{"url":"http://public2.vulnerablecode.io/api/packages/393843?format=json","purl":"pkg:apk/alpine/net-snmp@5.9.3-r0?arch=s390x&distroversion=edge&reponame=main","type":"apk","namespace":"alpine","name":"net-snmp","version":"5.9.3-r0","qualifiers":{"arch":"s390x","distroversion":"edge","reponame":"main"},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":"5.9.3-r2","latest_non_vulnerable_version":"5.9.5.2-r0","affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/94553?format=json","vulnerability_id":"VCID-4b47-4p5x-47ab","summary":"net-snmp provides various tools relating to the Simple Network Management Protocol. Prior to version 5.9.2, a buffer overflow in the handling of the `INDEX` of             `NET-SNMP-VACM-MIB` can cause an out-of-bounds memory access. A user with read-only credentials can exploit the issue. Version 5.9.2 contains a patch. Users should use strong SNMPv3 credentials and avoid sharing the credentials. Those who must use SNMPv1 or SNMPv2c should use a complex community string and enhance the protection by restricting access to a given IP address range.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-24805.json","reference_id":"","reference_type":"","scores":[{"value":"6.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-24805.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-24805","reference_id":"","reference_type":"","scores":[{"value":"0.00289","scoring_system":"epss","scoring_elements":"0.52598","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00289","scoring_system":"epss","scoring_elements":"0.52643","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00289","scoring_system":"epss","scoring_elements":"0.52658","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00289","scoring_system":"epss","scoring_elements":"0.52665","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00289","scoring_system":"epss","scoring_elements":"0.52647","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00289","scoring_system":"epss","scoring_elements":"0.5262","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-24805"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24805","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24805"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24806","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24806"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24807","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24807"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24808","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24808"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24809","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24809"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24810","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24810"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1016139","reference_id":"1016139","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1016139"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2103225","reference_id":"2103225","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-23T20:41:49Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2103225"},{"reference_url":"https://github.com/net-snmp/net-snmp/commit/67ebb43e9038b2dae6e74ae8838b36fcc10fc937","reference_id":"67ebb43e9038b2dae6e74ae8838b36fcc10fc937","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-23T20:41:49Z/"}],"url":"https://github.com/net-snmp/net-snmp/commit/67ebb43e9038b2dae6e74ae8838b36fcc10fc937"},{"reference_url":"https://github.com/net-snmp/net-snmp/commit/ce66eb97c17aa9a48bc079be7b65895266fa6775","reference_id":"ce66eb97c17aa9a48bc079be7b65895266fa6775","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-23T20:41:49Z/"}],"url":"https://github.com/net-snmp/net-snmp/commit/ce66eb97c17aa9a48bc079be7b65895266fa6775"},{"reference_url":"https://www.debian.org/security/2022/dsa-5209","reference_id":"dsa-5209","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-23T20:41:49Z/"}],"url":"https://www.debian.org/security/2022/dsa-5209"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FX75KKGMO5XMV6JMQZF6KOG3JPFNQBY7/","reference_id":"FX75KKGMO5XMV6JMQZF6KOG3JPFNQBY7","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-23T20:41:49Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FX75KKGMO5XMV6JMQZF6KOG3JPFNQBY7/"},{"reference_url":"https://security.gentoo.org/glsa/202210-29","reference_id":"GLSA-202210-29","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-23T20:41:49Z/"}],"url":"https://security.gentoo.org/glsa/202210-29"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2022/08/msg00020.html","reference_id":"msg00020.html","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-23T20:41:49Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2022/08/msg00020.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7260","reference_id":"RHSA-2024:7260","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7260"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7875","reference_id":"RHSA-2024:7875","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7875"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2105238","reference_id":"show_bug.cgi?id=2105238","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-23T20:41:49Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2105238"},{"reference_url":"https://usn.ubuntu.com/5543-1/","reference_id":"USN-5543-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5543-1/"},{"reference_url":"https://usn.ubuntu.com/5795-2/","reference_id":"USN-5795-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5795-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/393843?format=json","purl":"pkg:apk/alpine/net-snmp@5.9.3-r0?arch=s390x&distroversion=edge&reponame=main","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/net-snmp@5.9.3-r0%3Farch=s390x&distroversion=edge&reponame=main"}],"aliases":["CVE-2022-24805"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"6.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4b47-4p5x-47ab"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/94561?format=json","vulnerability_id":"VCID-4qmk-t8qs-kkbp","summary":"net-snmp provides various tools relating to the Simple Network Management Protocol. Prior to version 5.9.2, a user with read-only credentials can use a malformed OID in a `GET-NEXT` to the `nsVacmAccessTable` to cause a NULL pointer dereference. Version 5.9.2 contains a patch. Users should use strong SNMPv3 credentials and avoid sharing the credentials. Those who must use SNMPv1 or SNMPv2c should use a complex community string and enhance the protection by restricting access to a given IP address range.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-24809.json","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-24809.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-24809","reference_id":"","reference_type":"","scores":[{"value":"0.00135","scoring_system":"epss","scoring_elements":"0.33068","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00135","scoring_system":"epss","scoring_elements":"0.33134","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00135","scoring_system":"epss","scoring_elements":"0.33171","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00135","scoring_system":"epss","scoring_elements":"0.33185","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00135","scoring_system":"epss","scoring_elements":"0.33146","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00135","scoring_system":"epss","scoring_elements":"0.33114","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-24809"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24805","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24805"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24806","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24806"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24807","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24807"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24808","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24808"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24809","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24809"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24810","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24810"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1016139","reference_id":"1016139","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1016139"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2104766","reference_id":"2104766","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2104766"},{"reference_url":"https://github.com/net-snmp/net-snmp/commit/ce66eb97c17aa9a48bc079be7b65895266fa6775","reference_id":"ce66eb97c17aa9a48bc079be7b65895266fa6775","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-13T17:11:17Z/"}],"url":"https://github.com/net-snmp/net-snmp/commit/ce66eb97c17aa9a48bc079be7b65895266fa6775"},{"reference_url":"https://www.debian.org/security/2022/dsa-5209","reference_id":"dsa-5209","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-13T17:11:17Z/"}],"url":"https://www.debian.org/security/2022/dsa-5209"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FX75KKGMO5XMV6JMQZF6KOG3JPFNQBY7/","reference_id":"FX75KKGMO5XMV6JMQZF6KOG3JPFNQBY7","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-13T17:11:17Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FX75KKGMO5XMV6JMQZF6KOG3JPFNQBY7/"},{"reference_url":"https://security.gentoo.org/glsa/202210-29","reference_id":"GLSA-202210-29","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-13T17:11:17Z/"}],"url":"https://security.gentoo.org/glsa/202210-29"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2022/08/msg00020.html","reference_id":"msg00020.html","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-13T17:11:17Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2022/08/msg00020.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7260","reference_id":"RHSA-2024:7260","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7260"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7875","reference_id":"RHSA-2024:7875","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7875"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2105242","reference_id":"show_bug.cgi?id=2105242","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-13T17:11:17Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2105242"},{"reference_url":"https://usn.ubuntu.com/5543-1/","reference_id":"USN-5543-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5543-1/"},{"reference_url":"https://usn.ubuntu.com/5795-2/","reference_id":"USN-5795-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5795-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/393843?format=json","purl":"pkg:apk/alpine/net-snmp@5.9.3-r0?arch=s390x&distroversion=edge&reponame=main","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/net-snmp@5.9.3-r0%3Farch=s390x&distroversion=edge&reponame=main"}],"aliases":["CVE-2022-24809"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4qmk-t8qs-kkbp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/94554?format=json","vulnerability_id":"VCID-cnbd-s5qc-wkbh","summary":"net-snmp provides various tools relating to the Simple Network Management Protocol. Prior to version 5.9.2, a user with read-write credentials can exploit an Improper Input Validation vulnerability when SETing malformed OIDs in master agent and subagent simultaneously. Version 5.9.2 contains a patch. Users should use strong SNMPv3 credentials and avoid sharing the credentials. Those who must use SNMPv1 or SNMPv2c should use a complex community string and enhance the protection by restricting access to a given IP address range.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-24806.json","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-24806.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-24806","reference_id":"","reference_type":"","scores":[{"value":"0.00162","scoring_system":"epss","scoring_elements":"0.3686","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00162","scoring_system":"epss","scoring_elements":"0.36899","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00162","scoring_system":"epss","scoring_elements":"0.36952","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00162","scoring_system":"epss","scoring_elements":"0.36958","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00162","scoring_system":"epss","scoring_elements":"0.36924","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00162","scoring_system":"epss","scoring_elements":"0.36886","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-24806"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24805","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24805"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24806","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24806"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24807","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24807"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24808","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24808"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24809","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24809"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24810","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24810"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1016139","reference_id":"1016139","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1016139"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2104759","reference_id":"2104759","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2104759"},{"reference_url":"https://github.com/net-snmp/net-snmp/commit/ce66eb97c17aa9a48bc079be7b65895266fa6775","reference_id":"ce66eb97c17aa9a48bc079be7b65895266fa6775","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-18T15:50:49Z/"}],"url":"https://github.com/net-snmp/net-snmp/commit/ce66eb97c17aa9a48bc079be7b65895266fa6775"},{"reference_url":"https://www.debian.org/security/2022/dsa-5209","reference_id":"dsa-5209","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-18T15:50:49Z/"}],"url":"https://www.debian.org/security/2022/dsa-5209"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FX75KKGMO5XMV6JMQZF6KOG3JPFNQBY7/","reference_id":"FX75KKGMO5XMV6JMQZF6KOG3JPFNQBY7","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-18T15:50:49Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FX75KKGMO5XMV6JMQZF6KOG3JPFNQBY7/"},{"reference_url":"https://security.gentoo.org/glsa/202210-29","reference_id":"GLSA-202210-29","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-18T15:50:49Z/"}],"url":"https://security.gentoo.org/glsa/202210-29"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2022/08/msg00020.html","reference_id":"msg00020.html","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-18T15:50:49Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2022/08/msg00020.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7260","reference_id":"RHSA-2024:7260","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7260"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7875","reference_id":"RHSA-2024:7875","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7875"},{"reference_url":"https://usn.ubuntu.com/5543-1/","reference_id":"USN-5543-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5543-1/"},{"reference_url":"https://usn.ubuntu.com/5795-2/","reference_id":"USN-5795-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5795-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/393843?format=json","purl":"pkg:apk/alpine/net-snmp@5.9.3-r0?arch=s390x&distroversion=edge&reponame=main","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/net-snmp@5.9.3-r0%3Farch=s390x&distroversion=edge&reponame=main"}],"aliases":["CVE-2022-24806"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-cnbd-s5qc-wkbh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/94559?format=json","vulnerability_id":"VCID-gu7f-b733-pfew","summary":"net-snmp provides various tools relating to the Simple Network Management Protocol. Prior to version 5.9.2, a user with read-write credentials can use a malformed OID in a `SET` request to `NET-SNMP-AGENT-MIB::nsLogTable` to cause a NULL pointer dereference. Version 5.9.2 contains a patch. Users should use strong SNMPv3 credentials and avoid sharing the credentials. Those who must use SNMPv1 or SNMPv2c should use a complex community string and enhance the protection by restricting access to a given IP address range.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-24808.json","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-24808.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-24808","reference_id":"","reference_type":"","scores":[{"value":"0.00226","scoring_system":"epss","scoring_elements":"0.45396","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00226","scoring_system":"epss","scoring_elements":"0.45437","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00226","scoring_system":"epss","scoring_elements":"0.45465","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00226","scoring_system":"epss","scoring_elements":"0.45469","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00226","scoring_system":"epss","scoring_elements":"0.45449","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00226","scoring_system":"epss","scoring_elements":"0.45424","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-24808"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24805","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24805"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24806","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24806"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24807","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24807"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24808","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24808"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24809","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24809"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24810","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24810"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1016139","reference_id":"1016139","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1016139"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2104768","reference_id":"2104768","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2104768"},{"reference_url":"https://github.com/net-snmp/net-snmp/commit/67ebb43e9038b2dae6e74ae8838b36fcc10fc937","reference_id":"67ebb43e9038b2dae6e74ae8838b36fcc10fc937","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-23T18:23:10Z/"}],"url":"https://github.com/net-snmp/net-snmp/commit/67ebb43e9038b2dae6e74ae8838b36fcc10fc937"},{"reference_url":"https://github.com/net-snmp/net-snmp/commit/ce66eb97c17aa9a48bc079be7b65895266fa6775","reference_id":"ce66eb97c17aa9a48bc079be7b65895266fa6775","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-23T18:23:10Z/"}],"url":"https://github.com/net-snmp/net-snmp/commit/ce66eb97c17aa9a48bc079be7b65895266fa6775"},{"reference_url":"https://www.debian.org/security/2022/dsa-5209","reference_id":"dsa-5209","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-23T18:23:10Z/"}],"url":"https://www.debian.org/security/2022/dsa-5209"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FX75KKGMO5XMV6JMQZF6KOG3JPFNQBY7/","reference_id":"FX75KKGMO5XMV6JMQZF6KOG3JPFNQBY7","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-23T18:23:10Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FX75KKGMO5XMV6JMQZF6KOG3JPFNQBY7/"},{"reference_url":"https://security.gentoo.org/glsa/202210-29","reference_id":"GLSA-202210-29","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-23T18:23:10Z/"}],"url":"https://security.gentoo.org/glsa/202210-29"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2022/08/msg00020.html","reference_id":"msg00020.html","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-23T18:23:10Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2022/08/msg00020.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7260","reference_id":"RHSA-2024:7260","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7260"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7875","reference_id":"RHSA-2024:7875","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7875"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2105240","reference_id":"show_bug.cgi?id=2105240","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-23T18:23:10Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2105240"},{"reference_url":"https://usn.ubuntu.com/5543-1/","reference_id":"USN-5543-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5543-1/"},{"reference_url":"https://usn.ubuntu.com/5795-2/","reference_id":"USN-5795-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5795-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/393843?format=json","purl":"pkg:apk/alpine/net-snmp@5.9.3-r0?arch=s390x&distroversion=edge&reponame=main","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/net-snmp@5.9.3-r0%3Farch=s390x&distroversion=edge&reponame=main"}],"aliases":["CVE-2022-24808"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-gu7f-b733-pfew"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/94562?format=json","vulnerability_id":"VCID-nwg6-5jgz-33bj","summary":"net-snmp provides various tools relating to the Simple Network Management Protocol. Prior to version 5.9.2, a user with read-write credentials can use a malformed OID in a SET to the nsVacmAccessTable to cause a NULL pointer dereference. Version 5.9.2 contains a patch. Users should use strong SNMPv3 credentials and avoid sharing the credentials. Those who must use SNMPv1 or SNMPv2c should use a complex community string and enhance the protection by restricting access to a given IP address range.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-24810.json","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-24810.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-24810","reference_id":"","reference_type":"","scores":[{"value":"0.00143","scoring_system":"epss","scoring_elements":"0.34213","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00143","scoring_system":"epss","scoring_elements":"0.34271","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00143","scoring_system":"epss","scoring_elements":"0.34313","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00143","scoring_system":"epss","scoring_elements":"0.34328","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00143","scoring_system":"epss","scoring_elements":"0.34293","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00143","scoring_system":"epss","scoring_elements":"0.34251","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-24810"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24805","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24805"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24806","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24806"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24807","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24807"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24808","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24808"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24809","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24809"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24810","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24810"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1016139","reference_id":"1016139","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1016139"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2104769","reference_id":"2104769","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2104769"},{"reference_url":"https://github.com/net-snmp/net-snmp/commit/ce66eb97c17aa9a48bc079be7b65895266fa6775","reference_id":"ce66eb97c17aa9a48bc079be7b65895266fa6775","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-23T20:37:22Z/"}],"url":"https://github.com/net-snmp/net-snmp/commit/ce66eb97c17aa9a48bc079be7b65895266fa6775"},{"reference_url":"https://www.debian.org/security/2022/dsa-5209","reference_id":"dsa-5209","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-23T20:37:22Z/"}],"url":"https://www.debian.org/security/2022/dsa-5209"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FX75KKGMO5XMV6JMQZF6KOG3JPFNQBY7/","reference_id":"FX75KKGMO5XMV6JMQZF6KOG3JPFNQBY7","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-23T20:37:22Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FX75KKGMO5XMV6JMQZF6KOG3JPFNQBY7/"},{"reference_url":"https://security.gentoo.org/glsa/202210-29","reference_id":"GLSA-202210-29","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-23T20:37:22Z/"}],"url":"https://security.gentoo.org/glsa/202210-29"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2022/08/msg00020.html","reference_id":"msg00020.html","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-23T20:37:22Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2022/08/msg00020.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7260","reference_id":"RHSA-2024:7260","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7260"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7875","reference_id":"RHSA-2024:7875","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7875"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2105241","reference_id":"show_bug.cgi?id=2105241","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-23T20:37:22Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2105241"},{"reference_url":"https://usn.ubuntu.com/5543-1/","reference_id":"USN-5543-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5543-1/"},{"reference_url":"https://usn.ubuntu.com/5795-2/","reference_id":"USN-5795-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5795-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/393843?format=json","purl":"pkg:apk/alpine/net-snmp@5.9.3-r0?arch=s390x&distroversion=edge&reponame=main","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/net-snmp@5.9.3-r0%3Farch=s390x&distroversion=edge&reponame=main"}],"aliases":["CVE-2022-24810"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-nwg6-5jgz-33bj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/94556?format=json","vulnerability_id":"VCID-zhtk-9nzm-qyhp","summary":"net-snmp provides various tools relating to the Simple Network Management Protocol. Prior to version 5.9.2, a malformed OID in a SET request to `SNMP-VIEW-BASED-ACM-MIB::vacmAccessTable` can cause an out-of-bounds memory access. A user with read-write credentials can exploit the issue. Version 5.9.2 contains a patch. Users should use strong SNMPv3 credentials and avoid sharing the credentials. Those who must use SNMPv1 or SNMPv2c should use a complex community string and enhance the protection by restricting access to a given IP address range.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-24807.json","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-24807.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-24807","reference_id":"","reference_type":"","scores":[{"value":"0.00299","scoring_system":"epss","scoring_elements":"0.53564","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00299","scoring_system":"epss","scoring_elements":"0.53594","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00299","scoring_system":"epss","scoring_elements":"0.53622","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00299","scoring_system":"epss","scoring_elements":"0.53631","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00299","scoring_system":"epss","scoring_elements":"0.53618","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-24807"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24805","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24805"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24806","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24806"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24807","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24807"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24808","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24808"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24809","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24809"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24810","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24810"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1016139","reference_id":"1016139","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1016139"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2104763","reference_id":"2104763","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2104763"},{"reference_url":"https://github.com/net-snmp/net-snmp/commit/67ebb43e9038b2dae6e74ae8838b36fcc10fc937","reference_id":"67ebb43e9038b2dae6e74ae8838b36fcc10fc937","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-23T20:44:00Z/"}],"url":"https://github.com/net-snmp/net-snmp/commit/67ebb43e9038b2dae6e74ae8838b36fcc10fc937"},{"reference_url":"https://github.com/net-snmp/net-snmp/commit/ce66eb97c17aa9a48bc079be7b65895266fa6775","reference_id":"ce66eb97c17aa9a48bc079be7b65895266fa6775","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-23T20:44:00Z/"}],"url":"https://github.com/net-snmp/net-snmp/commit/ce66eb97c17aa9a48bc079be7b65895266fa6775"},{"reference_url":"https://www.debian.org/security/2022/dsa-5209","reference_id":"dsa-5209","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-23T20:44:00Z/"}],"url":"https://www.debian.org/security/2022/dsa-5209"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FX75KKGMO5XMV6JMQZF6KOG3JPFNQBY7/","reference_id":"FX75KKGMO5XMV6JMQZF6KOG3JPFNQBY7","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-23T20:44:00Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FX75KKGMO5XMV6JMQZF6KOG3JPFNQBY7/"},{"reference_url":"https://security.gentoo.org/glsa/202210-29","reference_id":"GLSA-202210-29","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-23T20:44:00Z/"}],"url":"https://security.gentoo.org/glsa/202210-29"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2022/08/msg00020.html","reference_id":"msg00020.html","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-23T20:44:00Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2022/08/msg00020.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7260","reference_id":"RHSA-2024:7260","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7260"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7875","reference_id":"RHSA-2024:7875","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7875"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2105239","reference_id":"show_bug.cgi?id=2105239","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-23T20:44:00Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2105239"},{"reference_url":"https://usn.ubuntu.com/5543-1/","reference_id":"USN-5543-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5543-1/"},{"reference_url":"https://usn.ubuntu.com/5795-2/","reference_id":"USN-5795-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5795-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/393843?format=json","purl":"pkg:apk/alpine/net-snmp@5.9.3-r0?arch=s390x&distroversion=edge&reponame=main","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/net-snmp@5.9.3-r0%3Farch=s390x&distroversion=edge&reponame=main"}],"aliases":["CVE-2022-24807"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zhtk-9nzm-qyhp"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/net-snmp@5.9.3-r0%3Farch=s390x&distroversion=edge&reponame=main"}