl	pkg:apk/alpine/containerd@1.5.9-r0?arch=aarch64&distroversion=v3.21&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/containerd@1.5.9-r0%3Farch=aarch64&distroversion=v3.21&reponame=community

url	pkg:apk/alpine/containerd@1.5.9-r0?arch=loongarch64&distroversion=v3.21&reponame=community
purl	pkg:apk/alpine/containerd@1.5.9-r0?arch=loongarch64&distroversion=v3.21&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/containerd@1.5.9-r0%3Farch=loongarch64&distroversion=v3.21&reponame=community

url	pkg:apk/alpine/containerd@1.5.9-r0?arch=ppc64le&distroversion=v3.21&reponame=community
purl	pkg:apk/alpine/containerd@1.5.9-r0?arch=ppc64le&distroversion=v3.21&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/containerd@1.5.9-r0%3Farch=ppc64le&distroversion=v3.21&reponame=community

url	pkg:apk/alpine/containerd@1.5.9-r0?arch=riscv64&distroversion=v3.21&reponame=community
purl	pkg:apk/alpine/containerd@1.5.9-r0?arch=riscv64&distroversion=v3.21&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/containerd@1.5.9-r0%3Farch=riscv64&distroversion=v3.21&reponame=community

url	pkg:apk/alpine/containerd@1.5.9-r0?arch=s390x&distroversion=v3.21&reponame=community
purl	pkg:apk/alpine/containerd@1.5.9-r0?arch=s390x&distroversion=v3.21&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/containerd@1.5.9-r0%3Farch=s390x&distroversion=v3.21&reponame=community

url	pkg:apk/alpine/containerd@1.5.9-r0?arch=x86&distroversion=v3.21&reponame=community
purl	pkg:apk/alpine/containerd@1.5.9-r0?arch=x86&distroversion=v3.21&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/containerd@1.5.9-r0%3Farch=x86&distroversion=v3.21&reponame=community

url	pkg:apk/alpine/containerd@1.5.9-r0?arch=riscv64&distroversion=v3.23&reponame=community
purl	pkg:apk/alpine/containerd@1.5.9-r0?arch=riscv64&distroversion=v3.23&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/containerd@1.5.9-r0%3Farch=riscv64&distroversion=v3.23&reponame=community

url	pkg:apk/alpine/containerd@1.5.9-r0?arch=s390x&distroversion=v3.23&reponame=community
purl	pkg:apk/alpine/containerd@1.5.9-r0?arch=s390x&distroversion=v3.23&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/containerd@1.5.9-r0%3Farch=s390x&distroversion=v3.23&reponame=community

url	pkg:apk/alpine/containerd@1.5.9-r0?arch=x86&distroversion=v3.23&reponame=community
purl	pkg:apk/alpine/containerd@1.5.9-r0?arch=x86&distroversion=v3.23&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/containerd@1.5.9-r0%3Farch=x86&distroversion=v3.23&reponame=community

url	pkg:apk/alpine/containerd@1.5.9-r0?arch=x86_64&distroversion=v3.23&reponame=community
purl	pkg:apk/alpine/containerd@1.5.9-r0?arch=x86_64&distroversion=v3.23&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/containerd@1.5.9-r0%3Farch=x86_64&distroversion=v3.23&reponame=community

url	pkg:apk/alpine/containerd@1.5.9-r0?arch=armhf&distroversion=edge&reponame=community
purl	pkg:apk/alpine/containerd@1.5.9-r0?arch=armhf&distroversion=edge&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/containerd@1.5.9-r0%3Farch=armhf&distroversion=edge&reponame=community

url	pkg:apk/alpine/containerd@1.5.9-r0?arch=armv7&distroversion=edge&reponame=community
purl	pkg:apk/alpine/containerd@1.5.9-r0?arch=armv7&distroversion=edge&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/containerd@1.5.9-r0%3Farch=armv7&distroversion=edge&reponame=community

url	pkg:apk/alpine/containerd@1.5.9-r0?arch=ppc64le&distroversion=edge&reponame=community
purl	pkg:apk/alpine/containerd@1.5.9-r0?arch=ppc64le&distroversion=edge&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/containerd@1.5.9-r0%3Farch=ppc64le&distroversion=edge&reponame=community

url	pkg:apk/alpine/containerd@1.5.9-r0?arch=riscv64&distroversion=edge&reponame=community
purl	pkg:apk/alpine/containerd@1.5.9-r0?arch=riscv64&distroversion=edge&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/containerd@1.5.9-r0%3Farch=riscv64&distroversion=edge&reponame=community

url	pkg:apk/alpine/containerd@1.5.9-r0?arch=armhf&distroversion=v3.15&reponame=community
purl	pkg:apk/alpine/containerd@1.5.9-r0?arch=armhf&distroversion=v3.15&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/containerd@1.5.9-r0%3Farch=armhf&distroversion=v3.15&reponame=community

url	pkg:apk/alpine/containerd@1.5.9-r0?arch=s390x&distroversion=v3.15&reponame=community
purl	pkg:apk/alpine/containerd@1.5.9-r0?arch=s390x&distroversion=v3.15&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/containerd@1.5.9-r0%3Farch=s390x&distroversion=v3.15&reponame=community

url	pkg:apk/alpine/containerd@1.5.9-r0?arch=x86&distroversion=v3.15&reponame=community
purl	pkg:apk/alpine/containerd@1.5.9-r0?arch=x86&distroversion=v3.15&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/containerd@1.5.9-r0%3Farch=x86&distroversion=v3.15&reponame=community

url	pkg:apk/alpine/containerd@1.5.9-r0?arch=aarch64&distroversion=v3.19&reponame=community
purl	pkg:apk/alpine/containerd@1.5.9-r0?arch=aarch64&distroversion=v3.19&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/containerd@1.5.9-r0%3Farch=aarch64&distroversion=v3.19&reponame=community

url	pkg:apk/alpine/containerd@1.5.9-r0?arch=armv7&distroversion=v3.19&reponame=community
purl	pkg:apk/alpine/containerd@1.5.9-r0?arch=armv7&distroversion=v3.19&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/containerd@1.5.9-r0%3Farch=armv7&distroversion=v3.19&reponame=community

url	pkg:apk/alpine/containerd@1.5.9-r0?arch=ppc64le&distroversion=v3.19&reponame=community
purl	pkg:apk/alpine/containerd@1.5.9-r0?arch=ppc64le&distroversion=v3.19&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/containerd@1.5.9-r0%3Farch=ppc64le&distroversion=v3.19&reponame=community

url	pkg:apk/alpine/containerd@1.5.9-r0?arch=x86_64&distroversion=v3.19&reponame=community
purl	pkg:apk/alpine/containerd@1.5.9-r0?arch=x86_64&distroversion=v3.19&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/containerd@1.5.9-r0%3Farch=x86_64&distroversion=v3.19&reponame=community

url	pkg:apk/alpine/containerd@1.5.9-r0?arch=aarch64&distroversion=v3.20&reponame=community
purl	pkg:apk/alpine/containerd@1.5.9-r0?arch=aarch64&distroversion=v3.20&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/containerd@1.5.9-r0%3Farch=aarch64&distroversion=v3.20&reponame=community

url	pkg:apk/alpine/containerd@1.5.9-r0?arch=armhf&distroversion=v3.20&reponame=community
purl	pkg:apk/alpine/containerd@1.5.9-r0?arch=armhf&distroversion=v3.20&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/containerd@1.5.9-r0%3Farch=armhf&distroversion=v3.20&reponame=community

url	pkg:apk/alpine/containerd@1.5.9-r0?arch=armv7&distroversion=v3.20&reponame=community
purl	pkg:apk/alpine/containerd@1.5.9-r0?arch=armv7&distroversion=v3.20&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/containerd@1.5.9-r0%3Farch=armv7&distroversion=v3.20&reponame=community

url	pkg:apk/alpine/containerd@1.5.9-r0?arch=ppc64le&distroversion=v3.20&reponame=community
purl	pkg:apk/alpine/containerd@1.5.9-r0?arch=ppc64le&distroversion=v3.20&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/containerd@1.5.9-r0%3Farch=ppc64le&distroversion=v3.20&reponame=community

url	pkg:apk/alpine/containerd@1.5.9-r0?arch=s390x&distroversion=v3.20&reponame=community
purl	pkg:apk/alpine/containerd@1.5.9-r0?arch=s390x&distroversion=v3.20&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/containerd@1.5.9-r0%3Farch=s390x&distroversion=v3.20&reponame=community

url	pkg:apk/alpine/containerd@1.5.9-r0?arch=x86&distroversion=v3.20&reponame=community
purl	pkg:apk/alpine/containerd@1.5.9-r0?arch=x86&distroversion=v3.20&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/containerd@1.5.9-r0%3Farch=x86&distroversion=v3.20&reponame=community

url	pkg:apk/alpine/containerd@1.5.9-r0?arch=aarch64&distroversion=v3.16&reponame=community
purl	pkg:apk/alpine/containerd@1.5.9-r0?arch=aarch64&distroversion=v3.16&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/containerd@1.5.9-r0%3Farch=aarch64&distroversion=v3.16&reponame=community

url	pkg:apk/alpine/containerd@1.5.9-r0?arch=armhf&distroversion=v3.16&reponame=community
purl	pkg:apk/alpine/containerd@1.5.9-r0?arch=armhf&distroversion=v3.16&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/containerd@1.5.9-r0%3Farch=armhf&distroversion=v3.16&reponame=community

url	pkg:apk/alpine/containerd@1.5.9-r0?arch=armv7&distroversion=v3.16&reponame=community
purl	pkg:apk/alpine/containerd@1.5.9-r0?arch=armv7&distroversion=v3.16&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/containerd@1.5.9-r0%3Farch=armv7&distroversion=v3.16&reponame=community

url	pkg:apk/alpine/containerd@1.5.9-r0?arch=ppc64le&distroversion=v3.16&reponame=community
purl	pkg:apk/alpine/containerd@1.5.9-r0?arch=ppc64le&distroversion=v3.16&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/containerd@1.5.9-r0%3Farch=ppc64le&distroversion=v3.16&reponame=community

url	pkg:apk/alpine/containerd@1.5.9-r0?arch=x86&distroversion=v3.16&reponame=community
purl	pkg:apk/alpine/containerd@1.5.9-r0?arch=x86&distroversion=v3.16&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/containerd@1.5.9-r0%3Farch=x86&distroversion=v3.16&reponame=community

url	pkg:apk/alpine/containerd@1.5.9-r0?arch=x86_64&distroversion=v3.16&reponame=community
purl	pkg:apk/alpine/containerd@1.5.9-r0?arch=x86_64&distroversion=v3.16&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/containerd@1.5.9-r0%3Farch=x86_64&distroversion=v3.16&reponame=community

url	pkg:apk/alpine/containerd@1.5.9-r0?arch=aarch64&distroversion=v3.18&reponame=community
purl	pkg:apk/alpine/containerd@1.5.9-r0?arch=aarch64&distroversion=v3.18&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/containerd@1.5.9-r0%3Farch=aarch64&distroversion=v3.18&reponame=community

url	pkg:apk/alpine/containerd@1.5.9-r0?arch=armhf&distroversion=v3.18&reponame=community
purl	pkg:apk/alpine/containerd@1.5.9-r0?arch=armhf&distroversion=v3.18&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/containerd@1.5.9-r0%3Farch=armhf&distroversion=v3.18&reponame=community

url	pkg:apk/alpine/containerd@1.5.9-r0?arch=x86&distroversion=v3.18&reponame=community
purl	pkg:apk/alpine/containerd@1.5.9-r0?arch=x86&distroversion=v3.18&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/containerd@1.5.9-r0%3Farch=x86&distroversion=v3.18&reponame=community

url	pkg:apk/alpine/containerd@1.5.9-r0?arch=x86_64&distroversion=v3.18&reponame=community
purl	pkg:apk/alpine/containerd@1.5.9-r0?arch=x86_64&distroversion=v3.18&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/containerd@1.5.9-r0%3Farch=x86_64&distroversion=v3.18&reponame=community

url	pkg:apk/alpine/containerd@1.5.9-r0?arch=armv7&distroversion=v3.22&reponame=community
purl	pkg:apk/alpine/containerd@1.5.9-r0?arch=armv7&distroversion=v3.22&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/containerd@1.5.9-r0%3Farch=armv7&distroversion=v3.22&reponame=community

url	pkg:apk/alpine/containerd@1.5.9-r0?arch=armv7&distroversion=v3.23&reponame=community
purl	pkg:apk/alpine/containerd@1.5.9-r0?arch=armv7&distroversion=v3.23&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/containerd@1.5.9-r0%3Farch=armv7&distroversion=v3.23&reponame=community

url	pkg:apk/alpine/containerd@1.5.9-r0?arch=x86_64&distroversion=v3.21&reponame=community
purl	pkg:apk/alpine/containerd@1.5.9-r0?arch=x86_64&distroversion=v3.21&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/containerd@1.5.9-r0%3Farch=x86_64&distroversion=v3.21&reponame=community

url	pkg:apk/alpine/containerd@1.5.9-r0?arch=loongarch64&distroversion=edge&reponame=community
purl	pkg:apk/alpine/containerd@1.5.9-r0?arch=loongarch64&distroversion=edge&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/containerd@1.5.9-r0%3Farch=loongarch64&distroversion=edge&reponame=community

url	pkg:apk/alpine/containerd@1.5.9-r0?arch=s390x&distroversion=v3.19&reponame=community
purl	pkg:apk/alpine/containerd@1.5.9-r0?arch=s390x&distroversion=v3.19&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/containerd@1.5.9-r0%3Farch=s390x&distroversion=v3.19&reponame=community

url	pkg:apk/alpine/containerd@1.5.9-r0?arch=x86&distroversion=v3.19&reponame=community
purl	pkg:apk/alpine/containerd@1.5.9-r0?arch=x86&distroversion=v3.19&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/containerd@1.5.9-r0%3Farch=x86&distroversion=v3.19&reponame=community

url	pkg:apk/alpine/containerd@1.5.9-r0?arch=x86_64&distroversion=v3.20&reponame=community
purl	pkg:apk/alpine/containerd@1.5.9-r0?arch=x86_64&distroversion=v3.20&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/containerd@1.5.9-r0%3Farch=x86_64&distroversion=v3.20&reponame=community

url	pkg:apk/alpine/containerd@1.5.9-r0?arch=s390x&distroversion=v3.16&reponame=community
purl	pkg:apk/alpine/containerd@1.5.9-r0?arch=s390x&distroversion=v3.16&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/containerd@1.5.9-r0%3Farch=s390x&distroversion=v3.16&reponame=community

url	pkg:deb/debian/containerd@0?distro=trixie
purl	pkg:deb/debian/containerd@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/containerd@0%3Fdistro=trixie

url	pkg:deb/debian/containerd@1.4.13~ds1-1~deb11u4?distro=trixie
purl	pkg:deb/debian/containerd@1.4.13~ds1-1~deb11u4?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/containerd@1.4.13~ds1-1~deb11u4%3Fdistro=trixie

url	pkg:deb/debian/containerd@1.5.9~ds1-1?distro=trixie
purl	pkg:deb/debian/containerd@1.5.9~ds1-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/containerd@1.5.9~ds1-1%3Fdistro=trixie

url pkg:deb/debian/containerd@1.6.20~ds1-1%2Bdeb12u2?distro=trixie

purl pkg:deb/debian/containerd@1.6.20~ds1-1%2Bdeb12u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-xd4a-qav4-uqd1

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/containerd@1.6.20~ds1-1%252Bdeb12u2%3Fdistro=trixie

url	pkg:deb/debian/containerd@1.7.24~ds1-6%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/containerd@1.7.24~ds1-6%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/containerd@1.7.24~ds1-6%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/containerd@2.1.4~ds2-8?distro=trixie
purl	pkg:deb/debian/containerd@2.1.4~ds2-8?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/containerd@2.1.4~ds2-8%3Fdistro=trixie

url	pkg:deb/debian/containerd@2.1.6%2Bds1-1?distro=trixie
purl	pkg:deb/debian/containerd@2.1.6%2Bds1-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/containerd@2.1.6%252Bds1-1%3Fdistro=trixie

url	pkg:golang/github.com/containerd/containerd@1.5.9
purl	pkg:golang/github.com/containerd/containerd@1.5.9
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:golang/github.com/containerd/containerd@1.5.9

Affected_packages

References

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-43816.json

reference_id

reference_type

scores

value	8.0
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-43816.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-43816

reference_id

reference_type

scores

value	0.00147
scoring_system	epss
scoring_elements	0.35064
published_at	2026-04-21T12:55:00Z

value	0.00147
scoring_system	epss
scoring_elements	0.35112
published_at	2026-04-18T12:55:00Z

value	0.00147
scoring_system	epss
scoring_elements	0.35126
published_at	2026-04-16T12:55:00Z

value	0.00147
scoring_system	epss
scoring_elements	0.35088
published_at	2026-04-13T12:55:00Z

value	0.00147
scoring_system	epss
scoring_elements	0.35113
published_at	2026-04-12T12:55:00Z

value	0.00147
scoring_system	epss
scoring_elements	0.35164
published_at	2026-04-02T12:55:00Z

value	0.00147
scoring_system	epss
scoring_elements	0.34964
published_at	2026-04-01T12:55:00Z

value	0.00147
scoring_system	epss
scoring_elements	0.35116
published_at	2026-04-08T12:55:00Z

value	0.00147
scoring_system	epss
scoring_elements	0.35072
published_at	2026-04-07T12:55:00Z

value	0.00147
scoring_system	epss
scoring_elements	0.35193
published_at	2026-04-04T12:55:00Z

value	0.00147
scoring_system	epss
scoring_elements	0.35147
published_at	2026-04-11T12:55:00Z

value	0.00147
scoring_system	epss
scoring_elements	0.35142
published_at	2026-04-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-43816

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://github.com/containerd/containerd

reference_id

reference_type

scores

value	8.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/containerd/containerd

reference_url

https://github.com/containerd/containerd/commit/a731039238c62be081eb8c31525b988415745eea

reference_id

reference_type

scores

value	8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H

value	8.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-22T15:45:32Z/

url

https://github.com/containerd/containerd/commit/a731039238c62be081eb8c31525b988415745eea

reference_url

https://github.com/containerd/containerd/issues/6194

reference_id

reference_type

scores

value	8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H

value	8.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-22T15:45:32Z/

url

https://github.com/containerd/containerd/issues/6194

reference_url

https://github.com/containerd/containerd/security/advisories/GHSA-mvff-h3cj-wj9c

reference_id

reference_type

scores

value	8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H

value	8.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-22T15:45:32Z/

url

https://github.com/containerd/containerd/security/advisories/GHSA-mvff-h3cj-wj9c

reference_url

https://github.com/dweomer/containerd/commit/f7f08f0e34fb97392b0d382e58916d6865100299

reference_id

reference_type

scores

value	8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H

value	8.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-22T15:45:32Z/

url

https://github.com/dweomer/containerd/commit/f7f08f0e34fb97392b0d382e58916d6865100299

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GD5GH7NMK5VJMA2Y5CYB5O5GTPYMWMLX

reference_id

reference_type

scores

value	8.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GD5GH7NMK5VJMA2Y5CYB5O5GTPYMWMLX

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MPDIZMI7ZPERSZE2XO265UCK5IWM7CID

reference_id

reference_type

scores

value	8.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MPDIZMI7ZPERSZE2XO265UCK5IWM7CID

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2021-43816

reference_id

reference_type

scores

value	8.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2021-43816

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2044434
reference_id	2044434
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2044434

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GD5GH7NMK5VJMA2Y5CYB5O5GTPYMWMLX/

reference_id

GD5GH7NMK5VJMA2Y5CYB5O5GTPYMWMLX

reference_type

scores

value	8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-22T15:45:32Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GD5GH7NMK5VJMA2Y5CYB5O5GTPYMWMLX/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MPDIZMI7ZPERSZE2XO265UCK5IWM7CID/

reference_id

MPDIZMI7ZPERSZE2XO265UCK5IWM7CID

reference_type

scores

value	8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-22T15:45:32Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MPDIZMI7ZPERSZE2XO265UCK5IWM7CID/

Weaknesses

cwe_id	281
name	Improper Preservation of Permissions
description	The product does not preserve permissions or incorrectly preserves permissions when copying, restoring, or sharing objects, which can cause them to have less restrictive permissions than intended.

Exploits

Severity_range_score 7.0 - 8.9

Exploitability null

Weighted_severity null

Risk_score null

Resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-d42a-4prp-m7hb

Vulnerability Instance