Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:apk/alpine/buildah@1.35.4-r0?arch=aarch64&distroversion=v3.23&reponame=community

Type apk

Namespace alpine

Name buildah

Version 1.35.4-r0

Qualifiers

arch	aarch64
distroversion	v3.23
reponame	community

Subpath

Is_vulnerable false

Next_non_vulnerable_version 1.37.4-r0

Latest_non_vulnerable_version 1.42.1-r0

Affected_by_vulnerabilities

Fixing_vulnerabilities

url VCID-879s-p8d5-fbgr

vulnerability_id VCID-879s-p8d5-fbgr

summary A flaw was found in the github.com/containers/image library. This flaw allows attackers to trigger unexpected authenticated registry accesses on behalf of a victim user, causing resource exhaustion, local path traversal, and other attacks.

references

reference_url

https://access.redhat.com/errata/RHSA-2024:0045

reference_id

reference_type

scores

value	8.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-13T17:59:41Z/

url

https://access.redhat.com/errata/RHSA-2024:0045

reference_url

https://access.redhat.com/errata/RHSA-2024:3718

reference_id

reference_type

scores

value	8.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-13T17:59:41Z/

url

https://access.redhat.com/errata/RHSA-2024:3718

reference_url

https://access.redhat.com/errata/RHSA-2024:4159

reference_id

reference_type

scores

value	8.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-13T17:59:41Z/

url

https://access.redhat.com/errata/RHSA-2024:4159

reference_url

https://access.redhat.com/errata/RHSA-2024:4613

reference_id

reference_type

scores

value	8.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-13T17:59:41Z/

url

https://access.redhat.com/errata/RHSA-2024:4613

reference_url

https://access.redhat.com/errata/RHSA-2024:4850

reference_id

reference_type

scores

value	8.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-13T17:59:41Z/

url

https://access.redhat.com/errata/RHSA-2024:4850

reference_url

https://access.redhat.com/errata/RHSA-2024:4960

reference_id

reference_type

scores

value	8.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-13T17:59:41Z/

url

https://access.redhat.com/errata/RHSA-2024:4960

reference_url

https://access.redhat.com/errata/RHSA-2024:5258

reference_id

reference_type

scores

value	8.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-13T17:59:41Z/

url

https://access.redhat.com/errata/RHSA-2024:5258

reference_url

https://access.redhat.com/errata/RHSA-2024:5951

reference_id

reference_type

scores

value	8.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-13T17:59:41Z/

url

https://access.redhat.com/errata/RHSA-2024:5951

reference_url

https://access.redhat.com/errata/RHSA-2024:6054

reference_id

reference_type

scores

value	8.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-13T17:59:41Z/

url

https://access.redhat.com/errata/RHSA-2024:6054

reference_url

https://access.redhat.com/errata/RHSA-2024:6708

reference_id

reference_type

scores

value	8.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-13T17:59:41Z/

url

https://access.redhat.com/errata/RHSA-2024:6708

reference_url

https://access.redhat.com/errata/RHSA-2024:6818

reference_id

reference_type

scores

value	8.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-13T17:59:41Z/

url

https://access.redhat.com/errata/RHSA-2024:6818

reference_url

https://access.redhat.com/errata/RHSA-2024:6824

reference_id

reference_type

scores

value	8.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-13T17:59:41Z/

url

https://access.redhat.com/errata/RHSA-2024:6824

reference_url

https://access.redhat.com/errata/RHSA-2024:7164

reference_id

reference_type

scores

value	8.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-13T17:59:41Z/

url

https://access.redhat.com/errata/RHSA-2024:7164

reference_url

https://access.redhat.com/errata/RHSA-2024:7174

reference_id

reference_type

scores

value	8.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-13T17:59:41Z/

url

https://access.redhat.com/errata/RHSA-2024:7174

reference_url

https://access.redhat.com/errata/RHSA-2024:7182

reference_id

reference_type

scores

value	8.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-13T17:59:41Z/

url

https://access.redhat.com/errata/RHSA-2024:7182

reference_url

https://access.redhat.com/errata/RHSA-2024:7187

reference_id

reference_type

scores

value	8.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-13T17:59:41Z/

url

https://access.redhat.com/errata/RHSA-2024:7187

reference_url

https://access.redhat.com/errata/RHSA-2024:7922

reference_id

reference_type

scores

value	8.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-13T17:59:41Z/

url

https://access.redhat.com/errata/RHSA-2024:7922

reference_url

https://access.redhat.com/errata/RHSA-2024:7941

reference_id

reference_type

scores

value	8.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-13T17:59:41Z/

url

https://access.redhat.com/errata/RHSA-2024:7941

reference_url

https://access.redhat.com/errata/RHSA-2024:8260

reference_id

reference_type

scores

value	8.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-13T17:59:41Z/

url

https://access.redhat.com/errata/RHSA-2024:8260

reference_url

https://access.redhat.com/errata/RHSA-2024:8425

reference_id

reference_type

scores

value	8.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-13T17:59:41Z/

url

https://access.redhat.com/errata/RHSA-2024:8425

reference_url

https://access.redhat.com/errata/RHSA-2024:9097

reference_id

reference_type

scores

value	8.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-13T17:59:41Z/

url

https://access.redhat.com/errata/RHSA-2024:9097

reference_url

https://access.redhat.com/errata/RHSA-2024:9098

reference_id

reference_type

scores

value	8.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-13T17:59:41Z/

url

https://access.redhat.com/errata/RHSA-2024:9098

reference_url

https://access.redhat.com/errata/RHSA-2024:9102

reference_id

reference_type

scores

value	8.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-13T17:59:41Z/

url

https://access.redhat.com/errata/RHSA-2024:9102

reference_url

https://access.redhat.com/errata/RHSA-2024:9960

reference_id

reference_type

scores

value	8.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-13T17:59:41Z/

url

https://access.redhat.com/errata/RHSA-2024:9960

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-3727.json

reference_id

reference_type

scores

value	8.3
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-3727.json

reference_url

https://access.redhat.com/security/cve/CVE-2024-3727

reference_id

reference_type

scores

value	8.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-13T17:59:41Z/

url

https://access.redhat.com/security/cve/CVE-2024-3727

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-3727

reference_id

reference_type

scores

value	0.00663
scoring_system	epss
scoring_elements	0.716
published_at	2026-06-09T12:55:00Z

value	0.00663
scoring_system	epss
scoring_elements	0.71619
published_at	2026-06-06T12:55:00Z

value	0.00663
scoring_system	epss
scoring_elements	0.71595
published_at	2026-06-07T12:55:00Z

value	0.00663
scoring_system	epss
scoring_elements	0.7158
published_at	2026-06-08T12:55:00Z

value	0.00681
scoring_system	epss
scoring_elements	0.72052
published_at	2026-06-05T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-3727

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=2274767

reference_id

reference_type

scores

value	8.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-13T17:59:41Z/

url

https://bugzilla.redhat.com/show_bug.cgi?id=2274767

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3727
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3727

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	8.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://github.com/advisories/GHSA-6wvf-f2vw-3425

reference_id

reference_type

scores

value	8.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/advisories/GHSA-6wvf-f2vw-3425

reference_url

https://github.com/containers/image

reference_id

reference_type

scores

value	8.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/containers/image

reference_url

https://github.com/containers/image/commit/132678b47bae29c710589012668cb85859d88385

reference_id

reference_type

scores

value	8.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/containers/image/commit/132678b47bae29c710589012668cb85859d88385

reference_url

https://github.com/containers/image/commit/e8948046055060605bd68289d406ce149590c33a

reference_id

reference_type

scores

value	8.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/containers/image/commit/e8948046055060605bd68289d406ce149590c33a

reference_url

https://github.com/containers/image/releases/tag/v5.29.3

reference_id

reference_type

scores

value	8.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/containers/image/releases/tag/v5.29.3

reference_url

https://github.com/containers/image/releases/tag/v5.30.1

reference_id

reference_type

scores

value	8.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/containers/image/releases/tag/v5.30.1

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4HEYS34N55G7NOQZKNEXZKQVNDGEICCD

reference_id

reference_type

scores

value	8.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4HEYS34N55G7NOQZKNEXZKQVNDGEICCD

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6B37TXOKTKDBE2V26X2NSP7JKNMZOFVP

reference_id

reference_type

scores

value	8.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6B37TXOKTKDBE2V26X2NSP7JKNMZOFVP

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CYT3D2P3OJKISNFKOOHGY6HCUCQZYAVR

reference_id

reference_type

scores

value	8.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CYT3D2P3OJKISNFKOOHGY6HCUCQZYAVR

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DLND3YDQQRWVRIUPL2G5UKXP5L3VSBBT

reference_id

reference_type

scores

value	8.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DLND3YDQQRWVRIUPL2G5UKXP5L3VSBBT

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DTOMYERG5ND4QFDHC4ZSGCED3T3ESRSC

reference_id

reference_type

scores

value	8.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DTOMYERG5ND4QFDHC4ZSGCED3T3ESRSC

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FBZQ2ZRMFEUQ35235B2HWPSXGDCBZHFV

reference_id

reference_type

scores

value	8.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FBZQ2ZRMFEUQ35235B2HWPSXGDCBZHFV

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GD2GSBQTBLYADASUBHHZV2CZPTSLIPQJ

reference_id

reference_type

scores

value	8.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GD2GSBQTBLYADASUBHHZV2CZPTSLIPQJ

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QFXMF3VVKIZN7ZMB7PKZCSWV6MOMTGMQ

reference_id

reference_type

scores

value	8.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QFXMF3VVKIZN7ZMB7PKZCSWV6MOMTGMQ

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SFVSMR7TNLO2KPWJSW4CF64C2QMQXCIN

reference_id

reference_type

scores

value	8.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SFVSMR7TNLO2KPWJSW4CF64C2QMQXCIN

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2024-3727

reference_id

reference_type

scores

value	8.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2024-3727

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1070858
reference_id	1070858
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1070858

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:acm:2
reference_id	cpe:/a:redhat:acm:2
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:acm:2

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:advanced_cluster_security:3
reference_id	cpe:/a:redhat:advanced_cluster_security:3
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:advanced_cluster_security:3

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:advanced_cluster_security:4.4::el8
reference_id	cpe:/a:redhat:advanced_cluster_security:4.4::el8
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:advanced_cluster_security:4.4::el8

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:advanced_cluster_security:4.5::el8
reference_id	cpe:/a:redhat:advanced_cluster_security:4.5::el8
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:advanced_cluster_security:4.5::el8

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ansible_automation_platform
reference_id	cpe:/a:redhat:ansible_automation_platform
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ansible_automation_platform

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ansible_automation_platform:2
reference_id	cpe:/a:redhat:ansible_automation_platform:2
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ansible_automation_platform:2

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:assisted_installer:1
reference_id	cpe:/a:redhat:assisted_installer:1
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:assisted_installer:1

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:container_native_virtualization:4
reference_id	cpe:/a:redhat:container_native_virtualization:4
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:container_native_virtualization:4

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:container_native_virtualization:4.15::el9
reference_id	cpe:/a:redhat:container_native_virtualization:4.15::el9
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:container_native_virtualization:4.15::el9

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream
reference_id	cpe:/a:redhat:enterprise_linux:8::appstream
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream
reference_id	cpe:/a:redhat:enterprise_linux:9::appstream
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:multicluster_engine
reference_id	cpe:/a:redhat:multicluster_engine
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:multicluster_engine

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ocp_tools
reference_id	cpe:/a:redhat:ocp_tools
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ocp_tools

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:3.11
reference_id	cpe:/a:redhat:openshift:3.11
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:3.11

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4
reference_id	cpe:/a:redhat:openshift:4
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.13::el8
reference_id	cpe:/a:redhat:openshift:4.13::el8
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.13::el8

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.13::el9
reference_id	cpe:/a:redhat:openshift:4.13::el9
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.13::el9

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.14::el8
reference_id	cpe:/a:redhat:openshift:4.14::el8
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.14::el8

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.14::el9
reference_id	cpe:/a:redhat:openshift:4.14::el9
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.14::el9

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.15::el8
reference_id	cpe:/a:redhat:openshift:4.15::el8
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.15::el8

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.15::el9
reference_id	cpe:/a:redhat:openshift:4.15::el9
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.15::el9

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.16::el8
reference_id	cpe:/a:redhat:openshift:4.16::el8
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.16::el8

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.16::el9
reference_id	cpe:/a:redhat:openshift:4.16::el9
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.16::el9

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.17::el9
reference_id	cpe:/a:redhat:openshift:4.17::el9
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.17::el9

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.18::el9
reference_id	cpe:/a:redhat:openshift:4.18::el9
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.18::el9

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift_api_data_protection:1.3::el9
reference_id	cpe:/a:redhat:openshift_api_data_protection:1.3::el9
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift_api_data_protection:1.3::el9

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift_devspaces:3
reference_id	cpe:/a:redhat:openshift_devspaces:3
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift_devspaces:3

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift_ironic:4.13::el9
reference_id	cpe:/a:redhat:openshift_ironic:4.13::el9
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift_ironic:4.13::el9

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift_ironic:4.14::el9
reference_id	cpe:/a:redhat:openshift_ironic:4.14::el9
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift_ironic:4.14::el9

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift_ironic:4.15::el9
reference_id	cpe:/a:redhat:openshift_ironic:4.15::el9
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift_ironic:4.15::el9

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift_ironic:4.16::el9
reference_id	cpe:/a:redhat:openshift_ironic:4.16::el9
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift_ironic:4.16::el9

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift_sandboxed_containers:1
reference_id	cpe:/a:redhat:openshift_sandboxed_containers:1
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift_sandboxed_containers:1

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openstack:16.2
reference_id	cpe:/a:redhat:openstack:16.2
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openstack:16.2

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:quay:3
reference_id	cpe:/a:redhat:quay:3
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:quay:3

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhmt:1.8::el8
reference_id	cpe:/a:redhat:rhmt:1.8::el8
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhmt:1.8::el8

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:serverless:1
reference_id	cpe:/a:redhat:serverless:1
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:serverless:1

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:source_to_image:1
reference_id	cpe:/a:redhat:source_to_image:1
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:source_to_image:1

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10
reference_id	cpe:/o:redhat:enterprise_linux:10
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7
reference_id	cpe:/o:redhat:enterprise_linux:7
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8
reference_id	cpe:/o:redhat:enterprise_linux:8
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9
reference_id	cpe:/o:redhat:enterprise_linux:9
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9

reference_url

https://access.redhat.com/errata/RHSA-2024:6122

reference_id

RHSA-2024:6122

reference_type

scores

value	8.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-13T17:59:41Z/

url

https://access.redhat.com/errata/RHSA-2024:6122

fixed_packages

url	pkg:apk/alpine/buildah@1.35.4-r0?arch=aarch64&distroversion=v3.23&reponame=community
purl	pkg:apk/alpine/buildah@1.35.4-r0?arch=aarch64&distroversion=v3.23&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/buildah@1.35.4-r0%3Farch=aarch64&distroversion=v3.23&reponame=community

aliases CVE-2024-3727, GHSA-6wvf-f2vw-3425

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-879s-p8d5-fbgr

url VCID-dm8y-34j8-q3dv

vulnerability_id VCID-dm8y-34j8-q3dv

summary The protojson.Unmarshal function can enter an infinite loop when unmarshaling certain forms of invalid JSON. This condition can occur when unmarshaling into a message which contains a google.protobuf.Any value, or when the UnmarshalOptions.DiscardUnknown option is set.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-24786.json

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-24786.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-24786

reference_id

reference_type

scores

value	0.00393
scoring_system	epss
scoring_elements	0.60601
published_at	2026-06-09T12:55:00Z

value	0.00533
scoring_system	epss
scoring_elements	0.67754
published_at	2026-06-08T12:55:00Z

value	0.00533
scoring_system	epss
scoring_elements	0.67774
published_at	2026-06-05T12:55:00Z

value	0.00533
scoring_system	epss
scoring_elements	0.67781
published_at	2026-06-06T12:55:00Z

value	0.00533
scoring_system	epss
scoring_elements	0.67771
published_at	2026-06-07T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-24786

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24786
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24786

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://github.com/protocolbuffers/protobuf-go

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	6.6
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/protocolbuffers/protobuf-go

reference_url

https://github.com/protocolbuffers/protobuf-go/commit/f01a588e5810b90996452eec4a28f22a0afae023

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	6.6
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/protocolbuffers/protobuf-go/commit/f01a588e5810b90996452eec4a28f22a0afae023

reference_url

https://github.com/protocolbuffers/protobuf-go/releases/tag/v1.33.0

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	6.6
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/protocolbuffers/protobuf-go/releases/tag/v1.33.0

reference_url

https://go.dev/cl/569356

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	6.6
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-07T16:22:27Z/

url

https://go.dev/cl/569356

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JDMBHAVSDU2FBDZ45U3A2VLSM35OJ2HU

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	6.6
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JDMBHAVSDU2FBDZ45U3A2VLSM35OJ2HU

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2024-24786

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	6.6
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2024-24786

reference_url

https://pkg.go.dev/vuln/GO-2024-2611

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	6.6
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-07T16:22:27Z/

url

https://pkg.go.dev/vuln/GO-2024-2611

reference_url

https://security.netapp.com/advisory/ntap-20240517-0002

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	6.6
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://security.netapp.com/advisory/ntap-20240517-0002

reference_url

http://www.openwall.com/lists/oss-security/2024/03/08/4

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	6.6
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-07T16:22:27Z/

url

http://www.openwall.com/lists/oss-security/2024/03/08/4

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1065684
reference_id	1065684
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1065684

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2268046
reference_id	2268046
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2268046

reference_url	https://security.gentoo.org/glsa/202407-12
reference_id	GLSA-202407-12
reference_type
scores
url	https://security.gentoo.org/glsa/202407-12

reference_url	https://security.gentoo.org/glsa/202407-25
reference_id	GLSA-202407-25
reference_type
scores
url	https://security.gentoo.org/glsa/202407-25

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JDMBHAVSDU2FBDZ45U3A2VLSM35OJ2HU/

reference_id

JDMBHAVSDU2FBDZ45U3A2VLSM35OJ2HU

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-07T16:22:27Z/

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JDMBHAVSDU2FBDZ45U3A2VLSM35OJ2HU/

reference_url

https://security.netapp.com/advisory/ntap-20240517-0002/

reference_id

ntap-20240517-0002

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-07T16:22:27Z/

url

https://security.netapp.com/advisory/ntap-20240517-0002/

reference_url	https://access.redhat.com/errata/RHSA-2024:0040
reference_id	RHSA-2024:0040
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0040

reference_url	https://access.redhat.com/errata/RHSA-2024:0043
reference_id	RHSA-2024:0043
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0043

reference_url	https://access.redhat.com/errata/RHSA-2024:10852
reference_id	RHSA-2024:10852
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:10852

reference_url	https://access.redhat.com/errata/RHSA-2024:1362
reference_id	RHSA-2024:1362
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1362

reference_url	https://access.redhat.com/errata/RHSA-2024:1363
reference_id	RHSA-2024:1363
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1363

reference_url	https://access.redhat.com/errata/RHSA-2024:1456
reference_id	RHSA-2024:1456
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1456

reference_url	https://access.redhat.com/errata/RHSA-2024:1461
reference_id	RHSA-2024:1461
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1461

reference_url	https://access.redhat.com/errata/RHSA-2024:1474
reference_id	RHSA-2024:1474
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1474

reference_url	https://access.redhat.com/errata/RHSA-2024:1507
reference_id	RHSA-2024:1507
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1507

reference_url	https://access.redhat.com/errata/RHSA-2024:1508
reference_id	RHSA-2024:1508
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1508

reference_url	https://access.redhat.com/errata/RHSA-2024:1537
reference_id	RHSA-2024:1537
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1537

reference_url	https://access.redhat.com/errata/RHSA-2024:1538
reference_id	RHSA-2024:1538
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1538

reference_url	https://access.redhat.com/errata/RHSA-2024:1616
reference_id	RHSA-2024:1616
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1616

reference_url	https://access.redhat.com/errata/RHSA-2024:1765
reference_id	RHSA-2024:1765
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1765

reference_url	https://access.redhat.com/errata/RHSA-2024:1795
reference_id	RHSA-2024:1795
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1795

reference_url	https://access.redhat.com/errata/RHSA-2024:1859
reference_id	RHSA-2024:1859
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1859

reference_url	https://access.redhat.com/errata/RHSA-2024:1874
reference_id	RHSA-2024:1874
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1874

reference_url	https://access.redhat.com/errata/RHSA-2024:1925
reference_id	RHSA-2024:1925
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1925

reference_url	https://access.redhat.com/errata/RHSA-2024:1946
reference_id	RHSA-2024:1946
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1946

reference_url	https://access.redhat.com/errata/RHSA-2024:2096
reference_id	RHSA-2024:2096
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:2096

reference_url	https://access.redhat.com/errata/RHSA-2024:2549
reference_id	RHSA-2024:2549
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:2549

reference_url	https://access.redhat.com/errata/RHSA-2024:2550
reference_id	RHSA-2024:2550
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:2550

reference_url	https://access.redhat.com/errata/RHSA-2024:2639
reference_id	RHSA-2024:2639
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:2639

reference_url	https://access.redhat.com/errata/RHSA-2024:2666
reference_id	RHSA-2024:2666
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:2666

reference_url	https://access.redhat.com/errata/RHSA-2024:2773
reference_id	RHSA-2024:2773
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:2773

reference_url	https://access.redhat.com/errata/RHSA-2024:2781
reference_id	RHSA-2024:2781
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:2781

reference_url	https://access.redhat.com/errata/RHSA-2024:2874
reference_id	RHSA-2024:2874
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:2874

reference_url	https://access.redhat.com/errata/RHSA-2024:2901
reference_id	RHSA-2024:2901
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:2901

reference_url	https://access.redhat.com/errata/RHSA-2024:3316
reference_id	RHSA-2024:3316
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:3316

reference_url	https://access.redhat.com/errata/RHSA-2024:3617
reference_id	RHSA-2024:3617
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:3617

reference_url	https://access.redhat.com/errata/RHSA-2024:3621
reference_id	RHSA-2024:3621
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:3621

reference_url	https://access.redhat.com/errata/RHSA-2024:3634
reference_id	RHSA-2024:3634
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:3634

reference_url	https://access.redhat.com/errata/RHSA-2024:3635
reference_id	RHSA-2024:3635
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:3635

reference_url	https://access.redhat.com/errata/RHSA-2024:3636
reference_id	RHSA-2024:3636
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:3636

reference_url	https://access.redhat.com/errata/RHSA-2024:3637
reference_id	RHSA-2024:3637
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:3637

reference_url	https://access.redhat.com/errata/RHSA-2024:3683
reference_id	RHSA-2024:3683
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:3683

reference_url	https://access.redhat.com/errata/RHSA-2024:3715
reference_id	RHSA-2024:3715
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:3715

reference_url	https://access.redhat.com/errata/RHSA-2024:3717
reference_id	RHSA-2024:3717
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:3717

reference_url	https://access.redhat.com/errata/RHSA-2024:3868
reference_id	RHSA-2024:3868
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:3868

reference_url	https://access.redhat.com/errata/RHSA-2024:4150
reference_id	RHSA-2024:4150
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:4150

reference_url	https://access.redhat.com/errata/RHSA-2024:4163
reference_id	RHSA-2024:4163
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:4163

reference_url	https://access.redhat.com/errata/RHSA-2024:4246
reference_id	RHSA-2024:4246
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:4246

reference_url	https://access.redhat.com/errata/RHSA-2024:4455
reference_id	RHSA-2024:4455
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:4455

reference_url	https://access.redhat.com/errata/RHSA-2024:4597
reference_id	RHSA-2024:4597
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:4597

reference_url	https://access.redhat.com/errata/RHSA-2024:4626
reference_id	RHSA-2024:4626
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:4626

reference_url	https://access.redhat.com/errata/RHSA-2024:5013
reference_id	RHSA-2024:5013
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:5013

reference_url	https://access.redhat.com/errata/RHSA-2024:5054
reference_id	RHSA-2024:5054
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:5054

reference_url	https://access.redhat.com/errata/RHSA-2024:5422
reference_id	RHSA-2024:5422
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:5422

reference_url	https://access.redhat.com/errata/RHSA-2024:6004
reference_id	RHSA-2024:6004
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:6004

reference_url	https://access.redhat.com/errata/RHSA-2024:6122
reference_id	RHSA-2024:6122
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:6122

reference_url	https://access.redhat.com/errata/RHSA-2024:6221
reference_id	RHSA-2024:6221
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:6221

reference_url	https://access.redhat.com/errata/RHSA-2024:6409
reference_id	RHSA-2024:6409
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:6409

reference_url	https://access.redhat.com/errata/RHSA-2024:7184
reference_id	RHSA-2024:7184
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:7184

reference_url	https://access.redhat.com/errata/RHSA-2024:7548
reference_id	RHSA-2024:7548
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:7548

reference_url	https://access.redhat.com/errata/RHSA-2024:8040
reference_id	RHSA-2024:8040
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:8040

reference_url	https://access.redhat.com/errata/RHSA-2024:8434
reference_id	RHSA-2024:8434
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:8434

reference_url	https://access.redhat.com/errata/RHSA-2024:8676
reference_id	RHSA-2024:8676
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:8676

reference_url	https://access.redhat.com/errata/RHSA-2024:8677
reference_id	RHSA-2024:8677
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:8677

reference_url	https://access.redhat.com/errata/RHSA-2024:8704
reference_id	RHSA-2024:8704
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:8704

reference_url	https://access.redhat.com/errata/RHSA-2024:9615
reference_id	RHSA-2024:9615
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:9615

reference_url	https://access.redhat.com/errata/RHSA-2025:0654
reference_id	RHSA-2025:0654
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:0654

reference_url	https://access.redhat.com/errata/RHSA-2025:0664
reference_id	RHSA-2025:0664
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:0664

reference_url	https://access.redhat.com/errata/RHSA-2025:22683
reference_id	RHSA-2025:22683
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:22683

reference_url	https://access.redhat.com/errata/RHSA-2025:22684
reference_id	RHSA-2025:22684
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:22684

reference_url	https://access.redhat.com/errata/RHSA-2025:4204
reference_id	RHSA-2025:4204
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:4204

reference_url	https://access.redhat.com/errata/RHSA-2025:9776
reference_id	RHSA-2025:9776
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:9776

reference_url	https://access.redhat.com/errata/RHSA-2026:0722
reference_id	RHSA-2026:0722
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:0722

reference_url	https://usn.ubuntu.com/6746-1/
reference_id	USN-6746-1
reference_type
scores
url	https://usn.ubuntu.com/6746-1/

reference_url	https://usn.ubuntu.com/6746-2/
reference_id	USN-6746-2
reference_type
scores
url	https://usn.ubuntu.com/6746-2/

fixed_packages

url	pkg:apk/alpine/buildah@1.35.4-r0?arch=aarch64&distroversion=v3.23&reponame=community
purl	pkg:apk/alpine/buildah@1.35.4-r0?arch=aarch64&distroversion=v3.23&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/buildah@1.35.4-r0%3Farch=aarch64&distroversion=v3.23&reponame=community

aliases CVE-2024-24786, GHSA-8r3f-844c-mc37

risk_score 3.4

exploitability 0.5

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-dm8y-34j8-q3dv

url VCID-nzrx-36w7-rbfr

vulnerability_id VCID-nzrx-36w7-rbfr

summary A flaw was found in Buildah (and subsequently Podman Build) which allows containers to mount arbitrary locations on the host filesystem into build containers. A malicious Containerfile can use a dummy image with a symbolic link to the root filesystem as a mount source and cause the mount operation to mount the host root filesystem inside the RUN step. The commands inside the RUN step will then have read-write access to the host filesystem, allowing for full container escape at build time.

references

reference_url

https://access.redhat.com/errata/RHSA-2024:2049

reference_id

reference_type

scores

value	8.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

value	6.3
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:H/SI:H/SA:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-05-02T15:05:28Z/

url

https://access.redhat.com/errata/RHSA-2024:2049

reference_url

https://access.redhat.com/errata/RHSA-2024:2055

reference_id

reference_type

scores

value	8.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

value	6.3
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:H/SI:H/SA:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-05-02T15:05:28Z/

url

https://access.redhat.com/errata/RHSA-2024:2055

reference_url

https://access.redhat.com/errata/RHSA-2024:2064

reference_id

reference_type

scores

value	8.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

value	6.3
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:H/SI:H/SA:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-05-02T15:05:28Z/

url

https://access.redhat.com/errata/RHSA-2024:2064

reference_url

https://access.redhat.com/errata/RHSA-2024:2066

reference_id

reference_type

scores

value	8.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

value	6.3
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:H/SI:H/SA:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-05-02T15:05:28Z/

url

https://access.redhat.com/errata/RHSA-2024:2066

reference_url

https://access.redhat.com/errata/RHSA-2024:2077

reference_id

reference_type

scores

value	8.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

value	6.3
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:H/SI:H/SA:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-05-02T15:05:28Z/

url

https://access.redhat.com/errata/RHSA-2024:2077

reference_url

https://access.redhat.com/errata/RHSA-2024:2084

reference_id

reference_type

scores

value	8.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

value	6.3
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:H/SI:H/SA:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-05-02T15:05:28Z/

url

https://access.redhat.com/errata/RHSA-2024:2084

reference_url

https://access.redhat.com/errata/RHSA-2024:2089

reference_id

reference_type

scores

value	8.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

value	6.3
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:H/SI:H/SA:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-05-02T15:05:28Z/

url

https://access.redhat.com/errata/RHSA-2024:2089

reference_url

https://access.redhat.com/errata/RHSA-2024:2090

reference_id

reference_type

scores

value	8.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

value	6.3
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:H/SI:H/SA:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-05-02T15:05:28Z/

url

https://access.redhat.com/errata/RHSA-2024:2090

reference_url

https://access.redhat.com/errata/RHSA-2024:2097

reference_id

reference_type

scores

value	8.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

value	6.3
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:H/SI:H/SA:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-05-02T15:05:28Z/

url

https://access.redhat.com/errata/RHSA-2024:2097

reference_url

https://access.redhat.com/errata/RHSA-2024:2098

reference_id

reference_type

scores

value	8.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

value	6.3
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:H/SI:H/SA:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-05-02T15:05:28Z/

url

https://access.redhat.com/errata/RHSA-2024:2098

reference_url

https://access.redhat.com/errata/RHSA-2024:2548

reference_id

reference_type

scores

value	8.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

value	6.3
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:H/SI:H/SA:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-05-02T15:05:28Z/

url

https://access.redhat.com/errata/RHSA-2024:2548

reference_url

https://access.redhat.com/errata/RHSA-2024:2645

reference_id

reference_type

scores

value	8.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

value	6.3
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:H/SI:H/SA:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-05-02T15:05:28Z/

url

https://access.redhat.com/errata/RHSA-2024:2645

reference_url

https://access.redhat.com/errata/RHSA-2024:2669

reference_id

reference_type

scores

value	8.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

value	6.3
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:H/SI:H/SA:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-05-02T15:05:28Z/

url

https://access.redhat.com/errata/RHSA-2024:2669

reference_url

https://access.redhat.com/errata/RHSA-2024:2672

reference_id

reference_type

scores

value	8.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

value	6.3
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:H/SI:H/SA:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-05-02T15:05:28Z/

url

https://access.redhat.com/errata/RHSA-2024:2672

reference_url

https://access.redhat.com/errata/RHSA-2024:2784

reference_id

reference_type

scores

value	8.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

value	6.3
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:H/SI:H/SA:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-05-02T15:05:28Z/

url

https://access.redhat.com/errata/RHSA-2024:2784

reference_url

https://access.redhat.com/errata/RHSA-2024:2877

reference_id

reference_type

scores

value	8.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

value	6.3
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:H/SI:H/SA:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-05-02T15:05:28Z/

url

https://access.redhat.com/errata/RHSA-2024:2877

reference_url

https://access.redhat.com/errata/RHSA-2024:3254

reference_id

reference_type

scores

value	8.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

value	6.3
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:H/SI:H/SA:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-05-02T15:05:28Z/

url

https://access.redhat.com/errata/RHSA-2024:3254

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-1753.json

reference_id

reference_type

scores

value	8.6
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-1753.json

reference_url

https://access.redhat.com/security/cve/CVE-2024-1753

reference_id

reference_type

scores

value	8.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

value	6.3
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:H/SI:H/SA:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-05-02T15:05:28Z/

url

https://access.redhat.com/security/cve/CVE-2024-1753

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-1753

reference_id

reference_type

scores

value	0.00076
scoring_system	epss
scoring_elements	0.22789
published_at	2026-06-09T12:55:00Z

value	0.00076
scoring_system	epss
scoring_elements	0.22896
published_at	2026-06-05T12:55:00Z

value	0.00076
scoring_system	epss
scoring_elements	0.22881
published_at	2026-06-06T12:55:00Z

value	0.00076
scoring_system	epss
scoring_elements	0.22837
published_at	2026-06-07T12:55:00Z

value	0.00076
scoring_system	epss
scoring_elements	0.22787
published_at	2026-06-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-1753

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=2265513

reference_id

reference_type

scores

value	8.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

value	6.3
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:H/SI:H/SA:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-05-02T15:05:28Z/

url

https://bugzilla.redhat.com/show_bug.cgi?id=2265513

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1753
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1753

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	8.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://github.com/containers/buildah/security/advisories/GHSA-pmf3-c36m-g5cf

reference_id

reference_type

scores

value	8.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

value	6.3
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:H/SI:H/SA:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-05-02T15:05:28Z/

url

https://github.com/containers/buildah/security/advisories/GHSA-pmf3-c36m-g5cf

reference_url

https://github.com/containers/podman

reference_id

reference_type

scores

value	8.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

value	6.3
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:H/SI:H/SA:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/containers/podman

reference_url

https://github.com/containers/podman/security/advisories/GHSA-874v-pj72-92f3

reference_id

reference_type

scores

value	8.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

value	6.3
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:H/SI:H/SA:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-05-02T15:05:28Z/

url

https://github.com/containers/podman/security/advisories/GHSA-874v-pj72-92f3

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FCRZVUDOFM5CPREQKBEU2VK2QK62PSBP

reference_id

reference_type

scores

value	8.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

value	6.3
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:H/SI:H/SA:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FCRZVUDOFM5CPREQKBEU2VK2QK62PSBP

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KOYMVMQ7RWMDTSKQTBO734BE3WQPI2AJ

reference_id

reference_type

scores

value	8.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

value	6.3
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:H/SI:H/SA:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KOYMVMQ7RWMDTSKQTBO734BE3WQPI2AJ

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZVBSVZGVABPYIHK5HZM472NPGWMI7WXH

reference_id

reference_type

scores

value	8.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

value	6.3
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:H/SI:H/SA:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZVBSVZGVABPYIHK5HZM472NPGWMI7WXH

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2024-1753

reference_id

reference_type

scores

value	8.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

value	6.3
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:H/SI:H/SA:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2024-1753

reference_url

https://pkg.go.dev/vuln/GO-2024-2658

reference_id

reference_type

scores

value	8.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

value	6.3
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:H/SI:H/SA:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-05-02T15:05:28Z/

url

https://pkg.go.dev/vuln/GO-2024-2658

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1067800
reference_id	1067800
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1067800

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream
reference_id	cpe:/a:redhat:enterprise_linux:8::appstream
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream
reference_id	cpe:/a:redhat:enterprise_linux:9::appstream
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:3.11
reference_id	cpe:/a:redhat:openshift:3.11
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:3.11

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.12::el8
reference_id	cpe:/a:redhat:openshift:4.12::el8
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.12::el8

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.12::el9
reference_id	cpe:/a:redhat:openshift:4.12::el9
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.12::el9

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.13::el8
reference_id	cpe:/a:redhat:openshift:4.13::el8
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.13::el8

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.13::el9
reference_id	cpe:/a:redhat:openshift:4.13::el9
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.13::el9

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.14::el8
reference_id	cpe:/a:redhat:openshift:4.14::el8
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.14::el8

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.14::el9
reference_id	cpe:/a:redhat:openshift:4.14::el9
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.14::el9

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.15::el8
reference_id	cpe:/a:redhat:openshift:4.15::el8
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.15::el8

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.15::el9
reference_id	cpe:/a:redhat:openshift:4.15::el9
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.15::el9

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.6::appstream
reference_id	cpe:/a:redhat:rhel_eus:8.6::appstream
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.6::appstream

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.8::appstream
reference_id	cpe:/a:redhat:rhel_eus:8.8::appstream
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.8::appstream

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.0::appstream
reference_id	cpe:/a:redhat:rhel_eus:9.0::appstream
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.0::appstream

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::appstream
reference_id	cpe:/a:redhat:rhel_eus:9.2::appstream
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::appstream

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7
reference_id	cpe:/o:redhat:enterprise_linux:7
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7

reference_url	https://security.gentoo.org/glsa/202407-12
reference_id	GLSA-202407-12
reference_type
scores
url	https://security.gentoo.org/glsa/202407-12

reference_url	https://security.gentoo.org/glsa/202407-25
reference_id	GLSA-202407-25
reference_type
scores
url	https://security.gentoo.org/glsa/202407-25

fixed_packages

url	pkg:apk/alpine/buildah@1.35.4-r0?arch=aarch64&distroversion=v3.23&reponame=community
purl	pkg:apk/alpine/buildah@1.35.4-r0?arch=aarch64&distroversion=v3.23&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/buildah@1.35.4-r0%3Farch=aarch64&distroversion=v3.23&reponame=community

aliases CVE-2024-1753, GHSA-874v-pj72-92f3

risk_score 3.9

exploitability 0.5

weighted_severity 7.7

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-nzrx-36w7-rbfr

url VCID-z1z2-xber-wfeu

vulnerability_id VCID-z1z2-xber-wfeu

summary Package jose aims to provide an implementation of the Javascript Object Signing and Encryption set of standards. An attacker could send a JWE containing compressed data that used large amounts of memory and CPU when decompressed by Decrypt or DecryptMulti. Those functions now return an error if the decompressed data would exceed 250kB or 10x the compressed size (whichever is larger). This vulnerability has been patched in versions 4.0.1, 3.0.3 and 2.6.3.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-28180.json

reference_id

reference_type

scores

value	4.3
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-28180.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-28180

reference_id

reference_type

scores

value	0.04859
scoring_system	epss
scoring_elements	0.89761
published_at	2026-06-09T12:55:00Z

value	0.04859
scoring_system	epss
scoring_elements	0.89746
published_at	2026-06-08T12:55:00Z

value	0.04859
scoring_system	epss
scoring_elements	0.89747
published_at	2026-06-06T12:55:00Z

value	0.04986
scoring_system	epss
scoring_elements	0.89888
published_at	2026-06-05T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-28180

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-28180
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-28180

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://github.com/go-jose/go-jose

reference_id

reference_type

scores

value	4.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/go-jose/go-jose

reference_url

https://github.com/go-jose/go-jose/commit/0dd4dd541c665fb292d664f77604ba694726f298

reference_id

reference_type

scores

value	4.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-03-11T15:08:38Z/

url

https://github.com/go-jose/go-jose/commit/0dd4dd541c665fb292d664f77604ba694726f298

reference_url

https://github.com/go-jose/go-jose/commit/add6a284ea0f844fd6628cba637be5451fe4b28a

reference_id

reference_type

scores

value	4.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-03-11T15:08:38Z/

url

https://github.com/go-jose/go-jose/commit/add6a284ea0f844fd6628cba637be5451fe4b28a

reference_url

https://github.com/go-jose/go-jose/commit/f4c051a0653d78199a053892f7619ebf96339502

reference_id

reference_type

scores

value	4.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-03-11T15:08:38Z/

url

https://github.com/go-jose/go-jose/commit/f4c051a0653d78199a053892f7619ebf96339502

reference_url

https://github.com/go-jose/go-jose/security/advisories/GHSA-c5q2-7r4c-mv6g

reference_id

reference_type

scores

value	4.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-03-11T15:08:38Z/

url

https://github.com/go-jose/go-jose/security/advisories/GHSA-c5q2-7r4c-mv6g

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GD2GSBQTBLYADASUBHHZV2CZPTSLIPQJ

reference_id

reference_type

scores

value	4.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GD2GSBQTBLYADASUBHHZV2CZPTSLIPQJ

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I6MMWFBOXJA6ZCXNVPDFJ4XMK5PVG5RG

reference_id

reference_type

scores

value	4.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I6MMWFBOXJA6ZCXNVPDFJ4XMK5PVG5RG

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IJ6LAJJ2FTA2JVVOACCV5RZTOIZLXUNJ

reference_id

reference_type

scores

value	4.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IJ6LAJJ2FTA2JVVOACCV5RZTOIZLXUNJ

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JNPMXL36YGS3GQEVI3Q5HKHJ7YAAQXL5

reference_id

reference_type

scores

value	4.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JNPMXL36YGS3GQEVI3Q5HKHJ7YAAQXL5

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KXKGNCRU7OTM5AHC7YIYBNOWI742PRMY

reference_id

reference_type

scores

value	4.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KXKGNCRU7OTM5AHC7YIYBNOWI742PRMY

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MSOMHDKRPU3A2JEMRODT2IREDFBLVPGS

reference_id

reference_type

scores

value	4.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MSOMHDKRPU3A2JEMRODT2IREDFBLVPGS

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UG5FSEYJ3GP27FZXC5YAAMMEC5XWKJHG

reference_id

reference_type

scores

value	4.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UG5FSEYJ3GP27FZXC5YAAMMEC5XWKJHG

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UJO2U5ACZVACNQXJ5EBRFLFW6DP5BROY

reference_id

reference_type

scores

value	4.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UJO2U5ACZVACNQXJ5EBRFLFW6DP5BROY

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XJDO5VSIAOGT2WP63AXAAWNRSVJCNCRH

reference_id

reference_type

scores

value	4.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XJDO5VSIAOGT2WP63AXAAWNRSVJCNCRH

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2024-28180

reference_id

reference_type

scores

value	4.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2024-28180

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1065814
reference_id	1065814
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1065814

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2268854
reference_id	2268854
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2268854

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GD2GSBQTBLYADASUBHHZV2CZPTSLIPQJ/

reference_id

GD2GSBQTBLYADASUBHHZV2CZPTSLIPQJ

reference_type

scores

value	4.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-03-11T15:08:38Z/

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GD2GSBQTBLYADASUBHHZV2CZPTSLIPQJ/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I6MMWFBOXJA6ZCXNVPDFJ4XMK5PVG5RG/

reference_id

I6MMWFBOXJA6ZCXNVPDFJ4XMK5PVG5RG

reference_type

scores

value	4.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-03-11T15:08:38Z/

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I6MMWFBOXJA6ZCXNVPDFJ4XMK5PVG5RG/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IJ6LAJJ2FTA2JVVOACCV5RZTOIZLXUNJ/

reference_id

IJ6LAJJ2FTA2JVVOACCV5RZTOIZLXUNJ

reference_type

scores

value	4.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-03-11T15:08:38Z/

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IJ6LAJJ2FTA2JVVOACCV5RZTOIZLXUNJ/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JNPMXL36YGS3GQEVI3Q5HKHJ7YAAQXL5/

reference_id

JNPMXL36YGS3GQEVI3Q5HKHJ7YAAQXL5

reference_type

scores

value	4.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-03-11T15:08:38Z/

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JNPMXL36YGS3GQEVI3Q5HKHJ7YAAQXL5/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KXKGNCRU7OTM5AHC7YIYBNOWI742PRMY/

reference_id

KXKGNCRU7OTM5AHC7YIYBNOWI742PRMY

reference_type

scores

value	4.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-03-11T15:08:38Z/

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KXKGNCRU7OTM5AHC7YIYBNOWI742PRMY/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MSOMHDKRPU3A2JEMRODT2IREDFBLVPGS/

reference_id

MSOMHDKRPU3A2JEMRODT2IREDFBLVPGS

reference_type

scores

value	4.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-03-11T15:08:38Z/

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MSOMHDKRPU3A2JEMRODT2IREDFBLVPGS/

reference_url	https://access.redhat.com/errata/RHSA-2024:1456
reference_id	RHSA-2024:1456
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1456

reference_url	https://access.redhat.com/errata/RHSA-2024:1570
reference_id	RHSA-2024:1570
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1570

reference_url	https://access.redhat.com/errata/RHSA-2024:1812
reference_id	RHSA-2024:1812
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1812

reference_url	https://access.redhat.com/errata/RHSA-2024:1859
reference_id	RHSA-2024:1859
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1859

reference_url	https://access.redhat.com/errata/RHSA-2024:1946
reference_id	RHSA-2024:1946
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1946

reference_url	https://access.redhat.com/errata/RHSA-2024:2054
reference_id	RHSA-2024:2054
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:2054

reference_url	https://access.redhat.com/errata/RHSA-2024:2071
reference_id	RHSA-2024:2071
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:2071

reference_url	https://access.redhat.com/errata/RHSA-2024:2096
reference_id	RHSA-2024:2096
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:2096

reference_url	https://access.redhat.com/errata/RHSA-2024:2549
reference_id	RHSA-2024:2549
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:2549

reference_url	https://access.redhat.com/errata/RHSA-2024:2639
reference_id	RHSA-2024:2639
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:2639

reference_url	https://access.redhat.com/errata/RHSA-2024:2773
reference_id	RHSA-2024:2773
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:2773

reference_url	https://access.redhat.com/errata/RHSA-2024:2776
reference_id	RHSA-2024:2776
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:2776

reference_url	https://access.redhat.com/errata/RHSA-2024:2865
reference_id	RHSA-2024:2865
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:2865

reference_url	https://access.redhat.com/errata/RHSA-2024:2869
reference_id	RHSA-2024:2869
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:2869

reference_url	https://access.redhat.com/errata/RHSA-2024:2875
reference_id	RHSA-2024:2875
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:2875

reference_url	https://access.redhat.com/errata/RHSA-2024:3327
reference_id	RHSA-2024:3327
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:3327

reference_url	https://access.redhat.com/errata/RHSA-2024:3349
reference_id	RHSA-2024:3349
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:3349

reference_url	https://access.redhat.com/errata/RHSA-2024:3351
reference_id	RHSA-2024:3351
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:3351

reference_url	https://access.redhat.com/errata/RHSA-2024:3523
reference_id	RHSA-2024:3523
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:3523

reference_url	https://access.redhat.com/errata/RHSA-2024:3826
reference_id	RHSA-2024:3826
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:3826

reference_url	https://access.redhat.com/errata/RHSA-2024:3827
reference_id	RHSA-2024:3827
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:3827

reference_url	https://access.redhat.com/errata/RHSA-2024:3968
reference_id	RHSA-2024:3968
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:3968

reference_url	https://access.redhat.com/errata/RHSA-2024:4006
reference_id	RHSA-2024:4006
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:4006

reference_url	https://access.redhat.com/errata/RHSA-2024:4010
reference_id	RHSA-2024:4010
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:4010

reference_url	https://access.redhat.com/errata/RHSA-2024:4041
reference_id	RHSA-2024:4041
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:4041

reference_url	https://access.redhat.com/errata/RHSA-2024:4455
reference_id	RHSA-2024:4455
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:4455

reference_url	https://access.redhat.com/errata/RHSA-2024:4484
reference_id	RHSA-2024:4484
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:4484

reference_url	https://access.redhat.com/errata/RHSA-2024:6209
reference_id	RHSA-2024:6209
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:6209

reference_url	https://access.redhat.com/errata/RHSA-2024:7179
reference_id	RHSA-2024:7179
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:7179

reference_url	https://access.redhat.com/errata/RHSA-2024:8229
reference_id	RHSA-2024:8229
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:8229

reference_url	https://access.redhat.com/errata/RHSA-2024:8235
reference_id	RHSA-2024:8235
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:8235

reference_url	https://access.redhat.com/errata/RHSA-2024:8974
reference_id	RHSA-2024:8974
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:8974

reference_url	https://access.redhat.com/errata/RHSA-2025:0536
reference_id	RHSA-2025:0536
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:0536

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UG5FSEYJ3GP27FZXC5YAAMMEC5XWKJHG/

reference_id

UG5FSEYJ3GP27FZXC5YAAMMEC5XWKJHG

reference_type

scores

value	4.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-03-11T15:08:38Z/

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UG5FSEYJ3GP27FZXC5YAAMMEC5XWKJHG/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UJO2U5ACZVACNQXJ5EBRFLFW6DP5BROY/

reference_id

UJO2U5ACZVACNQXJ5EBRFLFW6DP5BROY

reference_type

scores

value	4.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-03-11T15:08:38Z/

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UJO2U5ACZVACNQXJ5EBRFLFW6DP5BROY/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XJDO5VSIAOGT2WP63AXAAWNRSVJCNCRH/

reference_id

XJDO5VSIAOGT2WP63AXAAWNRSVJCNCRH

reference_type

scores

value	4.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-03-11T15:08:38Z/

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XJDO5VSIAOGT2WP63AXAAWNRSVJCNCRH/

fixed_packages

url	pkg:apk/alpine/buildah@1.35.4-r0?arch=aarch64&distroversion=v3.23&reponame=community
purl	pkg:apk/alpine/buildah@1.35.4-r0?arch=aarch64&distroversion=v3.23&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/buildah@1.35.4-r0%3Farch=aarch64&distroversion=v3.23&reponame=community

aliases CVE-2024-28180, GHSA-c5q2-7r4c-mv6g

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-z1z2-xber-wfeu

Risk_score null

Resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/buildah@1.35.4-r0%3Farch=aarch64&distroversion=v3.23&reponame=community

Package Instance