{"url":"http://public2.vulnerablecode.io/api/packages/102924?format=json","purl":"pkg:deb/debian/runc@1.1.5%2Bds1-1%2Bdeb12u1?distro=trixie","type":"deb","namespace":"debian","name":"runc","version":"1.1.5+ds1-1+deb12u1","qualifiers":{"distro":"trixie"},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":"1.1.12+ds1-1","latest_non_vulnerable_version":"1.3.5+ds1-1","affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/25541?format=json","vulnerability_id":"VCID-9gr9-s1g1-t7au","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-52881.json","reference_id":"","reference_type":"","scores":[{"value":"8.2","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-52881.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-52881","reference_id":"","reference_type":"","scores":[{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.03685","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-52881"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-52881","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-52881"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1120140","reference_id":"1120140","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1120140"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2404715","reference_id":"2404715","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2404715"},{"reference_url":"https://github.com/opencontainers/runc/commit/3f925525b44d247e390e529e772a0dc0c0bc3557","reference_id":"3f925525b44d247e390e529e772a0dc0c0bc3557","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:A/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-11-06T21:06:59Z/"}],"url":"https://github.com/opencontainers/runc/commit/3f925525b44d247e390e529e772a0dc0c0bc3557"},{"reference_url":"https://github.com/opencontainers/runc/commit/435cc81be6b79cdec73b4002c0dae549b2f6ae6d","reference_id":"435cc81be6b79cdec73b4002c0dae549b2f6ae6d","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:A/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-11-06T21:06:59Z/"}],"url":"https://github.com/opencontainers/runc/commit/435cc81be6b79cdec73b4002c0dae549b2f6ae6d"},{"reference_url":"https://github.com/opencontainers/runc/commit/44a0fcf685db051c80b8c269812bb177f5802c58","reference_id":"44a0fcf685db051c80b8c269812bb177f5802c58","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:A/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-11-06T21:06:59Z/"}],"url":"https://github.com/opencontainers/runc/commit/44a0fcf685db051c80b8c269812bb177f5802c58"},{"reference_url":"https://github.com/opencontainers/runc/commit/4b37cd93f86e72feac866442988b549b5b7bf3e6","reference_id":"4b37cd93f86e72feac866442988b549b5b7bf3e6","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:A/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-11-06T21:06:59Z/"}],"url":"https://github.com/opencontainers/runc/commit/4b37cd93f86e72feac866442988b549b5b7bf3e6"},{"reference_url":"https://github.com/opencontainers/runc/commit/6fc191449109ea14bb7d61238f24a33fe08c651f","reference_id":"6fc191449109ea14bb7d61238f24a33fe08c651f","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:A/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-11-06T21:06:59Z/"}],"url":"https://github.com/opencontainers/runc/commit/6fc191449109ea14bb7d61238f24a33fe08c651f"},{"reference_url":"https://github.com/opencontainers/runc/commit/77889b56db939c323d29d1130f28f9aea2edb544","reference_id":"77889b56db939c323d29d1130f28f9aea2edb544","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:A/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-11-06T21:06:59Z/"}],"url":"https://github.com/opencontainers/runc/commit/77889b56db939c323d29d1130f28f9aea2edb544"},{"reference_url":"https://github.com/opencontainers/runc/commit/77d217c7c3775d8ca5af89e477e81568ef4572db","reference_id":"77d217c7c3775d8ca5af89e477e81568ef4572db","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:A/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-11-06T21:06:59Z/"}],"url":"https://github.com/opencontainers/runc/commit/77d217c7c3775d8ca5af89e477e81568ef4572db"},{"reference_url":"http://github.com/opencontainers/runc/commit/a41366e74080fa9f26a2cd3544e2801449697322","reference_id":"a41366e74080fa9f26a2cd3544e2801449697322","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:A/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-11-06T21:06:59Z/"}],"url":"http://github.com/opencontainers/runc/commit/a41366e74080fa9f26a2cd3544e2801449697322"},{"reference_url":"https://github.com/opencontainers/runc/commit/b3dd1bc562ed9996d1a0f249e056c16624046d28","reference_id":"b3dd1bc562ed9996d1a0f249e056c16624046d28","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:A/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-11-06T21:06:59Z/"}],"url":"https://github.com/opencontainers/runc/commit/b3dd1bc562ed9996d1a0f249e056c16624046d28"},{"reference_url":"https://github.com/opencontainers/runc/commit/d40b3439a9614a86e87b81a94c6811ec6fa2d7d2","reference_id":"d40b3439a9614a86e87b81a94c6811ec6fa2d7d2","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:A/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-11-06T21:06:59Z/"}],"url":"https://github.com/opencontainers/runc/commit/d40b3439a9614a86e87b81a94c6811ec6fa2d7d2"},{"reference_url":"https://github.com/opencontainers/runc/commit/d61fd29d854b416feaaf128bf650325cd2182165","reference_id":"d61fd29d854b416feaaf128bf650325cd2182165","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:A/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-11-06T21:06:59Z/"}],"url":"https://github.com/opencontainers/runc/commit/d61fd29d854b416feaaf128bf650325cd2182165"},{"reference_url":"https://github.com/opencontainers/runc/commit/db19bbed5348847da433faa9d69e9f90192bfa64","reference_id":"db19bbed5348847da433faa9d69e9f90192bfa64","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:A/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-11-06T21:06:59Z/"}],"url":"https://github.com/opencontainers/runc/commit/db19bbed5348847da433faa9d69e9f90192bfa64"},{"reference_url":"https://github.com/opencontainers/runc/commit/ed6b1693b8b3ae7eb0250a7e76fc888cdacf98c1","reference_id":"ed6b1693b8b3ae7eb0250a7e76fc888cdacf98c1","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:A/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-11-06T21:06:59Z/"}],"url":"https://github.com/opencontainers/runc/commit/ed6b1693b8b3ae7eb0250a7e76fc888cdacf98c1"},{"reference_url":"http://github.com/opencontainers/runc/commit/fdcc9d3cad2f85954a241ccb910a61aaa1ef47f3","reference_id":"fdcc9d3cad2f85954a241ccb910a61aaa1ef47f3","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:A/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-11-06T21:06:59Z/"}],"url":"http://github.com/opencontainers/runc/commit/fdcc9d3cad2f85954a241ccb910a61aaa1ef47f3"},{"reference_url":"https://github.com/opencontainers/runc/commit/ff6fe1324663538167eca8b3d3eec61e1bd4fa51","reference_id":"ff6fe1324663538167eca8b3d3eec61e1bd4fa51","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:A/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-11-06T21:06:59Z/"}],"url":"https://github.com/opencontainers/runc/commit/ff6fe1324663538167eca8b3d3eec61e1bd4fa51"},{"reference_url":"https://github.com/opencontainers/runc/commit/ff94f9991bd32076c871ef0ad8bc1b763458e480","reference_id":"ff94f9991bd32076c871ef0ad8bc1b763458e480","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:A/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-11-06T21:06:59Z/"}],"url":"https://github.com/opencontainers/runc/commit/ff94f9991bd32076c871ef0ad8bc1b763458e480"},{"reference_url":"https://github.com/opencontainers/runc/security/advisories/GHSA-9493-h29p-rfm2","reference_id":"GHSA-9493-h29p-rfm2","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:A/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-11-06T21:06:59Z/"}],"url":"https://github.com/opencontainers/runc/security/advisories/GHSA-9493-h29p-rfm2"},{"reference_url":"https://github.com/opencontainers/runc/security/advisories/GHSA-cgrx-mc8f-2prm","reference_id":"GHSA-cgrx-mc8f-2prm","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:A/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-11-06T21:06:59Z/"}],"url":"https://github.com/opencontainers/runc/security/advisories/GHSA-cgrx-mc8f-2prm"},{"reference_url":"https://github.com/opencontainers/runc/security/advisories/GHSA-qw9x-cqr3-wc7r","reference_id":"GHSA-qw9x-cqr3-wc7r","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:A/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-11-06T21:06:59Z/"}],"url":"https://github.com/opencontainers/runc/security/advisories/GHSA-qw9x-cqr3-wc7r"},{"reference_url":"https://github.com/opencontainers/runc/blob/v1.4.0-rc.2/RELEASES.md","reference_id":"RELEASES.md","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:A/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-11-06T21:06:59Z/"}],"url":"https://github.com/opencontainers/runc/blob/v1.4.0-rc.2/RELEASES.md"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:19927","reference_id":"RHSA-2025:19927","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:19927"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:20957","reference_id":"RHSA-2025:20957","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:20957"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21220","reference_id":"RHSA-2025:21220","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21220"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21232","reference_id":"RHSA-2025:21232","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21232"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21633","reference_id":"RHSA-2025:21633","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21633"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21634","reference_id":"RHSA-2025:21634","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21634"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21702","reference_id":"RHSA-2025:21702","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21702"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21795","reference_id":"RHSA-2025:21795","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21795"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21824","reference_id":"RHSA-2025:21824","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21824"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22011","reference_id":"RHSA-2025:22011","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:22011"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22012","reference_id":"RHSA-2025:22012","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:22012"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22030","reference_id":"RHSA-2025:22030","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:22030"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22275","reference_id":"RHSA-2025:22275","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:22275"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:23113","reference_id":"RHSA-2025:23113","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:23113"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:23347","reference_id":"RHSA-2025:23347","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:23347"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:23543","reference_id":"RHSA-2025:23543","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:23543"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0050","reference_id":"RHSA-2026:0050","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0050"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0315","reference_id":"RHSA-2026:0315","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0315"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0316","reference_id":"RHSA-2026:0316","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0316"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0331","reference_id":"RHSA-2026:0331","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0331"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0418","reference_id":"RHSA-2026:0418","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0418"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0424","reference_id":"RHSA-2026:0424","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0424"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0425","reference_id":"RHSA-2026:0425","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0425"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0426","reference_id":"RHSA-2026:0426","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0426"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0676","reference_id":"RHSA-2026:0676","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0676"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0701","reference_id":"RHSA-2026:0701","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0701"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0995","reference_id":"RHSA-2026:0995","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0995"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10703","reference_id":"RHSA-2026:10703","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:10703"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1540","reference_id":"RHSA-2026:1540","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1540"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1730","reference_id":"RHSA-2026:1730","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1730"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19244","reference_id":"RHSA-2026:19244","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19244"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1942","reference_id":"RHSA-2026:1942","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1942"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2034","reference_id":"RHSA-2026:2034","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2034"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2106","reference_id":"RHSA-2026:2106","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2106"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2343","reference_id":"RHSA-2026:2343","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2343"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2456","reference_id":"RHSA-2026:2456","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2456"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2681","reference_id":"RHSA-2026:2681","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2681"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2695","reference_id":"RHSA-2026:2695","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2695"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2754","reference_id":"RHSA-2026:2754","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2754"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2762","reference_id":"RHSA-2026:2762","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2762"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2900","reference_id":"RHSA-2026:2900","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2900"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2951","reference_id":"RHSA-2026:2951","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2951"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2975","reference_id":"RHSA-2026:2975","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2975"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3391","reference_id":"RHSA-2026:3391","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3391"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3416","reference_id":"RHSA-2026:3416","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3416"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3713","reference_id":"RHSA-2026:3713","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3713"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4185","reference_id":"RHSA-2026:4185","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4185"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4215","reference_id":"RHSA-2026:4215","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4215"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4531","reference_id":"RHSA-2026:4531","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4531"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4532","reference_id":"RHSA-2026:4532","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4532"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4533","reference_id":"RHSA-2026:4533","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4533"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4693","reference_id":"RHSA-2026:4693","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4693"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8325","reference_id":"RHSA-2026:8325","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8325"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8433","reference_id":"RHSA-2026:8433","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8433"},{"reference_url":"https://usn.ubuntu.com/7851-1/","reference_id":"USN-7851-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7851-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/102943?format=json","purl":"pkg:deb/debian/runc@1.3.3%2Bds1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/runc@1.3.3%252Bds1-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/102927?format=json","purl":"pkg:deb/debian/runc@1.3.5%2Bds1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/runc@1.3.5%252Bds1-1%3Fdistro=trixie"}],"aliases":["CVE-2025-52881"],"risk_score":3.3,"exploitability":"0.5","weighted_severity":"6.6","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9gr9-s1g1-t7au"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/25528?format=json","vulnerability_id":"VCID-h7hq-w8sq-q7bt","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-52565.json","reference_id":"","reference_type":"","scores":[{"value":"8.2","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-52565.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-52565","reference_id":"","reference_type":"","scores":[{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.07663","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-52565"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-52565","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-52565"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/opencontainers/runc/commit/01de9d65dc72f67b256ef03f9bfb795a2bf143b4","reference_id":"01de9d65dc72f67b256ef03f9bfb795a2bf143b4","reference_type":"","scores":[{"value":"8.4","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:H/VA:N/SC:H/SI:H/SA:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-06T21:32:07Z/"}],"url":"https://github.com/opencontainers/runc/commit/01de9d65dc72f67b256ef03f9bfb795a2bf143b4"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1120140","reference_id":"1120140","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1120140"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2404708","reference_id":"2404708","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2404708"},{"reference_url":"https://github.com/opencontainers/runc/commit/398955bccb7f20565c224a3064d331c19e422398","reference_id":"398955bccb7f20565c224a3064d331c19e422398","reference_type":"","scores":[{"value":"8.4","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:H/VA:N/SC:H/SI:H/SA:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-06T21:32:07Z/"}],"url":"https://github.com/opencontainers/runc/commit/398955bccb7f20565c224a3064d331c19e422398"},{"reference_url":"https://github.com/opencontainers/runc/commit/531ef794e4ecd628006a865ad334a048ee2b4b2e","reference_id":"531ef794e4ecd628006a865ad334a048ee2b4b2e","reference_type":"","scores":[{"value":"8.4","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:H/VA:N/SC:H/SI:H/SA:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-06T21:32:07Z/"}],"url":"https://github.com/opencontainers/runc/commit/531ef794e4ecd628006a865ad334a048ee2b4b2e"},{"reference_url":"https://github.com/opencontainers/runc/commit/9be1dbf4ac67d9840a043ebd2df5c68f36705d1d","reference_id":"9be1dbf4ac67d9840a043ebd2df5c68f36705d1d","reference_type":"","scores":[{"value":"8.4","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:H/VA:N/SC:H/SI:H/SA:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-06T21:32:07Z/"}],"url":"https://github.com/opencontainers/runc/commit/9be1dbf4ac67d9840a043ebd2df5c68f36705d1d"},{"reference_url":"https://github.com/opencontainers/runc/commit/aee7d3fe355dd02939d44155e308ea0052e0d53a","reference_id":"aee7d3fe355dd02939d44155e308ea0052e0d53a","reference_type":"","scores":[{"value":"8.4","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:H/VA:N/SC:H/SI:H/SA:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-06T21:32:07Z/"}],"url":"https://github.com/opencontainers/runc/commit/aee7d3fe355dd02939d44155e308ea0052e0d53a"},{"reference_url":"https://github.com/opencontainers/runc/commit/db19bbed5348847da433faa9d69e9f90192bfa64","reference_id":"db19bbed5348847da433faa9d69e9f90192bfa64","reference_type":"","scores":[{"value":"8.4","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:H/VA:N/SC:H/SI:H/SA:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-06T21:32:07Z/"}],"url":"https://github.com/opencontainers/runc/commit/db19bbed5348847da433faa9d69e9f90192bfa64"},{"reference_url":"https://github.com/opencontainers/runc/commit/de87203e625cd7a27141fb5f2ad00a320c69c5e8","reference_id":"de87203e625cd7a27141fb5f2ad00a320c69c5e8","reference_type":"","scores":[{"value":"8.4","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:H/VA:N/SC:H/SI:H/SA:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-06T21:32:07Z/"}],"url":"https://github.com/opencontainers/runc/commit/de87203e625cd7a27141fb5f2ad00a320c69c5e8"},{"reference_url":"https://github.com/opencontainers/runc/commit/ff94f9991bd32076c871ef0ad8bc1b763458e480","reference_id":"ff94f9991bd32076c871ef0ad8bc1b763458e480","reference_type":"","scores":[{"value":"8.4","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:H/VA:N/SC:H/SI:H/SA:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-06T21:32:07Z/"}],"url":"https://github.com/opencontainers/runc/commit/ff94f9991bd32076c871ef0ad8bc1b763458e480"},{"reference_url":"https://github.com/opencontainers/runc/security/advisories/GHSA-qw9x-cqr3-wc7r","reference_id":"GHSA-qw9x-cqr3-wc7r","reference_type":"","scores":[{"value":"8.4","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:H/VA:N/SC:H/SI:H/SA:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-06T21:32:07Z/"}],"url":"https://github.com/opencontainers/runc/security/advisories/GHSA-qw9x-cqr3-wc7r"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:19927","reference_id":"RHSA-2025:19927","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:19927"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:20957","reference_id":"RHSA-2025:20957","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:20957"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21232","reference_id":"RHSA-2025:21232","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21232"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21795","reference_id":"RHSA-2025:21795","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21795"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21824","reference_id":"RHSA-2025:21824","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21824"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22275","reference_id":"RHSA-2025:22275","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:22275"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:23078","reference_id":"RHSA-2025:23078","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:23078"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:23079","reference_id":"RHSA-2025:23079","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:23079"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:23080","reference_id":"RHSA-2025:23080","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:23080"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:23113","reference_id":"RHSA-2025:23113","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:23113"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:23202","reference_id":"RHSA-2025:23202","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:23202"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:23204","reference_id":"RHSA-2025:23204","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:23204"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:23205","reference_id":"RHSA-2025:23205","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:23205"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:23209","reference_id":"RHSA-2025:23209","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:23209"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:23449","reference_id":"RHSA-2025:23449","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:23449"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0315","reference_id":"RHSA-2026:0315","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0315"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0331","reference_id":"RHSA-2026:0331","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0331"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0418","reference_id":"RHSA-2026:0418","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0418"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0425","reference_id":"RHSA-2026:0425","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0425"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0676","reference_id":"RHSA-2026:0676","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0676"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0701","reference_id":"RHSA-2026:0701","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0701"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0995","reference_id":"RHSA-2026:0995","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0995"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10703","reference_id":"RHSA-2026:10703","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:10703"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1540","reference_id":"RHSA-2026:1540","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1540"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3461","reference_id":"RHSA-2026:3461","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3461"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3462","reference_id":"RHSA-2026:3462","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3462"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4531","reference_id":"RHSA-2026:4531","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4531"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4693","reference_id":"RHSA-2026:4693","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4693"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6492","reference_id":"RHSA-2026:6492","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6492"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8325","reference_id":"RHSA-2026:8325","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8325"},{"reference_url":"https://usn.ubuntu.com/7851-1/","reference_id":"USN-7851-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7851-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/102943?format=json","purl":"pkg:deb/debian/runc@1.3.3%2Bds1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/runc@1.3.3%252Bds1-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/102927?format=json","purl":"pkg:deb/debian/runc@1.3.5%2Bds1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/runc@1.3.5%252Bds1-1%3Fdistro=trixie"}],"aliases":["CVE-2025-52565"],"risk_score":3.8,"exploitability":"0.5","weighted_severity":"7.6","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-h7hq-w8sq-q7bt"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/23476?format=json","vulnerability_id":"VCID-prvp-wmj3-sfaw","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-31133.json","reference_id":"","reference_type":"","scores":[{"value":"8.2","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-31133.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-31133","reference_id":"","reference_type":"","scores":[{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.06075","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-31133"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-31133","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-31133"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1120140","reference_id":"1120140","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1120140"},{"reference_url":"https://github.com/opencontainers/runc/commit/1a30a8f3d921acbbb6a4bb7e99da2c05f8d48522","reference_id":"1a30a8f3d921acbbb6a4bb7e99da2c05f8d48522","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:A/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-11-06T19:03:45Z/"}],"url":"https://github.com/opencontainers/runc/commit/1a30a8f3d921acbbb6a4bb7e99da2c05f8d48522"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2404705","reference_id":"2404705","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2404705"},{"reference_url":"https://github.com/opencontainers/runc/commit/5d7b2424072449872d1cd0c937f2ca25f418eb66","reference_id":"5d7b2424072449872d1cd0c937f2ca25f418eb66","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:A/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-11-06T19:03:45Z/"}],"url":"https://github.com/opencontainers/runc/commit/5d7b2424072449872d1cd0c937f2ca25f418eb66"},{"reference_url":"https://github.com/opencontainers/runc/commit/8476df83b534a2522b878c0507b3491def48db9f","reference_id":"8476df83b534a2522b878c0507b3491def48db9f","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:A/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-11-06T19:03:45Z/"}],"url":"https://github.com/opencontainers/runc/commit/8476df83b534a2522b878c0507b3491def48db9f"},{"reference_url":"https://github.com/opencontainers/runc/commit/db19bbed5348847da433faa9d69e9f90192bfa64","reference_id":"db19bbed5348847da433faa9d69e9f90192bfa64","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:A/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-11-06T19:03:45Z/"}],"url":"https://github.com/opencontainers/runc/commit/db19bbed5348847da433faa9d69e9f90192bfa64"},{"reference_url":"https://github.com/opencontainers/runc/security/advisories/GHSA-9493-h29p-rfm2","reference_id":"GHSA-9493-h29p-rfm2","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:A/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-11-06T19:03:45Z/"}],"url":"https://github.com/opencontainers/runc/security/advisories/GHSA-9493-h29p-rfm2"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:19927","reference_id":"RHSA-2025:19927","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:19927"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:20957","reference_id":"RHSA-2025:20957","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:20957"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21232","reference_id":"RHSA-2025:21232","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21232"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21795","reference_id":"RHSA-2025:21795","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21795"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21824","reference_id":"RHSA-2025:21824","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21824"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22275","reference_id":"RHSA-2025:22275","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:22275"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:23113","reference_id":"RHSA-2025:23113","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:23113"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0315","reference_id":"RHSA-2026:0315","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0315"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0331","reference_id":"RHSA-2026:0331","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0331"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0418","reference_id":"RHSA-2026:0418","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0418"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0425","reference_id":"RHSA-2026:0425","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0425"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0676","reference_id":"RHSA-2026:0676","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0676"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0701","reference_id":"RHSA-2026:0701","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0701"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0995","reference_id":"RHSA-2026:0995","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0995"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10703","reference_id":"RHSA-2026:10703","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:10703"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1540","reference_id":"RHSA-2026:1540","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1540"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2681","reference_id":"RHSA-2026:2681","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2681"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4531","reference_id":"RHSA-2026:4531","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4531"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4693","reference_id":"RHSA-2026:4693","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4693"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6492","reference_id":"RHSA-2026:6492","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6492"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8325","reference_id":"RHSA-2026:8325","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8325"},{"reference_url":"https://usn.ubuntu.com/7851-1/","reference_id":"USN-7851-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7851-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/102943?format=json","purl":"pkg:deb/debian/runc@1.3.3%2Bds1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/runc@1.3.3%252Bds1-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/102927?format=json","purl":"pkg:deb/debian/runc@1.3.5%2Bds1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/runc@1.3.5%252Bds1-1%3Fdistro=trixie"}],"aliases":["CVE-2025-31133"],"risk_score":3.3,"exploitability":"0.5","weighted_severity":"6.6","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-prvp-wmj3-sfaw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/20515?format=json","vulnerability_id":"VCID-wv7w-9wmg-mugx","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-45310.json","reference_id":"","reference_type":"","scores":[{"value":"3.6","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-45310.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45310","reference_id":"","reference_type":"","scores":[{"value":"0.0015","scoring_system":"epss","scoring_elements":"0.35288","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45310"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45310","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45310"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1082865","reference_id":"1082865","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1082865"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2309336","reference_id":"2309336","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2309336"},{"reference_url":"https://github.com/opencontainers/runc/pull/4359","reference_id":"4359","reference_type":"","scores":[{"value":"3.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-03T20:03:49Z/"}],"url":"https://github.com/opencontainers/runc/pull/4359"},{"reference_url":"https://github.com/opencontainers/runc/commit/63c2908164f3a1daea455bf5bcd8d363d70328c7","reference_id":"63c2908164f3a1daea455bf5bcd8d363d70328c7","reference_type":"","scores":[{"value":"3.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-03T20:03:49Z/"}],"url":"https://github.com/opencontainers/runc/commit/63c2908164f3a1daea455bf5bcd8d363d70328c7"},{"reference_url":"https://github.com/opencontainers/runc/commit/8781993968fd964ac723ff5f360b6f259e809a3e","reference_id":"8781993968fd964ac723ff5f360b6f259e809a3e","reference_type":"","scores":[{"value":"3.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-03T20:03:49Z/"}],"url":"https://github.com/opencontainers/runc/commit/8781993968fd964ac723ff5f360b6f259e809a3e"},{"reference_url":"https://github.com/opencontainers/runc/commit/f0b652ea61ff6750a8fcc69865d45a7abf37accf","reference_id":"f0b652ea61ff6750a8fcc69865d45a7abf37accf","reference_type":"","scores":[{"value":"3.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-03T20:03:49Z/"}],"url":"https://github.com/opencontainers/runc/commit/f0b652ea61ff6750a8fcc69865d45a7abf37accf"},{"reference_url":"https://github.com/opencontainers/runc/security/advisories/GHSA-jfvp-7x6p-h2pv","reference_id":"GHSA-jfvp-7x6p-h2pv","reference_type":"","scores":[{"value":"3.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-03T20:03:49Z/"}],"url":"https://github.com/opencontainers/runc/security/advisories/GHSA-jfvp-7x6p-h2pv"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3406","reference_id":"RHSA-2026:3406","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3406"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/102942?format=json","purl":"pkg:deb/debian/runc@1.1.15%2Bds1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/runc@1.1.15%252Bds1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/102928?format=json","purl":"pkg:deb/debian/runc@1.1.15%2Bds1-2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-9gr9-s1g1-t7au"},{"vulnerability":"VCID-h7hq-w8sq-q7bt"},{"vulnerability":"VCID-prvp-wmj3-sfaw"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/runc@1.1.15%252Bds1-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/102927?format=json","purl":"pkg:deb/debian/runc@1.3.5%2Bds1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/runc@1.3.5%252Bds1-1%3Fdistro=trixie"}],"aliases":["CVE-2024-45310"],"risk_score":1.6,"exploitability":"0.5","weighted_severity":"3.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wv7w-9wmg-mugx"}],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/154726?format=json","vulnerability_id":"VCID-1mgk-fjbx-nbbr","summary":"runc is a CLI tool for spawning and running containers on Linux according to the OCI specification. In runc, netlink is used internally as a serialization system for specifying the relevant container configuration to the `C` portion of the code (responsible for the based namespace setup of containers). In all versions of runc prior to 1.0.3, the encoder did not handle the possibility of an integer overflow in the 16-bit length field for the byte array attribute type, meaning that a large enough malicious byte array attribute could result in the length overflowing and the attribute contents being parsed as netlink messages for container configuration. This vulnerability requires the attacker to have some control over the configuration of the container and would allow the attacker to bypass the namespace restrictions of the container by simply adding their own netlink payload which disables all namespaces. The main users impacted are those who allow untrusted images with untrusted configurations to run on their machines (such as with shared cloud infrastructure). runc version 1.0.3 contains a fix for this bug. As a workaround, one may try disallowing untrusted namespace paths from your container. It should be noted that untrusted namespace paths would allow the attacker to disable namespace protections entirely even in the absence of this bug.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-43784.json","reference_id":"","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-43784.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-43784","reference_id":"","reference_type":"","scores":[{"value":"0.00126","scoring_system":"epss","scoring_elements":"0.31394","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-43784"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43784","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43784"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2029439","reference_id":"2029439","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2029439"},{"reference_url":"https://github.com/opencontainers/runc/commit/9c444070ec7bb83995dbc0185da68284da71c554","reference_id":"9c444070ec7bb83995dbc0185da68284da71c554","reference_type":"","scores":[{"value":"6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-15T17:09:32Z/"}],"url":"https://github.com/opencontainers/runc/commit/9c444070ec7bb83995dbc0185da68284da71c554"},{"reference_url":"https://security.archlinux.org/AVG-2599","reference_id":"AVG-2599","reference_type":"","scores":[{"value":"Low","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2599"},{"reference_url":"https://github.com/opencontainers/runc/commit/d72d057ba794164c3cce9451a00b72a78b25e1ae","reference_id":"d72d057ba794164c3cce9451a00b72a78b25e1ae","reference_type":"","scores":[{"value":"6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-15T17:09:32Z/"}],"url":"https://github.com/opencontainers/runc/commit/d72d057ba794164c3cce9451a00b72a78b25e1ae"},{"reference_url":"https://bugs.chromium.org/p/project-zero/issues/detail?id=2241","reference_id":"detail?id=2241","reference_type":"","scores":[{"value":"6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-15T17:09:32Z/"}],"url":"https://bugs.chromium.org/p/project-zero/issues/detail?id=2241"},{"reference_url":"https://github.com/opencontainers/runc/commit/f50369af4b571e358f20b139eea52d612eb55eed","reference_id":"f50369af4b571e358f20b139eea52d612eb55eed","reference_type":"","scores":[{"value":"6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-15T17:09:32Z/"}],"url":"https://github.com/opencontainers/runc/commit/f50369af4b571e358f20b139eea52d612eb55eed"},{"reference_url":"https://github.com/opencontainers/runc/security/advisories/GHSA-v95c-p5hm-xq8f","reference_id":"GHSA-v95c-p5hm-xq8f","reference_type":"","scores":[{"value":"6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-15T17:09:32Z/"}],"url":"https://github.com/opencontainers/runc/security/advisories/GHSA-v95c-p5hm-xq8f"},{"reference_url":"https://security.gentoo.org/glsa/202408-25","reference_id":"GLSA-202408-25","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202408-25"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2021/12/msg00005.html","reference_id":"msg00005.html","reference_type":"","scores":[{"value":"6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-15T17:09:32Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2021/12/msg00005.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2024/02/msg00005.html","reference_id":"msg00005.html","reference_type":"","scores":[{"value":"6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-15T17:09:32Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2024/02/msg00005.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6380","reference_id":"RHSA-2023:6380","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6380"},{"reference_url":"https://usn.ubuntu.com/6088-2/","reference_id":"USN-6088-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6088-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/102936?format=json","purl":"pkg:deb/debian/runc@1.0.0~rc93%2Bds1-5%2Bdeb11u4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/runc@1.0.0~rc93%252Bds1-5%252Bdeb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/102926?format=json","purl":"pkg:deb/debian/runc@1.0.0~rc93%2Bds1-5%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-9gr9-s1g1-t7au"},{"vulnerability":"VCID-h7hq-w8sq-q7bt"},{"vulnerability":"VCID-prvp-wmj3-sfaw"},{"vulnerability":"VCID-wv7w-9wmg-mugx"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/runc@1.0.0~rc93%252Bds1-5%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/102935?format=json","purl":"pkg:deb/debian/runc@1.0.3%2Bds1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/runc@1.0.3%252Bds1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/102924?format=json","purl":"pkg:deb/debian/runc@1.1.5%2Bds1-1%2Bdeb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-9gr9-s1g1-t7au"},{"vulnerability":"VCID-h7hq-w8sq-q7bt"},{"vulnerability":"VCID-prvp-wmj3-sfaw"},{"vulnerability":"VCID-wv7w-9wmg-mugx"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/runc@1.1.5%252Bds1-1%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/102928?format=json","purl":"pkg:deb/debian/runc@1.1.15%2Bds1-2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-9gr9-s1g1-t7au"},{"vulnerability":"VCID-h7hq-w8sq-q7bt"},{"vulnerability":"VCID-prvp-wmj3-sfaw"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/runc@1.1.15%252Bds1-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/102927?format=json","purl":"pkg:deb/debian/runc@1.3.5%2Bds1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/runc@1.3.5%252Bds1-1%3Fdistro=trixie"}],"aliases":["CVE-2021-43784"],"risk_score":2.7,"exploitability":"0.5","weighted_severity":"5.4","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1mgk-fjbx-nbbr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/178210?format=json","vulnerability_id":"VCID-4vee-q5sz-gybz","summary":"Multiple vulnerabilities have been discovered in runC, the worst of\n    which may lead to privilege escalation.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-19921.json","reference_id":"","reference_type":"","scores":[{"value":"7.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-19921.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-19921","reference_id":"","reference_type":"","scores":[{"value":"0.00191","scoring_system":"epss","scoring_elements":"0.40953","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-19921"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19921","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19921"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1796107","reference_id":"1796107","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1796107"},{"reference_url":"https://security.gentoo.org/glsa/202003-21","reference_id":"GLSA-202003-21","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202003-21"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:0688","reference_id":"RHSA-2020:0688","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:0688"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:0695","reference_id":"RHSA-2020:0695","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:0695"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:0942","reference_id":"RHSA-2020:0942","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:0942"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1485","reference_id":"RHSA-2020:1485","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1485"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1650","reference_id":"RHSA-2020:1650","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1650"},{"reference_url":"https://usn.ubuntu.com/4297-1/","reference_id":"USN-4297-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4297-1/"},{"reference_url":"https://usn.ubuntu.com/6088-2/","reference_id":"USN-6088-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6088-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/102932?format=json","purl":"pkg:deb/debian/runc@1.0.0~rc10%2Bdfsg1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/runc@1.0.0~rc10%252Bdfsg1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/102926?format=json","purl":"pkg:deb/debian/runc@1.0.0~rc93%2Bds1-5%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-9gr9-s1g1-t7au"},{"vulnerability":"VCID-h7hq-w8sq-q7bt"},{"vulnerability":"VCID-prvp-wmj3-sfaw"},{"vulnerability":"VCID-wv7w-9wmg-mugx"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/runc@1.0.0~rc93%252Bds1-5%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/102924?format=json","purl":"pkg:deb/debian/runc@1.1.5%2Bds1-1%2Bdeb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-9gr9-s1g1-t7au"},{"vulnerability":"VCID-h7hq-w8sq-q7bt"},{"vulnerability":"VCID-prvp-wmj3-sfaw"},{"vulnerability":"VCID-wv7w-9wmg-mugx"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/runc@1.1.5%252Bds1-1%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/102928?format=json","purl":"pkg:deb/debian/runc@1.1.15%2Bds1-2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-9gr9-s1g1-t7au"},{"vulnerability":"VCID-h7hq-w8sq-q7bt"},{"vulnerability":"VCID-prvp-wmj3-sfaw"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/runc@1.1.15%252Bds1-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/102927?format=json","purl":"pkg:deb/debian/runc@1.3.5%2Bds1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/runc@1.3.5%252Bds1-1%3Fdistro=trixie"}],"aliases":["CVE-2019-19921"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4vee-q5sz-gybz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/2251?format=json","vulnerability_id":"VCID-81dv-8gwj-quax","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9962.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9962.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9962","reference_id":"","reference_type":"","scores":[{"value":"0.00077","scoring_system":"epss","scoring_elements":"0.23166","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9962"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9962","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9962"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.1","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:M/Au:S/C:P/I:P/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1409531","reference_id":"1409531","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1409531"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=850951","reference_id":"850951","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=850951"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=850952","reference_id":"850952","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=850952"},{"reference_url":"https://security.archlinux.org/ASA-201701-19","reference_id":"ASA-201701-19","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201701-19"},{"reference_url":"https://security.archlinux.org/ASA-201805-11","reference_id":"ASA-201805-11","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201805-11"},{"reference_url":"https://security.archlinux.org/AVG-133","reference_id":"AVG-133","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-133"},{"reference_url":"https://security.archlinux.org/AVG-134","reference_id":"AVG-134","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-134"},{"reference_url":"https://security.gentoo.org/glsa/201701-34","reference_id":"GLSA-201701-34","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-34"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:0116","reference_id":"RHSA-2017:0116","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:0116"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:0123","reference_id":"RHSA-2017:0123","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:0123"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:0127","reference_id":"RHSA-2017:0127","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:0127"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/102930?format=json","purl":"pkg:deb/debian/runc@0.1.1%2Bdfsg1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/runc@0.1.1%252Bdfsg1-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/102926?format=json","purl":"pkg:deb/debian/runc@1.0.0~rc93%2Bds1-5%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-9gr9-s1g1-t7au"},{"vulnerability":"VCID-h7hq-w8sq-q7bt"},{"vulnerability":"VCID-prvp-wmj3-sfaw"},{"vulnerability":"VCID-wv7w-9wmg-mugx"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/runc@1.0.0~rc93%252Bds1-5%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/102924?format=json","purl":"pkg:deb/debian/runc@1.1.5%2Bds1-1%2Bdeb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-9gr9-s1g1-t7au"},{"vulnerability":"VCID-h7hq-w8sq-q7bt"},{"vulnerability":"VCID-prvp-wmj3-sfaw"},{"vulnerability":"VCID-wv7w-9wmg-mugx"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/runc@1.1.5%252Bds1-1%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/102928?format=json","purl":"pkg:deb/debian/runc@1.1.15%2Bds1-2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-9gr9-s1g1-t7au"},{"vulnerability":"VCID-h7hq-w8sq-q7bt"},{"vulnerability":"VCID-prvp-wmj3-sfaw"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/runc@1.1.15%252Bds1-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/102927?format=json","purl":"pkg:deb/debian/runc@1.3.5%2Bds1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/runc@1.3.5%252Bds1-1%3Fdistro=trixie"}],"aliases":["CVE-2016-9962"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-81dv-8gwj-quax"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/9415?format=json","vulnerability_id":"VCID-8uq2-axdd-a7au","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-30465.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-30465.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-30465","reference_id":"","reference_type":"","scores":[{"value":"0.01473","scoring_system":"epss","scoring_elements":"0.81361","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-30465"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30465","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30465"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1954736","reference_id":"1954736","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1954736"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=988768","reference_id":"988768","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=988768"},{"reference_url":"https://security.archlinux.org/ASA-202105-17","reference_id":"ASA-202105-17","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202105-17"},{"reference_url":"https://security.archlinux.org/AVG-1972","reference_id":"AVG-1972","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1972"},{"reference_url":"https://security.gentoo.org/glsa/202107-26","reference_id":"GLSA-202107-26","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202107-26"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:1562","reference_id":"RHSA-2021:1562","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:1562"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:1566","reference_id":"RHSA-2021:1566","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:1566"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:2057","reference_id":"RHSA-2021:2057","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:2057"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:2144","reference_id":"RHSA-2021:2144","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:2144"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:2145","reference_id":"RHSA-2021:2145","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:2145"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:2150","reference_id":"RHSA-2021:2150","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:2150"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:2291","reference_id":"RHSA-2021:2291","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:2291"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:2292","reference_id":"RHSA-2021:2292","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:2292"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:2370","reference_id":"RHSA-2021:2370","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:2370"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:2371","reference_id":"RHSA-2021:2371","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:2371"},{"reference_url":"https://usn.ubuntu.com/4960-1/","reference_id":"USN-4960-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4960-1/"},{"reference_url":"https://usn.ubuntu.com/USN-4867-1/","reference_id":"USN-USN-4867-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/USN-4867-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/102934?format=json","purl":"pkg:deb/debian/runc@1.0.0~rc93%2Bds1-5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/runc@1.0.0~rc93%252Bds1-5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/102926?format=json","purl":"pkg:deb/debian/runc@1.0.0~rc93%2Bds1-5%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-9gr9-s1g1-t7au"},{"vulnerability":"VCID-h7hq-w8sq-q7bt"},{"vulnerability":"VCID-prvp-wmj3-sfaw"},{"vulnerability":"VCID-wv7w-9wmg-mugx"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/runc@1.0.0~rc93%252Bds1-5%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/102924?format=json","purl":"pkg:deb/debian/runc@1.1.5%2Bds1-1%2Bdeb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-9gr9-s1g1-t7au"},{"vulnerability":"VCID-h7hq-w8sq-q7bt"},{"vulnerability":"VCID-prvp-wmj3-sfaw"},{"vulnerability":"VCID-wv7w-9wmg-mugx"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/runc@1.1.5%252Bds1-1%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/102928?format=json","purl":"pkg:deb/debian/runc@1.1.15%2Bds1-2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-9gr9-s1g1-t7au"},{"vulnerability":"VCID-h7hq-w8sq-q7bt"},{"vulnerability":"VCID-prvp-wmj3-sfaw"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/runc@1.1.15%252Bds1-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/102927?format=json","purl":"pkg:deb/debian/runc@1.3.5%2Bds1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/runc@1.3.5%252Bds1-1%3Fdistro=trixie"}],"aliases":["CVE-2021-30465"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8uq2-axdd-a7au"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/6546?format=json","vulnerability_id":"VCID-9mc4-e9wu-13de","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-16884.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-16884.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-16884","reference_id":"","reference_type":"","scores":[{"value":"0.0032","scoring_system":"epss","scoring_elements":"0.55463","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-16884"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16884","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16884"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1757214","reference_id":"1757214","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1757214"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=942026","reference_id":"942026","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=942026"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=942027","reference_id":"942027","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=942027"},{"reference_url":"https://security.gentoo.org/glsa/202003-21","reference_id":"GLSA-202003-21","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202003-21"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:3940","reference_id":"RHSA-2019:3940","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:3940"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:4074","reference_id":"RHSA-2019:4074","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:4074"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:4269","reference_id":"RHSA-2019:4269","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:4269"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1234","reference_id":"RHSA-2020:1234","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1234"},{"reference_url":"https://usn.ubuntu.com/4297-1/","reference_id":"USN-4297-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4297-1/"},{"reference_url":"https://usn.ubuntu.com/USN-4867-1/","reference_id":"USN-USN-4867-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/USN-4867-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/102931?format=json","purl":"pkg:deb/debian/runc@1.0.0~rc9%2Bdfsg1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/runc@1.0.0~rc9%252Bdfsg1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/102926?format=json","purl":"pkg:deb/debian/runc@1.0.0~rc93%2Bds1-5%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-9gr9-s1g1-t7au"},{"vulnerability":"VCID-h7hq-w8sq-q7bt"},{"vulnerability":"VCID-prvp-wmj3-sfaw"},{"vulnerability":"VCID-wv7w-9wmg-mugx"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/runc@1.0.0~rc93%252Bds1-5%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/102924?format=json","purl":"pkg:deb/debian/runc@1.1.5%2Bds1-1%2Bdeb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-9gr9-s1g1-t7au"},{"vulnerability":"VCID-h7hq-w8sq-q7bt"},{"vulnerability":"VCID-prvp-wmj3-sfaw"},{"vulnerability":"VCID-wv7w-9wmg-mugx"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/runc@1.1.5%252Bds1-1%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/102928?format=json","purl":"pkg:deb/debian/runc@1.1.15%2Bds1-2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-9gr9-s1g1-t7au"},{"vulnerability":"VCID-h7hq-w8sq-q7bt"},{"vulnerability":"VCID-prvp-wmj3-sfaw"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/runc@1.1.15%252Bds1-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/102927?format=json","purl":"pkg:deb/debian/runc@1.3.5%2Bds1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/runc@1.3.5%252Bds1-1%3Fdistro=trixie"}],"aliases":["CVE-2019-16884"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9mc4-e9wu-13de"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/7126?format=json","vulnerability_id":"VCID-av2x-1tvz-cbaf","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-5736.json","reference_id":"","reference_type":"","scores":[{"value":"7.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-5736.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-5736","reference_id":"","reference_type":"","scores":[{"value":"0.59178","scoring_system":"epss","scoring_elements":"0.98271","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-5736"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5736","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5736"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1664908","reference_id":"1664908","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1664908"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=922050","reference_id":"922050","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=922050"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=922169","reference_id":"922169","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=922169"},{"reference_url":"https://security.archlinux.org/ASA-201902-20","reference_id":"ASA-201902-20","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201902-20"},{"reference_url":"https://security.archlinux.org/ASA-201902-6","reference_id":"ASA-201902-6","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201902-6"},{"reference_url":"https://security.archlinux.org/AVG-878","reference_id":"AVG-878","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-878"},{"reference_url":"https://security.archlinux.org/AVG-880","reference_id":"AVG-880","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-880"},{"reference_url":"https://security.archlinux.org/AVG-892","reference_id":"AVG-892","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-892"},{"reference_url":"https://security.archlinux.org/AVG-893","reference_id":"AVG-893","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-893"},{"reference_url":"https://security.archlinux.org/AVG-895","reference_id":"AVG-895","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-895"},{"reference_url":"https://security.gentoo.org/glsa/202003-21","reference_id":"GLSA-202003-21","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202003-21"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:0303","reference_id":"RHSA-2019:0303","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:0303"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:0304","reference_id":"RHSA-2019:0304","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:0304"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:0401","reference_id":"RHSA-2019:0401","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:0401"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:0408","reference_id":"RHSA-2019:0408","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:0408"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:0975","reference_id":"RHSA-2019:0975","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:0975"},{"reference_url":"https://usn.ubuntu.com/4048-1/","reference_id":"USN-4048-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4048-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/102933?format=json","purl":"pkg:deb/debian/runc@1.0.0~rc6%2Bdfsg1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/runc@1.0.0~rc6%252Bdfsg1-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/102926?format=json","purl":"pkg:deb/debian/runc@1.0.0~rc93%2Bds1-5%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-9gr9-s1g1-t7au"},{"vulnerability":"VCID-h7hq-w8sq-q7bt"},{"vulnerability":"VCID-prvp-wmj3-sfaw"},{"vulnerability":"VCID-wv7w-9wmg-mugx"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/runc@1.0.0~rc93%252Bds1-5%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/102924?format=json","purl":"pkg:deb/debian/runc@1.1.5%2Bds1-1%2Bdeb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-9gr9-s1g1-t7au"},{"vulnerability":"VCID-h7hq-w8sq-q7bt"},{"vulnerability":"VCID-prvp-wmj3-sfaw"},{"vulnerability":"VCID-wv7w-9wmg-mugx"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/runc@1.1.5%252Bds1-1%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/102928?format=json","purl":"pkg:deb/debian/runc@1.1.15%2Bds1-2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-9gr9-s1g1-t7au"},{"vulnerability":"VCID-h7hq-w8sq-q7bt"},{"vulnerability":"VCID-prvp-wmj3-sfaw"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/runc@1.1.15%252Bds1-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/102927?format=json","purl":"pkg:deb/debian/runc@1.3.5%2Bds1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/runc@1.3.5%252Bds1-1%3Fdistro=trixie"}],"aliases":["CVE-2019-5736"],"risk_score":10.0,"exploitability":"2.0","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-av2x-1tvz-cbaf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/212504?format=json","vulnerability_id":"VCID-bbhp-gr2v-c3gm","summary":"Docker Engine 1.12.2 enabled ambient capabilities with misconfigured capability policies. This allowed malicious images to bypass user permissions to access files within the container filesystem or mounted volumes.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8867.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8867.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-8867","reference_id":"","reference_type":"","scores":[{"value":"0.00395","scoring_system":"epss","scoring_elements":"0.60756","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-8867"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1390163","reference_id":"1390163","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1390163"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:2653","reference_id":"RHSA-2020:2653","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:2653"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/102929?format=json","purl":"pkg:deb/debian/runc@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/runc@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/102926?format=json","purl":"pkg:deb/debian/runc@1.0.0~rc93%2Bds1-5%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-9gr9-s1g1-t7au"},{"vulnerability":"VCID-h7hq-w8sq-q7bt"},{"vulnerability":"VCID-prvp-wmj3-sfaw"},{"vulnerability":"VCID-wv7w-9wmg-mugx"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/runc@1.0.0~rc93%252Bds1-5%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/102924?format=json","purl":"pkg:deb/debian/runc@1.1.5%2Bds1-1%2Bdeb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-9gr9-s1g1-t7au"},{"vulnerability":"VCID-h7hq-w8sq-q7bt"},{"vulnerability":"VCID-prvp-wmj3-sfaw"},{"vulnerability":"VCID-wv7w-9wmg-mugx"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/runc@1.1.5%252Bds1-1%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/102928?format=json","purl":"pkg:deb/debian/runc@1.1.15%2Bds1-2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-9gr9-s1g1-t7au"},{"vulnerability":"VCID-h7hq-w8sq-q7bt"},{"vulnerability":"VCID-prvp-wmj3-sfaw"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/runc@1.1.15%252Bds1-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/102927?format=json","purl":"pkg:deb/debian/runc@1.3.5%2Bds1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/runc@1.3.5%252Bds1-1%3Fdistro=trixie"}],"aliases":["CVE-2016-8867"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-bbhp-gr2v-c3gm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/15342?format=json","vulnerability_id":"VCID-bvcn-drus-kkds","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-28642.json","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-28642.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-28642","reference_id":"","reference_type":"","scores":[{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01858","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-28642"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28642","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28642"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2182883","reference_id":"2182883","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2182883"},{"reference_url":"https://github.com/opencontainers/runc/pull/3785","reference_id":"3785","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-12T16:02:47Z/"}],"url":"https://github.com/opencontainers/runc/pull/3785"},{"reference_url":"https://github.com/opencontainers/runc/security/advisories/GHSA-g2j6-57v7-gm8c","reference_id":"GHSA-g2j6-57v7-gm8c","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-12T16:02:47Z/"}],"url":"https://github.com/opencontainers/runc/security/advisories/GHSA-g2j6-57v7-gm8c"},{"reference_url":"https://security.gentoo.org/glsa/202408-25","reference_id":"GLSA-202408-25","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202408-25"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1326","reference_id":"RHSA-2023:1326","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1326"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6380","reference_id":"RHSA-2023:6380","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6380"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6938","reference_id":"RHSA-2023:6938","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6938"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6939","reference_id":"RHSA-2023:6939","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6939"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0564","reference_id":"RHSA-2024:0564","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0564"},{"reference_url":"https://usn.ubuntu.com/6088-1/","reference_id":"USN-6088-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6088-1/"},{"reference_url":"https://usn.ubuntu.com/6088-2/","reference_id":"USN-6088-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6088-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/102926?format=json","purl":"pkg:deb/debian/runc@1.0.0~rc93%2Bds1-5%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-9gr9-s1g1-t7au"},{"vulnerability":"VCID-h7hq-w8sq-q7bt"},{"vulnerability":"VCID-prvp-wmj3-sfaw"},{"vulnerability":"VCID-wv7w-9wmg-mugx"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/runc@1.0.0~rc93%252Bds1-5%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/102939?format=json","purl":"pkg:deb/debian/runc@1.1.5%2Bds1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/runc@1.1.5%252Bds1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/102924?format=json","purl":"pkg:deb/debian/runc@1.1.5%2Bds1-1%2Bdeb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-9gr9-s1g1-t7au"},{"vulnerability":"VCID-h7hq-w8sq-q7bt"},{"vulnerability":"VCID-prvp-wmj3-sfaw"},{"vulnerability":"VCID-wv7w-9wmg-mugx"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/runc@1.1.5%252Bds1-1%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/102928?format=json","purl":"pkg:deb/debian/runc@1.1.15%2Bds1-2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-9gr9-s1g1-t7au"},{"vulnerability":"VCID-h7hq-w8sq-q7bt"},{"vulnerability":"VCID-prvp-wmj3-sfaw"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/runc@1.1.15%252Bds1-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/102927?format=json","purl":"pkg:deb/debian/runc@1.3.5%2Bds1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/runc@1.3.5%252Bds1-1%3Fdistro=trixie"}],"aliases":["CVE-2023-28642"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-bvcn-drus-kkds"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/1202?format=json","vulnerability_id":"VCID-p1kp-wrq2-13cd","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3697.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3697.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-3697","reference_id":"","reference_type":"","scores":[{"value":"0.00069","scoring_system":"epss","scoring_elements":"0.2131","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-3697"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3697","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3697"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.1","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:H/Au:N/C:P/I:P/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1329450","reference_id":"1329450","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1329450"},{"reference_url":"https://security.gentoo.org/glsa/201612-28","reference_id":"GLSA-201612-28","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201612-28"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1034","reference_id":"RHSA-2016:1034","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1034"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:2634","reference_id":"RHSA-2016:2634","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:2634"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/102925?format=json","purl":"pkg:deb/debian/runc@0.1.0%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/runc@0.1.0%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/102926?format=json","purl":"pkg:deb/debian/runc@1.0.0~rc93%2Bds1-5%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-9gr9-s1g1-t7au"},{"vulnerability":"VCID-h7hq-w8sq-q7bt"},{"vulnerability":"VCID-prvp-wmj3-sfaw"},{"vulnerability":"VCID-wv7w-9wmg-mugx"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/runc@1.0.0~rc93%252Bds1-5%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/102924?format=json","purl":"pkg:deb/debian/runc@1.1.5%2Bds1-1%2Bdeb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-9gr9-s1g1-t7au"},{"vulnerability":"VCID-h7hq-w8sq-q7bt"},{"vulnerability":"VCID-prvp-wmj3-sfaw"},{"vulnerability":"VCID-wv7w-9wmg-mugx"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/runc@1.1.5%252Bds1-1%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/102928?format=json","purl":"pkg:deb/debian/runc@1.1.15%2Bds1-2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-9gr9-s1g1-t7au"},{"vulnerability":"VCID-h7hq-w8sq-q7bt"},{"vulnerability":"VCID-prvp-wmj3-sfaw"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/runc@1.1.15%252Bds1-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/102927?format=json","purl":"pkg:deb/debian/runc@1.3.5%2Bds1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/runc@1.3.5%252Bds1-1%3Fdistro=trixie"}],"aliases":["CVE-2016-3697"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-p1kp-wrq2-13cd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/15302?format=json","vulnerability_id":"VCID-udxc-qvdm-2kaf","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-27561.json","reference_id":"","reference_type":"","scores":[{"value":"7.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-27561.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-27561","reference_id":"","reference_type":"","scores":[{"value":"0.00146","scoring_system":"epss","scoring_elements":"0.34831","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-27561"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-27561","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-27561"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1033520","reference_id":"1033520","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1033520"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2175721","reference_id":"2175721","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2175721"},{"reference_url":"https://github.com/opencontainers/runc/issues/2197#issuecomment-1437617334","reference_id":"2197#issuecomment-1437617334","reference_type":"","scores":[{"value":"7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-26T04:00:21Z/"}],"url":"https://github.com/opencontainers/runc/issues/2197#issuecomment-1437617334"},{"reference_url":"https://github.com/opencontainers/runc/issues/3751","reference_id":"3751","reference_type":"","scores":[{"value":"7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-26T04:00:21Z/"}],"url":"https://github.com/opencontainers/runc/issues/3751"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ANUGDBJ7NBUMSUFZUSKU3ZMQYZ2Z3STN/","reference_id":"ANUGDBJ7NBUMSUFZUSKU3ZMQYZ2Z3STN","reference_type":"","scores":[{"value":"7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-26T04:00:21Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ANUGDBJ7NBUMSUFZUSKU3ZMQYZ2Z3STN/"},{"reference_url":"https://gist.github.com/LiveOverflow/c937820b688922eb127fb760ce06dab9","reference_id":"c937820b688922eb127fb760ce06dab9","reference_type":"","scores":[{"value":"7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-26T04:00:21Z/"}],"url":"https://gist.github.com/LiveOverflow/c937820b688922eb127fb760ce06dab9"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DHGVGGMKGZSJ7YO67TGGPFEHBYMS63VF/","reference_id":"DHGVGGMKGZSJ7YO67TGGPFEHBYMS63VF","reference_type":"","scores":[{"value":"7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-26T04:00:21Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DHGVGGMKGZSJ7YO67TGGPFEHBYMS63VF/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNB2UEDIIJCRQW4WJLZOPQJZXCVSXMLD/","reference_id":"FNB2UEDIIJCRQW4WJLZOPQJZXCVSXMLD","reference_type":"","scores":[{"value":"7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-26T04:00:21Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNB2UEDIIJCRQW4WJLZOPQJZXCVSXMLD/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FYVE3GB4OG3BNT5DLQHYO4M5SXX33AQ5/","reference_id":"FYVE3GB4OG3BNT5DLQHYO4M5SXX33AQ5","reference_type":"","scores":[{"value":"7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-26T04:00:21Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FYVE3GB4OG3BNT5DLQHYO4M5SXX33AQ5/"},{"reference_url":"https://security.gentoo.org/glsa/202408-25","reference_id":"GLSA-202408-25","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202408-25"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I6BF24VCZRFTYBTT3T7HDZUOTKOTNPLZ/","reference_id":"I6BF24VCZRFTYBTT3T7HDZUOTKOTNPLZ","reference_type":"","scores":[{"value":"7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-26T04:00:21Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I6BF24VCZRFTYBTT3T7HDZUOTKOTNPLZ/"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2023/03/msg00023.html","reference_id":"msg00023.html","reference_type":"","scores":[{"value":"7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-26T04:00:21Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2023/03/msg00023.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1326","reference_id":"RHSA-2023:1326","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1326"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3612","reference_id":"RHSA-2023:3612","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3612"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5006","reference_id":"RHSA-2023:5006","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5006"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6380","reference_id":"RHSA-2023:6380","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6380"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6938","reference_id":"RHSA-2023:6938","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6938"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6939","reference_id":"RHSA-2023:6939","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6939"},{"reference_url":"https://usn.ubuntu.com/6088-1/","reference_id":"USN-6088-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6088-1/"},{"reference_url":"https://usn.ubuntu.com/6088-2/","reference_id":"USN-6088-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6088-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/102926?format=json","purl":"pkg:deb/debian/runc@1.0.0~rc93%2Bds1-5%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-9gr9-s1g1-t7au"},{"vulnerability":"VCID-h7hq-w8sq-q7bt"},{"vulnerability":"VCID-prvp-wmj3-sfaw"},{"vulnerability":"VCID-wv7w-9wmg-mugx"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/runc@1.0.0~rc93%252Bds1-5%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/102939?format=json","purl":"pkg:deb/debian/runc@1.1.5%2Bds1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/runc@1.1.5%252Bds1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/102924?format=json","purl":"pkg:deb/debian/runc@1.1.5%2Bds1-1%2Bdeb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-9gr9-s1g1-t7au"},{"vulnerability":"VCID-h7hq-w8sq-q7bt"},{"vulnerability":"VCID-prvp-wmj3-sfaw"},{"vulnerability":"VCID-wv7w-9wmg-mugx"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/runc@1.1.5%252Bds1-1%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/102928?format=json","purl":"pkg:deb/debian/runc@1.1.15%2Bds1-2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-9gr9-s1g1-t7au"},{"vulnerability":"VCID-h7hq-w8sq-q7bt"},{"vulnerability":"VCID-prvp-wmj3-sfaw"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/runc@1.1.15%252Bds1-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/102927?format=json","purl":"pkg:deb/debian/runc@1.3.5%2Bds1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/runc@1.3.5%252Bds1-1%3Fdistro=trixie"}],"aliases":["CVE-2023-27561"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-udxc-qvdm-2kaf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/11845?format=json","vulnerability_id":"VCID-w7ey-cfyu-zkc9","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-29162.json","reference_id":"","reference_type":"","scores":[{"value":"5.6","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-29162.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-29162","reference_id":"","reference_type":"","scores":[{"value":"0.00127","scoring_system":"epss","scoring_elements":"0.31519","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-29162"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29162","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29162"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2086398","reference_id":"2086398","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2086398"},{"reference_url":"https://security.archlinux.org/AVG-2707","reference_id":"AVG-2707","reference_type":"","scores":[{"value":"Low","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2707"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AVPZBV7ISA7QKRPTC7ZXWKMIQI2HZEBB/","reference_id":"AVPZBV7ISA7QKRPTC7ZXWKMIQI2HZEBB","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T14:07:31Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AVPZBV7ISA7QKRPTC7ZXWKMIQI2HZEBB/"},{"reference_url":"https://github.com/opencontainers/runc/commit/d04de3a9b72d7a2455c1885fc75eb36d02cd17b5","reference_id":"d04de3a9b72d7a2455c1885fc75eb36d02cd17b5","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T14:07:31Z/"}],"url":"https://github.com/opencontainers/runc/commit/d04de3a9b72d7a2455c1885fc75eb36d02cd17b5"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/D77CKD3AXPMU4PMQIQI5Q74SI4JATNND/","reference_id":"D77CKD3AXPMU4PMQIQI5Q74SI4JATNND","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T14:07:31Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/D77CKD3AXPMU4PMQIQI5Q74SI4JATNND/"},{"reference_url":"https://github.com/opencontainers/runc/security/advisories/GHSA-f3fp-gc8g-vw66","reference_id":"GHSA-f3fp-gc8g-vw66","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T14:07:31Z/"}],"url":"https://github.com/opencontainers/runc/security/advisories/GHSA-f3fp-gc8g-vw66"},{"reference_url":"https://security.gentoo.org/glsa/202408-25","reference_id":"GLSA-202408-25","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202408-25"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GPQU4YC4AAY54JDXGDQHJEYKSXXG5T2Y/","reference_id":"GPQU4YC4AAY54JDXGDQHJEYKSXXG5T2Y","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T14:07:31Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GPQU4YC4AAY54JDXGDQHJEYKSXXG5T2Y/"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2023/03/msg00023.html","reference_id":"msg00023.html","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T14:07:31Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2023/03/msg00023.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5068","reference_id":"RHSA-2022:5068","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5068"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7457","reference_id":"RHSA-2022:7457","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7457"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7469","reference_id":"RHSA-2022:7469","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7469"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:8090","reference_id":"RHSA-2022:8090","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:8090"},{"reference_url":"https://usn.ubuntu.com/6088-2/","reference_id":"USN-6088-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6088-2/"},{"reference_url":"https://github.com/opencontainers/runc/releases/tag/v1.1.2","reference_id":"v1.1.2","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T14:07:31Z/"}],"url":"https://github.com/opencontainers/runc/releases/tag/v1.1.2"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/102938?format=json","purl":"pkg:deb/debian/runc@1.0.0~rc93%2Bds1-5%2Bdeb11u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/runc@1.0.0~rc93%252Bds1-5%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/102926?format=json","purl":"pkg:deb/debian/runc@1.0.0~rc93%2Bds1-5%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-9gr9-s1g1-t7au"},{"vulnerability":"VCID-h7hq-w8sq-q7bt"},{"vulnerability":"VCID-prvp-wmj3-sfaw"},{"vulnerability":"VCID-wv7w-9wmg-mugx"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/runc@1.0.0~rc93%252Bds1-5%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/102937?format=json","purl":"pkg:deb/debian/runc@1.1.3%2Bds1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/runc@1.1.3%252Bds1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/102924?format=json","purl":"pkg:deb/debian/runc@1.1.5%2Bds1-1%2Bdeb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-9gr9-s1g1-t7au"},{"vulnerability":"VCID-h7hq-w8sq-q7bt"},{"vulnerability":"VCID-prvp-wmj3-sfaw"},{"vulnerability":"VCID-wv7w-9wmg-mugx"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/runc@1.1.5%252Bds1-1%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/102928?format=json","purl":"pkg:deb/debian/runc@1.1.15%2Bds1-2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-9gr9-s1g1-t7au"},{"vulnerability":"VCID-h7hq-w8sq-q7bt"},{"vulnerability":"VCID-prvp-wmj3-sfaw"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/runc@1.1.15%252Bds1-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/102927?format=json","purl":"pkg:deb/debian/runc@1.3.5%2Bds1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/runc@1.3.5%252Bds1-1%3Fdistro=trixie"}],"aliases":["CVE-2022-29162"],"risk_score":2.6,"exploitability":"0.5","weighted_severity":"5.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-w7ey-cfyu-zkc9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/15234?format=json","vulnerability_id":"VCID-w7nv-5nq4-huce","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-25809.json","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-25809.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-25809","reference_id":"","reference_type":"","scores":[{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.11281","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-25809"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25809","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25809"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"2.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/opencontainers/runc/commit/0d62b950e60f6980b54fe3bafd9a9c608dc1df17","reference_id":"0d62b950e60f6980b54fe3bafd9a9c608dc1df17","reference_type":"","scores":[{"value":"5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-12T16:02:19Z/"}],"url":"https://github.com/opencontainers/runc/commit/0d62b950e60f6980b54fe3bafd9a9c608dc1df17"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2182884","reference_id":"2182884","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2182884"},{"reference_url":"https://github.com/opencontainers/runc/security/advisories/GHSA-m8cg-xc2p-r3fc","reference_id":"GHSA-m8cg-xc2p-r3fc","reference_type":"","scores":[{"value":"5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-12T16:02:19Z/"}],"url":"https://github.com/opencontainers/runc/security/advisories/GHSA-m8cg-xc2p-r3fc"},{"reference_url":"https://security.gentoo.org/glsa/202408-25","reference_id":"GLSA-202408-25","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202408-25"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1326","reference_id":"RHSA-2023:1326","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1326"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6380","reference_id":"RHSA-2023:6380","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6380"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6938","reference_id":"RHSA-2023:6938","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6938"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6939","reference_id":"RHSA-2023:6939","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6939"},{"reference_url":"https://usn.ubuntu.com/6088-1/","reference_id":"USN-6088-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6088-1/"},{"reference_url":"https://usn.ubuntu.com/6088-2/","reference_id":"USN-6088-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6088-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/102936?format=json","purl":"pkg:deb/debian/runc@1.0.0~rc93%2Bds1-5%2Bdeb11u4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/runc@1.0.0~rc93%252Bds1-5%252Bdeb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/102926?format=json","purl":"pkg:deb/debian/runc@1.0.0~rc93%2Bds1-5%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-9gr9-s1g1-t7au"},{"vulnerability":"VCID-h7hq-w8sq-q7bt"},{"vulnerability":"VCID-prvp-wmj3-sfaw"},{"vulnerability":"VCID-wv7w-9wmg-mugx"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/runc@1.0.0~rc93%252Bds1-5%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/102939?format=json","purl":"pkg:deb/debian/runc@1.1.5%2Bds1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/runc@1.1.5%252Bds1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/102924?format=json","purl":"pkg:deb/debian/runc@1.1.5%2Bds1-1%2Bdeb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-9gr9-s1g1-t7au"},{"vulnerability":"VCID-h7hq-w8sq-q7bt"},{"vulnerability":"VCID-prvp-wmj3-sfaw"},{"vulnerability":"VCID-wv7w-9wmg-mugx"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/runc@1.1.5%252Bds1-1%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/102928?format=json","purl":"pkg:deb/debian/runc@1.1.15%2Bds1-2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-9gr9-s1g1-t7au"},{"vulnerability":"VCID-h7hq-w8sq-q7bt"},{"vulnerability":"VCID-prvp-wmj3-sfaw"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/runc@1.1.15%252Bds1-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/102927?format=json","purl":"pkg:deb/debian/runc@1.3.5%2Bds1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/runc@1.3.5%252Bds1-1%3Fdistro=trixie"}],"aliases":["CVE-2023-25809"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-w7nv-5nq4-huce"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/18185?format=json","vulnerability_id":"VCID-x1tp-vr56-y7ey","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21626.json","reference_id":"","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21626.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-21626","reference_id":"","reference_type":"","scores":[{"value":"0.04711","scoring_system":"epss","scoring_elements":"0.89612","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-21626"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21626","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21626"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/opencontainers/runc/commit/02120488a4c0fc487d1ed2867e901eeed7ce8ecf","reference_id":"02120488a4c0fc487d1ed2867e901eeed7ce8ecf","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-04-19T04:01:01Z/"}],"url":"https://github.com/opencontainers/runc/commit/02120488a4c0fc487d1ed2867e901eeed7ce8ecf"},{"reference_url":"http://www.openwall.com/lists/oss-security/2024/02/01/1","reference_id":"1","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-04-19T04:01:01Z/"}],"url":"http://www.openwall.com/lists/oss-security/2024/02/01/1"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1062532","reference_id":"1062532","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1062532"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2258725","reference_id":"2258725","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2258725"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2NLXNE23Q5ESQUAI22Z7A63JX2WMPJ2J/","reference_id":"2NLXNE23Q5ESQUAI22Z7A63JX2WMPJ2J","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-04-19T04:01:01Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2NLXNE23Q5ESQUAI22Z7A63JX2WMPJ2J/"},{"reference_url":"http://www.openwall.com/lists/oss-security/2024/02/02/3","reference_id":"3","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-04-19T04:01:01Z/"}],"url":"http://www.openwall.com/lists/oss-security/2024/02/02/3"},{"reference_url":"https://github.com/opencontainers/runc/security/advisories/GHSA-xr7r-f8xq-vfvv","reference_id":"GHSA-xr7r-f8xq-vfvv","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-04-19T04:01:01Z/"}],"url":"https://github.com/opencontainers/runc/security/advisories/GHSA-xr7r-f8xq-vfvv"},{"reference_url":"https://security.gentoo.org/glsa/202408-25","reference_id":"GLSA-202408-25","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202408-25"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2024/02/msg00005.html","reference_id":"msg00005.html","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-04-19T04:01:01Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2024/02/msg00005.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0645","reference_id":"RHSA-2024:0645","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0645"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0662","reference_id":"RHSA-2024:0662","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0662"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0666","reference_id":"RHSA-2024:0666","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0666"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0670","reference_id":"RHSA-2024:0670","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0670"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0684","reference_id":"RHSA-2024:0684","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0684"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0717","reference_id":"RHSA-2024:0717","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0717"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0748","reference_id":"RHSA-2024:0748","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0748"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0752","reference_id":"RHSA-2024:0752","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0752"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0755","reference_id":"RHSA-2024:0755","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0755"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0756","reference_id":"RHSA-2024:0756","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0756"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0757","reference_id":"RHSA-2024:0757","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0757"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0758","reference_id":"RHSA-2024:0758","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0758"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0759","reference_id":"RHSA-2024:0759","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0759"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0760","reference_id":"RHSA-2024:0760","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0760"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0764","reference_id":"RHSA-2024:0764","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0764"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10149","reference_id":"RHSA-2024:10149","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10149"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10520","reference_id":"RHSA-2024:10520","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10520"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10525","reference_id":"RHSA-2024:10525","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10525"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10841","reference_id":"RHSA-2024:10841","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10841"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1270","reference_id":"RHSA-2024:1270","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1270"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4597","reference_id":"RHSA-2024:4597","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4597"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0115","reference_id":"RHSA-2025:0115","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0115"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0650","reference_id":"RHSA-2025:0650","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0650"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1711","reference_id":"RHSA-2025:1711","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1711"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2441","reference_id":"RHSA-2025:2441","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2441"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2701","reference_id":"RHSA-2025:2701","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2701"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2710","reference_id":"RHSA-2025:2710","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:2710"},{"reference_url":"http://packetstormsecurity.com/files/176993/runc-1.1.11-File-Descriptor-Leak-Privilege-Escalation.html","reference_id":"runc-1.1.11-File-Descriptor-Leak-Privilege-Escalation.html","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-04-19T04:01:01Z/"}],"url":"http://packetstormsecurity.com/files/176993/runc-1.1.11-File-Descriptor-Leak-Privilege-Escalation.html"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SYMO3BANINS6RGFQFKPRG4FIOJ7GWYTL/","reference_id":"SYMO3BANINS6RGFQFKPRG4FIOJ7GWYTL","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-04-19T04:01:01Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SYMO3BANINS6RGFQFKPRG4FIOJ7GWYTL/"},{"reference_url":"https://usn.ubuntu.com/6619-1/","reference_id":"USN-6619-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6619-1/"},{"reference_url":"https://github.com/opencontainers/runc/releases/tag/v1.1.12","reference_id":"v1.1.12","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-04-19T04:01:01Z/"}],"url":"https://github.com/opencontainers/runc/releases/tag/v1.1.12"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/102940?format=json","purl":"pkg:deb/debian/runc@1.0.0~rc93%2Bds1-5%2Bdeb11u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/runc@1.0.0~rc93%252Bds1-5%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/102926?format=json","purl":"pkg:deb/debian/runc@1.0.0~rc93%2Bds1-5%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-9gr9-s1g1-t7au"},{"vulnerability":"VCID-h7hq-w8sq-q7bt"},{"vulnerability":"VCID-prvp-wmj3-sfaw"},{"vulnerability":"VCID-wv7w-9wmg-mugx"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/runc@1.0.0~rc93%252Bds1-5%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/102924?format=json","purl":"pkg:deb/debian/runc@1.1.5%2Bds1-1%2Bdeb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-9gr9-s1g1-t7au"},{"vulnerability":"VCID-h7hq-w8sq-q7bt"},{"vulnerability":"VCID-prvp-wmj3-sfaw"},{"vulnerability":"VCID-wv7w-9wmg-mugx"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/runc@1.1.5%252Bds1-1%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/102941?format=json","purl":"pkg:deb/debian/runc@1.1.12%2Bds1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/runc@1.1.12%252Bds1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/102928?format=json","purl":"pkg:deb/debian/runc@1.1.15%2Bds1-2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-9gr9-s1g1-t7au"},{"vulnerability":"VCID-h7hq-w8sq-q7bt"},{"vulnerability":"VCID-prvp-wmj3-sfaw"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/runc@1.1.15%252Bds1-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/102927?format=json","purl":"pkg:deb/debian/runc@1.3.5%2Bds1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/runc@1.3.5%252Bds1-1%3Fdistro=trixie"}],"aliases":["CVE-2024-21626"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-x1tp-vr56-y7ey"}],"risk_score":"3.8","resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/runc@1.1.5%252Bds1-1%252Bdeb12u1%3Fdistro=trixie"}