{"url":"http://public2.vulnerablecode.io/api/packages/75899?format=json","purl":"pkg:ebuild/app-containers/containerd@1.6.14","type":"ebuild","namespace":"app-containers","name":"containerd","version":"1.6.14","qualifiers":{},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":"1.6.19","latest_non_vulnerable_version":"1.6.19","affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/42024?format=json","vulnerability_id":"VCID-1ucu-ewxj-xfhp","summary":"Multiple vulnerabilities have been found in containerd, the worst of which could result in privilege escalation.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-31030","reference_id":"","reference_type":"","scores":[{"value":"0.00158","scoring_system":"epss","scoring_elements":"0.36649","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00158","scoring_system":"epss","scoring_elements":"0.36217","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00158","scoring_system":"epss","scoring_elements":"0.36318","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00158","scoring_system":"epss","scoring_elements":"0.36348","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00158","scoring_system":"epss","scoring_elements":"0.36572","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00158","scoring_system":"epss","scoring_elements":"0.36715","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00158","scoring_system":"epss","scoring_elements":"0.36746","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00158","scoring_system":"epss","scoring_elements":"0.36584","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00158","scoring_system":"epss","scoring_elements":"0.36637","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00158","scoring_system":"epss","scoring_elements":"0.36654","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00158","scoring_system":"epss","scoring_elements":"0.36663","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00158","scoring_system":"epss","scoring_elements":"0.36628","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00158","scoring_system":"epss","scoring_elements":"0.36603","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00158","scoring_system":"epss","scoring_elements":"0.36631","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00158","scoring_system":"epss","scoring_elements":"0.36147","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00158","scoring_system":"epss","scoring_elements":"0.36124","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00158","scoring_system":"epss","scoring_elements":"0.36211","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00158","scoring_system":"epss","scoring_elements":"0.36184","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00158","scoring_system":"epss","scoring_elements":"0.36114","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00158","scoring_system":"epss","scoring_elements":"0.36231","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-31030"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24769","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24769"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31030","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31030"},{"reference_url":"https://github.com/containerd/containerd","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/containerd/containerd"},{"reference_url":"https://github.com/containerd/containerd/commit/c1bcabb4541930f643aa36a2b38655e131346382","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/containerd/containerd/commit/c1bcabb4541930f643aa36a2b38655e131346382"},{"reference_url":"https://github.com/containerd/containerd/security/advisories/GHSA-5ffw-gxpp-mxpf","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/containerd/containerd/security/advisories/GHSA-5ffw-gxpp-mxpf"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/REOZCUAPCA7NFDWYBDYX6EYXWLHABKBO","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/REOZCUAPCA7NFDWYBDYX6EYXWLHABKBO"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WSIGDBHAB3I75JBJNGWEPBTJPS2FOVHD","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WSIGDBHAB3I75JBJNGWEPBTJPS2FOVHD"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REOZCUAPCA7NFDWYBDYX6EYXWLHABKBO","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REOZCUAPCA7NFDWYBDYX6EYXWLHABKBO"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WSIGDBHAB3I75JBJNGWEPBTJPS2FOVHD","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WSIGDBHAB3I75JBJNGWEPBTJPS2FOVHD"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-31030","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-31030"},{"reference_url":"https://security.gentoo.org/glsa/202401-31","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.gentoo.org/glsa/202401-31"},{"reference_url":"https://www.debian.org/security/2022/dsa-5162","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.debian.org/security/2022/dsa-5162"},{"reference_url":"http://www.openwall.com/lists/oss-security/2022/06/07/1","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2022/06/07/1"},{"reference_url":"https://security.archlinux.org/AVG-2755","reference_id":"AVG-2755","reference_type":"","scores":[{"value":"Unknown","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2755"},{"reference_url":"https://usn.ubuntu.com/5776-1/","reference_id":"USN-5776-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5776-1/"},{"reference_url":"https://usn.ubuntu.com/USN-5521-1/","reference_id":"USN-USN-5521-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/USN-5521-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/75899?format=json","purl":"pkg:ebuild/app-containers/containerd@1.6.14","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/app-containers/containerd@1.6.14"}],"aliases":["CVE-2022-31030","GHSA-5ffw-gxpp-mxpf"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1ucu-ewxj-xfhp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/42021?format=json","vulnerability_id":"VCID-4qfu-ng4n-jbfx","summary":"Multiple vulnerabilities have been found in containerd, the worst of which could result in privilege escalation.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-32760.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-32760.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-32760","reference_id":"","reference_type":"","scores":[{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.21696","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.21623","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.21599","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.21624","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.21711","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.21765","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.21759","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.21727","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.21817","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.21892","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.21857","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.21845","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.21789","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.21945","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.21538","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.21472","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.21568","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.21577","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.21583","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.21731","published_at":"2026-04-21T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-32760"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32760","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32760"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/containerd/containerd","reference_id":"","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/containerd/containerd"},{"reference_url":"https://github.com/containerd/containerd/commit/22e9a70c71eff6507be71955947a611f2ed91e6c","reference_id":"","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/containerd/containerd/commit/22e9a70c71eff6507be71955947a611f2ed91e6c"},{"reference_url":"https://github.com/containerd/containerd/commit/7ad08c69e09ee4930a48dbf2aab3cd612458617f","reference_id":"","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/containerd/containerd/commit/7ad08c69e09ee4930a48dbf2aab3cd612458617f"},{"reference_url":"https://github.com/containerd/containerd/releases/tag/v1.4.8","reference_id":"","reference_type":"","scores":[{"value":"5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L"},{"value":"5.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-19T14:27:11Z/"}],"url":"https://github.com/containerd/containerd/releases/tag/v1.4.8"},{"reference_url":"https://github.com/containerd/containerd/releases/tag/v1.5.4","reference_id":"","reference_type":"","scores":[{"value":"5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L"},{"value":"5.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-19T14:27:11Z/"}],"url":"https://github.com/containerd/containerd/releases/tag/v1.5.4"},{"reference_url":"https://github.com/containerd/containerd/security/advisories/GHSA-c72p-9xmj-rx3w","reference_id":"","reference_type":"","scores":[{"value":"5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L"},{"value":"5.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-19T14:27:11Z/"}],"url":"https://github.com/containerd/containerd/security/advisories/GHSA-c72p-9xmj-rx3w"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DDMNDPJJTP3J5GOEDB66F6MGXUTRG3Y3","reference_id":"","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DDMNDPJJTP3J5GOEDB66F6MGXUTRG3Y3"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DDMNDPJJTP3J5GOEDB66F6MGXUTRG3Y3","reference_id":"","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DDMNDPJJTP3J5GOEDB66F6MGXUTRG3Y3"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2021-32760","reference_id":"","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-32760"},{"reference_url":"https://security.gentoo.org/glsa/202401-31","reference_id":"","reference_type":"","scores":[{"value":"5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L"},{"value":"5.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-19T14:27:11Z/"}],"url":"https://security.gentoo.org/glsa/202401-31"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1982681","reference_id":"1982681","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1982681"},{"reference_url":"https://security.archlinux.org/ASA-202107-70","reference_id":"ASA-202107-70","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202107-70"},{"reference_url":"https://security.archlinux.org/AVG-2174","reference_id":"AVG-2174","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2174"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DDMNDPJJTP3J5GOEDB66F6MGXUTRG3Y3/","reference_id":"DDMNDPJJTP3J5GOEDB66F6MGXUTRG3Y3","reference_type":"","scores":[{"value":"5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-19T14:27:11Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DDMNDPJJTP3J5GOEDB66F6MGXUTRG3Y3/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:2183","reference_id":"RHSA-2022:2183","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:2183"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5952","reference_id":"RHSA-2023:5952","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5952"},{"reference_url":"https://usn.ubuntu.com/5012-1/","reference_id":"USN-5012-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5012-1/"},{"reference_url":"https://usn.ubuntu.com/USN-5521-1/","reference_id":"USN-USN-5521-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/USN-5521-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/75899?format=json","purl":"pkg:ebuild/app-containers/containerd@1.6.14","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/app-containers/containerd@1.6.14"}],"aliases":["CVE-2021-32760","GHSA-c72p-9xmj-rx3w"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4qfu-ng4n-jbfx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/12708?format=json","vulnerability_id":"VCID-9qpc-77v8-13hw","summary":"Moby (Docker Engine) started with non-empty inheritable Linux process capabilities\n### Impact\n\nA bug was found in Moby (Docker Engine) where containers were incorrectly started with non-empty inheritable Linux process capabilities, creating an atypical Linux environment and enabling programs with inheritable file capabilities to elevate those capabilities to the permitted set during `execve(2)`.  Normally, when executable programs have specified permitted file capabilities, otherwise unprivileged users and processes can execute those programs and gain the specified file capabilities up to the bounding set.  Due to this bug, containers which included executable programs with inheritable file capabilities allowed otherwise unprivileged users and processes to additionally gain these inheritable file capabilities up to the container's bounding set.  Containers which use Linux users and groups to perform privilege separation inside the container are most directly impacted.\n\nThis bug did not affect the container security sandbox as the inheritable set never contained more capabilities than were included in the container's bounding set.\n\n\n### Patches\n\nThis bug has been fixed in Moby (Docker Engine) 20.10.14.  Users should update to this version as soon as possible.  Running containers should be stopped, deleted, and recreated for the inheritable capabilities to be reset.\n\nThis fix changes Moby (Docker Engine) behavior such that containers are started with a more typical Linux environment.  Refer to `capabilities(7)` for a description of how capabilities work.  Note that permitted file capabilities continue to allow for privileges to be raised up to the container's bounding set and that processes may add capabilities to their own inheritable set up to the container's bounding set per the rules described in the manual page.  In all cases the container's bounding set provides an upper bound on the capabilities that can be assumed and provides for the container security sandbox.\n\n### Workarounds\n\nThe entrypoint of a container can be modified to use a utility like `capsh(1)` to drop inheritable capabilities prior to the primary process starting.\n\n### Credits\n\nThe Moby project would like to thank [Andrew G. Morgan](https://github.com/AndrewGMorgan) for responsibly disclosing this issue in accordance with the [Moby security policy](https://github.com/moby/moby/blob/master/SECURITY.md).\n\n### For more information\n\nIf you have any questions or comments about this advisory:\n\n* [Open an issue](https://github.com/moby/moby/issues/new)\n* Email us at [security@docker.com](mailto:security@docker.com) if you think you’ve found a security bug","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-24769.json","reference_id":"","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-24769.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-24769","reference_id":"","reference_type":"","scores":[{"value":"0.00097","scoring_system":"epss","scoring_elements":"0.2659","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00097","scoring_system":"epss","scoring_elements":"0.26512","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00097","scoring_system":"epss","scoring_elements":"0.2651","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00097","scoring_system":"epss","scoring_elements":"0.26495","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00097","scoring_system":"epss","scoring_elements":"0.26567","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00097","scoring_system":"epss","scoring_elements":"0.2644","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00097","scoring_system":"epss","scoring_elements":"0.26573","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00097","scoring_system":"epss","scoring_elements":"0.26644","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00097","scoring_system":"epss","scoring_elements":"0.26652","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00097","scoring_system":"epss","scoring_elements":"0.26709","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00097","scoring_system":"epss","scoring_elements":"0.26746","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00097","scoring_system":"epss","scoring_elements":"0.26774","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00097","scoring_system":"epss","scoring_elements":"0.26767","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00097","scoring_system":"epss","scoring_elements":"0.26825","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00097","scoring_system":"epss","scoring_elements":"0.26869","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00097","scoring_system":"epss","scoring_elements":"0.26866","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00097","scoring_system":"epss","scoring_elements":"0.26819","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00097","scoring_system":"epss","scoring_elements":"0.2675","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00111","scoring_system":"epss","scoring_elements":"0.29614","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00111","scoring_system":"epss","scoring_elements":"0.29566","published_at":"2026-04-02T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-24769"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24769","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24769"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31030","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31030"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/moby/moby","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moby/moby"},{"reference_url":"https://github.com/moby/moby/commit/2bbc786e4c59761d722d2d1518cd0a32829bc07f","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moby/moby/commit/2bbc786e4c59761d722d2d1518cd0a32829bc07f"},{"reference_url":"https://github.com/moby/moby/commit/7f375bcff41ce672cd61e9a31f3eeb2966e3dbe1","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moby/moby/commit/7f375bcff41ce672cd61e9a31f3eeb2966e3dbe1"},{"reference_url":"https://github.com/moby/moby/releases/tag/v20.10.14","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moby/moby/releases/tag/v20.10.14"},{"reference_url":"https://github.com/moby/moby/security/advisories/GHSA-2mm7-x5h6-5pvq","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moby/moby/security/advisories/GHSA-2mm7-x5h6-5pvq"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6PMQKCAPK2AR3DCYITJYMMNBEGQBGLCC","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6PMQKCAPK2AR3DCYITJYMMNBEGQBGLCC"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/A5AFKOQ5CE3CEIULWW4FLQKHFFU6FSYG","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/A5AFKOQ5CE3CEIULWW4FLQKHFFU6FSYG"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/A5FQJ3MLFSEKQYCFPFZIKYGBXPZUJFVY","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/A5FQJ3MLFSEKQYCFPFZIKYGBXPZUJFVY"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FPOJUJZXGMIVKRS4QR75F6OIXNQ6LDBL","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FPOJUJZXGMIVKRS4QR75F6OIXNQ6LDBL"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HIMAHZ6AUIKN7AX26KHZYBXVECIOVWBH","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HIMAHZ6AUIKN7AX26KHZYBXVECIOVWBH"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HQCVS7WBFSTKJFNX5PGDRARMTOFWV2O7","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HQCVS7WBFSTKJFNX5PGDRARMTOFWV2O7"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6PMQKCAPK2AR3DCYITJYMMNBEGQBGLCC","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6PMQKCAPK2AR3DCYITJYMMNBEGQBGLCC"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/A5AFKOQ5CE3CEIULWW4FLQKHFFU6FSYG","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/A5AFKOQ5CE3CEIULWW4FLQKHFFU6FSYG"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/A5FQJ3MLFSEKQYCFPFZIKYGBXPZUJFVY","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/A5FQJ3MLFSEKQYCFPFZIKYGBXPZUJFVY"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FPOJUJZXGMIVKRS4QR75F6OIXNQ6LDBL","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FPOJUJZXGMIVKRS4QR75F6OIXNQ6LDBL"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HIMAHZ6AUIKN7AX26KHZYBXVECIOVWBH","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HIMAHZ6AUIKN7AX26KHZYBXVECIOVWBH"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HQCVS7WBFSTKJFNX5PGDRARMTOFWV2O7","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HQCVS7WBFSTKJFNX5PGDRARMTOFWV2O7"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-24769","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-24769"},{"reference_url":"https://security.gentoo.org/glsa/202401-31","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.gentoo.org/glsa/202401-31"},{"reference_url":"https://www.debian.org/security/2022/dsa-5162","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.debian.org/security/2022/dsa-5162"},{"reference_url":"http://www.openwall.com/lists/oss-security/2022/05/12/1","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2022/05/12/1"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2066837","reference_id":"2066837","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2066837"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:1357","reference_id":"RHSA-2022:1357","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:1357"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:1363","reference_id":"RHSA-2022:1363","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:1363"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:1370","reference_id":"RHSA-2022:1370","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:1370"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:1622","reference_id":"RHSA-2022:1622","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:1622"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:1699","reference_id":"RHSA-2022:1699","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:1699"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:2265","reference_id":"RHSA-2022:2265","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:2265"},{"reference_url":"https://usn.ubuntu.com/5776-1/","reference_id":"USN-5776-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5776-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/75899?format=json","purl":"pkg:ebuild/app-containers/containerd@1.6.14","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/app-containers/containerd@1.6.14"}],"aliases":["CVE-2022-24769","GHSA-2mm7-x5h6-5pvq"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9qpc-77v8-13hw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/34359?format=json","vulnerability_id":"VCID-kuwr-ugf2-rke4","summary":"Insufficiently restricted permissions on plugin directories\n### Impact\nA bug was found in containerd where container root directories and some plugins had insufficiently restricted permissions, allowing otherwise unprivileged Linux users to traverse directory contents and execute programs. When containers included executable programs with extended permission bits (such as setuid), unprivileged Linux users could discover and execute those programs. When the UID of an unprivileged Linux user on the host collided with the file owner or group inside a container, the unprivileged Linux user on the host could discover, read, and modify those files.\n\n### Patches\nThis vulnerability has been fixed in containerd 1.4.11 and containerd 1.5.7. Users should update to these version when they are released and may restart containers or update directory permissions to mitigate the vulnerability.\n\n### Workarounds\nLimit access to the host to trusted users. Update directory permission on container bundles directories. \n\n### For more information\nIf you have any questions or comments about this advisory: \n* Open an issue in [github.com/containerd/containerd](https://github.com/containerd/containerd/issues/new/choose)\n* Email us at [security@containerd.io](mailto:security@containerd.io)","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-41103.json","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-41103.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-41103","reference_id":"","reference_type":"","scores":[{"value":"0.00085","scoring_system":"epss","scoring_elements":"0.24648","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00085","scoring_system":"epss","scoring_elements":"0.24356","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00085","scoring_system":"epss","scoring_elements":"0.2448","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00085","scoring_system":"epss","scoring_elements":"0.24522","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00085","scoring_system":"epss","scoring_elements":"0.24535","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00085","scoring_system":"epss","scoring_elements":"0.24592","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00085","scoring_system":"epss","scoring_elements":"0.24614","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00085","scoring_system":"epss","scoring_elements":"0.24624","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00085","scoring_system":"epss","scoring_elements":"0.24611","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00085","scoring_system":"epss","scoring_elements":"0.24668","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00085","scoring_system":"epss","scoring_elements":"0.24689","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00085","scoring_system":"epss","scoring_elements":"0.24709","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00085","scoring_system":"epss","scoring_elements":"0.24766","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00085","scoring_system":"epss","scoring_elements":"0.24805","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00085","scoring_system":"epss","scoring_elements":"0.24579","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00085","scoring_system":"epss","scoring_elements":"0.24695","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00221","scoring_system":"epss","scoring_elements":"0.44526","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00221","scoring_system":"epss","scoring_elements":"0.44508","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00221","scoring_system":"epss","scoring_elements":"0.44461","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00257","scoring_system":"epss","scoring_elements":"0.49101","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00257","scoring_system":"epss","scoring_elements":"0.49176","published_at":"2026-05-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-41103"},{"reference_url":"https://cert-portal.siemens.com/productcert/pdf/ssa-222547.pdf","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://cert-portal.siemens.com/productcert/pdf/ssa-222547.pdf"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41103","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41103"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/containerd/containerd","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/containerd/containerd"},{"reference_url":"https://github.com/containerd/containerd/commit/5b46e404f6b9f661a205e28d59c982d3634148f8","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/containerd/containerd/commit/5b46e404f6b9f661a205e28d59c982d3634148f8"},{"reference_url":"https://github.com/containerd/containerd/releases/tag/v1.4.11","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/containerd/containerd/releases/tag/v1.4.11"},{"reference_url":"https://github.com/containerd/containerd/releases/tag/v1.5.7","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/containerd/containerd/releases/tag/v1.5.7"},{"reference_url":"https://github.com/containerd/containerd/security/advisories/GHSA-c2h3-6mxw-7mvq","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/containerd/containerd/security/advisories/GHSA-c2h3-6mxw-7mvq"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/B5Q6G6I4W5COQE25QMC7FJY3I3PAYFBB","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/B5Q6G6I4W5COQE25QMC7FJY3I3PAYFBB"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZNFADTCHHYWVM6W4NJ6CB4FNFM2VMBIB","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZNFADTCHHYWVM6W4NJ6CB4FNFM2VMBIB"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/B5Q6G6I4W5COQE25QMC7FJY3I3PAYFBB","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/B5Q6G6I4W5COQE25QMC7FJY3I3PAYFBB"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZNFADTCHHYWVM6W4NJ6CB4FNFM2VMBIB","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZNFADTCHHYWVM6W4NJ6CB4FNFM2VMBIB"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2021-41103","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-41103"},{"reference_url":"https://security.gentoo.org/glsa/202401-31","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.gentoo.org/glsa/202401-31"},{"reference_url":"https://www.debian.org/security/2021/dsa-5002","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.debian.org/security/2021/dsa-5002"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2011007","reference_id":"2011007","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2011007"},{"reference_url":"https://security.archlinux.org/AVG-2439","reference_id":"AVG-2439","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2439"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5673","reference_id":"RHSA-2022:5673","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5673"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:6517","reference_id":"RHSA-2022:6517","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:6517"},{"reference_url":"https://usn.ubuntu.com/5100-1/","reference_id":"USN-5100-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5100-1/"},{"reference_url":"https://usn.ubuntu.com/USN-5521-1/","reference_id":"USN-USN-5521-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/USN-5521-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/75899?format=json","purl":"pkg:ebuild/app-containers/containerd@1.6.14","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/app-containers/containerd@1.6.14"}],"aliases":["CVE-2021-41103","GHSA-c2h3-6mxw-7mvq"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-kuwr-ugf2-rke4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/42022?format=json","vulnerability_id":"VCID-tc5s-4nx2-y7d9","summary":"Multiple vulnerabilities have been found in containerd, the worst of which could result in privilege escalation.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-23471","reference_id":"","reference_type":"","scores":[{"value":"0.00245","scoring_system":"epss","scoring_elements":"0.4779","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00245","scoring_system":"epss","scoring_elements":"0.47693","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00245","scoring_system":"epss","scoring_elements":"0.47752","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00245","scoring_system":"epss","scoring_elements":"0.47778","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00245","scoring_system":"epss","scoring_elements":"0.47729","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00245","scoring_system":"epss","scoring_elements":"0.47663","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00245","scoring_system":"epss","scoring_elements":"0.47798","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00245","scoring_system":"epss","scoring_elements":"0.47746","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00245","scoring_system":"epss","scoring_elements":"0.47801","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00245","scoring_system":"epss","scoring_elements":"0.47797","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00245","scoring_system":"epss","scoring_elements":"0.47821","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00245","scoring_system":"epss","scoring_elements":"0.47807","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00245","scoring_system":"epss","scoring_elements":"0.47861","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00245","scoring_system":"epss","scoring_elements":"0.47854","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00245","scoring_system":"epss","scoring_elements":"0.47799","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00245","scoring_system":"epss","scoring_elements":"0.47724","published_at":"2026-05-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-23471"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23471","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23471"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/containerd/containerd","reference_id":"","reference_type":"","scores":[{"value":"5.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/containerd/containerd"},{"reference_url":"https://github.com/containerd/containerd/commit/241563be06a3de8b6a849414c4e805b68d3bb295","reference_id":"","reference_type":"","scores":[{"value":"5.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/containerd/containerd/commit/241563be06a3de8b6a849414c4e805b68d3bb295"},{"reference_url":"https://github.com/containerd/containerd/commit/a05d175400b1145e5e6a735a6710579d181e7fb0","reference_id":"","reference_type":"","scores":[{"value":"5.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:52:53Z/"}],"url":"https://github.com/containerd/containerd/commit/a05d175400b1145e5e6a735a6710579d181e7fb0"},{"reference_url":"https://github.com/containerd/containerd/releases/tag/v1.5.16","reference_id":"","reference_type":"","scores":[{"value":"5.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/containerd/containerd/releases/tag/v1.5.16"},{"reference_url":"https://github.com/containerd/containerd/releases/tag/v1.6.12","reference_id":"","reference_type":"","scores":[{"value":"5.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/containerd/containerd/releases/tag/v1.6.12"},{"reference_url":"https://github.com/containerd/containerd/security/advisories/GHSA-2qjp-425j-52j9","reference_id":"","reference_type":"","scores":[{"value":"5.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:52:53Z/"}],"url":"https://github.com/containerd/containerd/security/advisories/GHSA-2qjp-425j-52j9"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-23471","reference_id":"","reference_type":"","scores":[{"value":"5.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-23471"},{"reference_url":"https://security.gentoo.org/glsa/202401-31","reference_id":"","reference_type":"","scores":[{"value":"5.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:52:53Z/"}],"url":"https://security.gentoo.org/glsa/202401-31"},{"reference_url":"https://usn.ubuntu.com/5776-1/","reference_id":"USN-5776-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5776-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/75899?format=json","purl":"pkg:ebuild/app-containers/containerd@1.6.14","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/app-containers/containerd@1.6.14"}],"aliases":["CVE-2022-23471","GHSA-2qjp-425j-52j9"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-tc5s-4nx2-y7d9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/42023?format=json","vulnerability_id":"VCID-zedh-ff93-yka4","summary":"Multiple vulnerabilities have been found in containerd, the worst of which could result in privilege escalation.","references":[{"reference_url":"http://packetstormsecurity.com/files/166421/containerd-Image-Volume-Insecure-Handling.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://packetstormsecurity.com/files/166421/containerd-Image-Volume-Insecure-Handling.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-23648.json","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-23648.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-23648","reference_id":"","reference_type":"","scores":[{"value":"0.05848","scoring_system":"epss","scoring_elements":"0.90614","published_at":"2026-05-11T12:55:00Z"},{"value":"0.05848","scoring_system":"epss","scoring_elements":"0.90617","published_at":"2026-05-09T12:55:00Z"},{"value":"0.05848","scoring_system":"epss","scoring_elements":"0.90623","published_at":"2026-05-12T12:55:00Z"},{"value":"0.05848","scoring_system":"epss","scoring_elements":"0.90605","published_at":"2026-05-07T12:55:00Z"},{"value":"0.05848","scoring_system":"epss","scoring_elements":"0.90587","published_at":"2026-05-05T12:55:00Z"},{"value":"0.05848","scoring_system":"epss","scoring_elements":"0.90575","published_at":"2026-04-29T12:55:00Z"},{"value":"0.05848","scoring_system":"epss","scoring_elements":"0.90579","published_at":"2026-04-26T12:55:00Z"},{"value":"0.05848","scoring_system":"epss","scoring_elements":"0.90578","published_at":"2026-04-24T12:55:00Z"},{"value":"0.05848","scoring_system":"epss","scoring_elements":"0.90564","published_at":"2026-04-21T12:55:00Z"},{"value":"0.05848","scoring_system":"epss","scoring_elements":"0.90637","published_at":"2026-05-14T12:55:00Z"},{"value":"0.06156","scoring_system":"epss","scoring_elements":"0.90793","published_at":"2026-04-04T12:55:00Z"},{"value":"0.06156","scoring_system":"epss","scoring_elements":"0.90846","published_at":"2026-04-18T12:55:00Z"},{"value":"0.06156","scoring_system":"epss","scoring_elements":"0.90848","published_at":"2026-04-16T12:55:00Z"},{"value":"0.06156","scoring_system":"epss","scoring_elements":"0.90829","published_at":"2026-04-13T12:55:00Z"},{"value":"0.06156","scoring_system":"epss","scoring_elements":"0.90831","published_at":"2026-04-12T12:55:00Z"},{"value":"0.06156","scoring_system":"epss","scoring_elements":"0.9083","published_at":"2026-04-11T12:55:00Z"},{"value":"0.06156","scoring_system":"epss","scoring_elements":"0.90822","published_at":"2026-04-09T12:55:00Z"},{"value":"0.06156","scoring_system":"epss","scoring_elements":"0.90815","published_at":"2026-04-08T12:55:00Z"},{"value":"0.06156","scoring_system":"epss","scoring_elements":"0.90804","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0813","scoring_system":"epss","scoring_elements":"0.92141","published_at":"2026-04-02T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-23648"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23648","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23648"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/containerd/containerd","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/containerd/containerd"},{"reference_url":"https://github.com/containerd/containerd/commit/10f428dac7cec44c864e1b830a4623af27a9fc70","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/containerd/containerd/commit/10f428dac7cec44c864e1b830a4623af27a9fc70"},{"reference_url":"https://github.com/containerd/containerd/releases/tag/v1.4.13","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/containerd/containerd/releases/tag/v1.4.13"},{"reference_url":"https://github.com/containerd/containerd/releases/tag/v1.5.10","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/containerd/containerd/releases/tag/v1.5.10"},{"reference_url":"https://github.com/containerd/containerd/releases/tag/v1.6.1","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/containerd/containerd/releases/tag/v1.6.1"},{"reference_url":"https://github.com/containerd/containerd/security/advisories/GHSA-crp2-qrr5-8pq7","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/containerd/containerd/security/advisories/GHSA-crp2-qrr5-8pq7"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AUDQUQBZJGBWJPMRVB6QCCCRF7O3O4PA","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AUDQUQBZJGBWJPMRVB6QCCCRF7O3O4PA"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HFTS2EF3S7HNYSNZSEJZIJHPRU7OPUV3","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HFTS2EF3S7HNYSNZSEJZIJHPRU7OPUV3"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OCCARJ6FU4MWBTXHZNMS7NELPDBIX2VO","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OCCARJ6FU4MWBTXHZNMS7NELPDBIX2VO"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AUDQUQBZJGBWJPMRVB6QCCCRF7O3O4PA","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AUDQUQBZJGBWJPMRVB6QCCCRF7O3O4PA"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HFTS2EF3S7HNYSNZSEJZIJHPRU7OPUV3","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HFTS2EF3S7HNYSNZSEJZIJHPRU7OPUV3"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OCCARJ6FU4MWBTXHZNMS7NELPDBIX2VO","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OCCARJ6FU4MWBTXHZNMS7NELPDBIX2VO"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-23648","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-23648"},{"reference_url":"https://security.gentoo.org/glsa/202401-31","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.gentoo.org/glsa/202401-31"},{"reference_url":"https://www.debian.org/security/2022/dsa-5091","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.debian.org/security/2022/dsa-5091"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2060029","reference_id":"2060029","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2060029"},{"reference_url":"https://security.archlinux.org/AVG-2725","reference_id":"AVG-2725","reference_type":"","scores":[{"value":"Unknown","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2725"},{"reference_url":"https://usn.ubuntu.com/5311-1/","reference_id":"USN-5311-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5311-1/"},{"reference_url":"https://usn.ubuntu.com/5311-2/","reference_id":"USN-5311-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5311-2/"},{"reference_url":"https://usn.ubuntu.com/USN-5521-1/","reference_id":"USN-USN-5521-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/USN-5521-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/75899?format=json","purl":"pkg:ebuild/app-containers/containerd@1.6.14","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/app-containers/containerd@1.6.14"}],"aliases":["CVE-2022-23648","GHSA-crp2-qrr5-8pq7"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zedh-ff93-yka4"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/app-containers/containerd@1.6.14"}