Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/923825?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/923825?format=api", "purl": "pkg:deb/debian/golang-1.19@1.19.8-2?distro=bookworm", "type": "deb", "namespace": "debian", "name": "golang-1.19", "version": "1.19.8-2", "qualifiers": { "distro": "bookworm" }, "subpath": "", "is_vulnerable": false, "next_non_vulnerable_version": null, "latest_non_vulnerable_version": null, "affected_by_vulnerabilities": [], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/42101?format=api", "vulnerability_id": "VCID-1rsj-pm1p-qbd6", "summary": "Multiple vulnerabilities have been discovered in Go, the worst of which could lead to remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-2880.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-2880.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-2880", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00031", "scoring_system": "epss", "scoring_elements": "0.09016", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00031", "scoring_system": "epss", "scoring_elements": "0.09067", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00031", "scoring_system": "epss", "scoring_elements": "0.08991", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00031", "scoring_system": "epss", "scoring_elements": "0.09071", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00031", "scoring_system": "epss", "scoring_elements": "0.09102", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00031", "scoring_system": "epss", "scoring_elements": "0.09103", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00031", "scoring_system": "epss", "scoring_elements": "0.0907", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00031", "scoring_system": "epss", "scoring_elements": "0.09056", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00031", "scoring_system": "epss", "scoring_elements": "0.08951", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00031", "scoring_system": "epss", "scoring_elements": "0.08932", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00031", "scoring_system": "epss", "scoring_elements": "0.09084", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00031", "scoring_system": "epss", "scoring_elements": "0.09128", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00031", "scoring_system": "epss", "scoring_elements": "0.09076", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00031", "scoring_system": "epss", "scoring_elements": "0.09045", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00031", "scoring_system": "epss", "scoring_elements": "0.0896", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00031", "scoring_system": "epss", "scoring_elements": "0.09123", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00031", "scoring_system": "epss", "scoring_elements": "0.09192", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00031", "scoring_system": "epss", "scoring_elements": "0.09158", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.00031", "scoring_system": "epss", "scoring_elements": "0.09181", "published_at": "2026-05-12T12:55:00Z" }, { "value": "0.00031", "scoring_system": "epss", "scoring_elements": "0.09253", "published_at": "2026-05-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-2880" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2880", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2880" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2132868", "reference_id": "2132868", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2132868" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7398", "reference_id": "RHSA-2022:7398", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7398" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7399", "reference_id": "RHSA-2022:7399", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7399" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:8535", "reference_id": "RHSA-2022:8535", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:8535" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:8781", "reference_id": "RHSA-2022:8781", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:8781" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0264", "reference_id": "RHSA-2023:0264", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0264" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0328", "reference_id": "RHSA-2023:0328", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0328" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0445", "reference_id": "RHSA-2023:0445", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0445" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0446", "reference_id": "RHSA-2023:0446", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0446" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0584", "reference_id": "RHSA-2023:0584", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0584" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0693", "reference_id": "RHSA-2023:0693", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0693" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0708", "reference_id": "RHSA-2023:0708", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0708" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0709", "reference_id": "RHSA-2023:0709", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0709" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0727", "reference_id": "RHSA-2023:0727", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0727" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1042", "reference_id": "RHSA-2023:1042", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1042" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1174", "reference_id": "RHSA-2023:1174", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1174" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1275", "reference_id": "RHSA-2023:1275", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1275" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:2167", "reference_id": "RHSA-2023:2167", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:2167" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:2204", "reference_id": "RHSA-2023:2204", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:2204" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:2357", "reference_id": "RHSA-2023:2357", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:2357" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:2780", "reference_id": "RHSA-2023:2780", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:2780" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:2784", "reference_id": "RHSA-2023:2784", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:2784" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:2866", "reference_id": "RHSA-2023:2866", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:2866" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3205", "reference_id": "RHSA-2023:3205", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3205" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3613", "reference_id": "RHSA-2023:3613", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3613" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3642", "reference_id": "RHSA-2023:3642", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3642" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3742", "reference_id": "RHSA-2023:3742", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3742" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4003", "reference_id": "RHSA-2023:4003", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4003" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0121", "reference_id": "RHSA-2024:0121", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0121" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2944", "reference_id": "RHSA-2024:2944", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2944" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2988", "reference_id": "RHSA-2024:2988", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2988" }, { "reference_url": "https://usn.ubuntu.com/6038-1/", "reference_id": "USN-6038-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6038-1/" }, { "reference_url": "https://usn.ubuntu.com/6038-2/", "reference_id": "USN-6038-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6038-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/923829?format=api", "purl": "pkg:deb/debian/golang-1.19@1.19.2-1?distro=bookworm", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.19@1.19.2-1%3Fdistro=bookworm" }, { "url": "http://public2.vulnerablecode.io/api/packages/923825?format=api", "purl": "pkg:deb/debian/golang-1.19@1.19.8-2?distro=bookworm", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.19@1.19.8-2%3Fdistro=bookworm" } ], "aliases": [ "CVE-2022-2880" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1rsj-pm1p-qbd6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/42100?format=api", "vulnerability_id": "VCID-3ypr-ppaw-kkf4", "summary": "Multiple vulnerabilities have been discovered in Go, the worst of which could lead to remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-2879.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-2879.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-2879", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00016", "scoring_system": "epss", "scoring_elements": "0.03412", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00016", "scoring_system": "epss", "scoring_elements": "0.03425", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00016", "scoring_system": "epss", "scoring_elements": "0.0344", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00016", "scoring_system": "epss", "scoring_elements": "0.03443", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00016", "scoring_system": "epss", "scoring_elements": "0.03465", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00016", "scoring_system": "epss", "scoring_elements": "0.03396", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00016", "scoring_system": "epss", "scoring_elements": "0.03373", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00016", "scoring_system": "epss", "scoring_elements": "0.03347", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00016", "scoring_system": "epss", "scoring_elements": "0.0336", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00016", "scoring_system": "epss", "scoring_elements": "0.03477", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00016", "scoring_system": "epss", "scoring_elements": "0.03463", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00016", "scoring_system": "epss", "scoring_elements": "0.03469", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00016", "scoring_system": "epss", "scoring_elements": "0.03514", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00016", "scoring_system": "epss", "scoring_elements": "0.03479", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00016", "scoring_system": "epss", "scoring_elements": "0.03499", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00016", "scoring_system": "epss", "scoring_elements": "0.03535", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00016", "scoring_system": "epss", "scoring_elements": "0.0354", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.00016", "scoring_system": "epss", "scoring_elements": "0.03546", "published_at": "2026-05-12T12:55:00Z" }, { "value": "0.00016", "scoring_system": "epss", "scoring_elements": "0.03585", "published_at": "2026-05-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-2879" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2879", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2879" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2132867", "reference_id": "2132867", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2132867" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7398", "reference_id": "RHSA-2022:7398", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7398" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7399", "reference_id": "RHSA-2022:7399", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7399" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:8535", "reference_id": "RHSA-2022:8535", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:8535" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:8781", "reference_id": "RHSA-2022:8781", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:8781" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0264", "reference_id": "RHSA-2023:0264", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0264" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0328", "reference_id": "RHSA-2023:0328", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0328" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0445", "reference_id": "RHSA-2023:0445", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0445" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0446", "reference_id": "RHSA-2023:0446", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0446" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0693", "reference_id": "RHSA-2023:0693", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0693" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0708", "reference_id": "RHSA-2023:0708", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0708" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0709", "reference_id": "RHSA-2023:0709", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0709" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0727", "reference_id": "RHSA-2023:0727", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0727" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1042", "reference_id": "RHSA-2023:1042", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1042" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1079", "reference_id": "RHSA-2023:1079", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1079" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1174", "reference_id": "RHSA-2023:1174", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1174" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:2204", "reference_id": "RHSA-2023:2204", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:2204" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:2780", "reference_id": "RHSA-2023:2780", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:2780" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3205", "reference_id": "RHSA-2023:3205", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3205" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3613", "reference_id": "RHSA-2023:3613", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3613" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3742", "reference_id": "RHSA-2023:3742", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3742" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4003", "reference_id": "RHSA-2023:4003", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4003" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0121", "reference_id": "RHSA-2024:0121", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0121" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2944", "reference_id": "RHSA-2024:2944", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2944" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2988", "reference_id": "RHSA-2024:2988", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2988" }, { "reference_url": "https://usn.ubuntu.com/6038-1/", "reference_id": "USN-6038-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6038-1/" }, { "reference_url": "https://usn.ubuntu.com/6038-2/", "reference_id": "USN-6038-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6038-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/923829?format=api", "purl": "pkg:deb/debian/golang-1.19@1.19.2-1?distro=bookworm", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.19@1.19.2-1%3Fdistro=bookworm" }, { "url": "http://public2.vulnerablecode.io/api/packages/923825?format=api", "purl": "pkg:deb/debian/golang-1.19@1.19.8-2?distro=bookworm", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.19@1.19.8-2%3Fdistro=bookworm" } ], "aliases": [ "CVE-2022-2879" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3ypr-ppaw-kkf4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/36650?format=api", "vulnerability_id": "VCID-498g-zap2-vqag", "summary": "Multiple vulnerabilities have been found in Go, the worst of which could result in remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-30635.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-30635.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-30635", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00096", "scoring_system": "epss", "scoring_elements": "0.26617", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00096", "scoring_system": "epss", "scoring_elements": "0.26565", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00096", "scoring_system": "epss", "scoring_elements": "0.26662", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00096", "scoring_system": "epss", "scoring_elements": "0.26447", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00096", "scoring_system": "epss", "scoring_elements": "0.26516", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00096", "scoring_system": "epss", "scoring_elements": "0.26571", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00096", "scoring_system": "epss", "scoring_elements": "0.26526", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00096", "scoring_system": "epss", "scoring_elements": "0.26468", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00096", "scoring_system": "epss", "scoring_elements": "0.26475", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00096", "scoring_system": "epss", "scoring_elements": "0.26445", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00096", "scoring_system": "epss", "scoring_elements": "0.26407", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00114", "scoring_system": "epss", "scoring_elements": "0.29504", "published_at": "2026-05-12T12:55:00Z" }, { "value": "0.00114", "scoring_system": "epss", "scoring_elements": "0.29798", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00114", "scoring_system": "epss", "scoring_elements": "0.29685", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00114", "scoring_system": "epss", "scoring_elements": "0.29623", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00114", "scoring_system": "epss", "scoring_elements": "0.29584", "published_at": "2026-05-14T12:55:00Z" }, { "value": "0.00114", "scoring_system": "epss", "scoring_elements": "0.29484", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00114", "scoring_system": "epss", "scoring_elements": "0.29546", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00114", "scoring_system": "epss", "scoring_elements": "0.29558", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00114", "scoring_system": "epss", "scoring_elements": "0.29483", "published_at": "2026-05-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-30635" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30635", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30635" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2107388", "reference_id": "2107388", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2107388" }, { "reference_url": "https://go.dev/cl/417064", "reference_id": "417064", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-06T17:44:14Z/" } ], "url": "https://go.dev/cl/417064" }, { "reference_url": "https://go.dev/issue/53615", "reference_id": "53615", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-06T17:44:14Z/" } ], "url": "https://go.dev/issue/53615" }, { "reference_url": "https://go.googlesource.com/go/+/6fa37e98ea4382bf881428ee0c150ce591500eb7", "reference_id": "6fa37e98ea4382bf881428ee0c150ce591500eb7", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-06T17:44:14Z/" } ], "url": "https://go.googlesource.com/go/+/6fa37e98ea4382bf881428ee0c150ce591500eb7" }, { "reference_url": "https://security.gentoo.org/glsa/202208-02", "reference_id": "GLSA-202208-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202208-02" }, { "reference_url": "https://pkg.go.dev/vuln/GO-2022-0526", "reference_id": "GO-2022-0526", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-06T17:44:14Z/" } ], "url": "https://pkg.go.dev/vuln/GO-2022-0526" }, { "reference_url": "https://groups.google.com/g/golang-announce/c/nqrv9fbR0zE", "reference_id": "nqrv9fbR0zE", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-06T17:44:14Z/" } ], "url": "https://groups.google.com/g/golang-announce/c/nqrv9fbR0zE" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5775", "reference_id": "RHSA-2022:5775", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5775" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5799", "reference_id": "RHSA-2022:5799", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5799" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5866", "reference_id": "RHSA-2022:5866", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5866" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:6040", "reference_id": "RHSA-2022:6040", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:6040" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:6042", "reference_id": "RHSA-2022:6042", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:6042" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:6152", "reference_id": "RHSA-2022:6152", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:6152" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:6283", "reference_id": "RHSA-2022:6283", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:6283" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7129", "reference_id": "RHSA-2022:7129", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7129" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7519", "reference_id": "RHSA-2022:7519", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7519" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7648", "reference_id": "RHSA-2022:7648", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7648" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:8057", "reference_id": "RHSA-2022:8057", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:8057" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:8250", "reference_id": "RHSA-2022:8250", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:8250" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:8634", "reference_id": "RHSA-2022:8634", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:8634" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:9047", "reference_id": "RHSA-2022:9047", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:9047" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0407", "reference_id": "RHSA-2023:0407", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0407" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0408", "reference_id": "RHSA-2023:0408", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0408" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1042", "reference_id": "RHSA-2023:1042", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1042" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1275", "reference_id": "RHSA-2023:1275", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1275" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:2357", "reference_id": "RHSA-2023:2357", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:2357" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:2758", "reference_id": "RHSA-2023:2758", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:2758" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:2802", "reference_id": "RHSA-2023:2802", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:2802" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3642", "reference_id": "RHSA-2023:3642", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3642" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3742", "reference_id": "RHSA-2023:3742", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3742" }, { "reference_url": "https://usn.ubuntu.com/6038-1/", "reference_id": "USN-6038-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6038-1/" }, { "reference_url": "https://usn.ubuntu.com/6038-2/", "reference_id": "USN-6038-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6038-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/923827?format=api", "purl": "pkg:deb/debian/golang-1.19@1.19~rc2-1?distro=bookworm", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.19@1.19~rc2-1%3Fdistro=bookworm" }, { "url": "http://public2.vulnerablecode.io/api/packages/923825?format=api", "purl": "pkg:deb/debian/golang-1.19@1.19.8-2?distro=bookworm", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.19@1.19.8-2%3Fdistro=bookworm" } ], "aliases": [ "CVE-2022-30635" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-498g-zap2-vqag" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/42106?format=api", "vulnerability_id": "VCID-4ufj-v5z1-huec", "summary": "Multiple vulnerabilities have been discovered in Go, the worst of which could lead to remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-24534.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-24534.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-24534", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00119", "scoring_system": "epss", "scoring_elements": "0.30809", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00119", "scoring_system": "epss", "scoring_elements": "0.3083", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00119", "scoring_system": "epss", "scoring_elements": "0.30918", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00119", "scoring_system": "epss", "scoring_elements": "0.30888", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00119", "scoring_system": "epss", "scoring_elements": "0.30844", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00119", "scoring_system": "epss", "scoring_elements": "0.30864", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00119", "scoring_system": "epss", "scoring_elements": "0.30833", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00119", "scoring_system": "epss", "scoring_elements": "0.30878", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00119", "scoring_system": "epss", "scoring_elements": "0.30921", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00137", "scoring_system": "epss", "scoring_elements": "0.33636", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00137", "scoring_system": "epss", "scoring_elements": "0.33669", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00146", "scoring_system": "epss", "scoring_elements": "0.34585", "published_at": "2026-05-14T12:55:00Z" }, { "value": "0.00146", "scoring_system": "epss", "scoring_elements": "0.34517", "published_at": "2026-05-12T12:55:00Z" }, { "value": "0.00162", "scoring_system": "epss", "scoring_elements": "0.3659", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.00162", "scoring_system": "epss", "scoring_elements": "0.36812", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00162", "scoring_system": "epss", "scoring_elements": "0.3678", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00162", "scoring_system": "epss", "scoring_elements": "0.36692", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00162", "scoring_system": "epss", "scoring_elements": "0.36574", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00162", "scoring_system": "epss", "scoring_elements": "0.36643", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00162", "scoring_system": "epss", "scoring_elements": "0.36669", "published_at": "2026-05-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-24534" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-24534", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-24534" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2184483", "reference_id": "2184483", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2184483" }, { "reference_url": "https://go.dev/cl/481994", "reference_id": "481994", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-12T17:14:51Z/" } ], "url": "https://go.dev/cl/481994" }, { "reference_url": "https://go.dev/issue/58975", "reference_id": "58975", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-12T17:14:51Z/" } ], "url": "https://go.dev/issue/58975" }, { "reference_url": "https://pkg.go.dev/vuln/GO-2023-1704", "reference_id": "GO-2023-1704", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-12T17:14:51Z/" } ], "url": "https://pkg.go.dev/vuln/GO-2023-1704" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20230526-0007/", "reference_id": "ntap-20230526-0007", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-12T17:14:51Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20230526-0007/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3167", "reference_id": "RHSA-2023:3167", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3167" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3318", "reference_id": "RHSA-2023:3318", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3318" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3319", "reference_id": "RHSA-2023:3319", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3319" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3366", "reference_id": "RHSA-2023:3366", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3366" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3367", "reference_id": "RHSA-2023:3367", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3367" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3445", "reference_id": "RHSA-2023:3445", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3445" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3450", "reference_id": "RHSA-2023:3450", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3450" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3455", "reference_id": "RHSA-2023:3455", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3455" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3536", "reference_id": "RHSA-2023:3536", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3536" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3540", "reference_id": "RHSA-2023:3540", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3540" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3612", "reference_id": "RHSA-2023:3612", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3612" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3624", "reference_id": "RHSA-2023:3624", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3624" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3918", "reference_id": "RHSA-2023:3918", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3918" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3943", "reference_id": "RHSA-2023:3943", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3943" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4003", "reference_id": "RHSA-2023:4003", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4003" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4335", "reference_id": "RHSA-2023:4335", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4335" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4459", "reference_id": "RHSA-2023:4459", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4459" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4470", "reference_id": "RHSA-2023:4470", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4470" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4627", "reference_id": "RHSA-2023:4627", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4627" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4657", "reference_id": "RHSA-2023:4657", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4657" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4664", "reference_id": "RHSA-2023:4664", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4664" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5964", "reference_id": "RHSA-2023:5964", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5964" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5976", "reference_id": "RHSA-2023:5976", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5976" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6346", "reference_id": "RHSA-2023:6346", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6346" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6363", "reference_id": "RHSA-2023:6363", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6363" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6402", "reference_id": "RHSA-2023:6402", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6402" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6420", "reference_id": "RHSA-2023:6420", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6420" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6473", "reference_id": "RHSA-2023:6473", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6473" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6474", "reference_id": "RHSA-2023:6474", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6474" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6832", "reference_id": "RHSA-2023:6832", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6832" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6938", "reference_id": "RHSA-2023:6938", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6938" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6939", "reference_id": "RHSA-2023:6939", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6939" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2944", "reference_id": "RHSA-2024:2944", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2944" }, { "reference_url": "https://usn.ubuntu.com/6038-1/", "reference_id": "USN-6038-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6038-1/" }, { "reference_url": "https://usn.ubuntu.com/6038-2/", "reference_id": "USN-6038-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6038-2/" }, { "reference_url": "https://usn.ubuntu.com/6140-1/", "reference_id": "USN-6140-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6140-1/" }, { "reference_url": "https://groups.google.com/g/golang-announce/c/Xdv6JL9ENs8", "reference_id": "Xdv6JL9ENs8", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-12T17:14:51Z/" } ], "url": "https://groups.google.com/g/golang-announce/c/Xdv6JL9ENs8" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/923825?format=api", "purl": "pkg:deb/debian/golang-1.19@1.19.8-2?distro=bookworm", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.19@1.19.8-2%3Fdistro=bookworm" } ], "aliases": [ "CVE-2023-24534" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4ufj-v5z1-huec" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/35858?format=api", "vulnerability_id": "VCID-5kkq-5jpf-fqev", "summary": "Multiple vulnerabilities have been discovered in HashiCorp Consul, the worst of which could result in denial of service.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-41717.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-41717.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-41717", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00331", "scoring_system": "epss", "scoring_elements": "0.56014", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00331", "scoring_system": "epss", "scoring_elements": "0.56013", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00331", "scoring_system": "epss", "scoring_elements": "0.56034", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00331", "scoring_system": "epss", "scoring_elements": "0.55983", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.00331", "scoring_system": "epss", "scoring_elements": "0.56033", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00331", "scoring_system": "epss", "scoring_elements": "0.55971", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00331", "scoring_system": "epss", "scoring_elements": "0.55923", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00331", "scoring_system": "epss", "scoring_elements": "0.55974", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00331", "scoring_system": "epss", "scoring_elements": "0.55999", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00331", "scoring_system": "epss", "scoring_elements": "0.55979", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00331", "scoring_system": "epss", "scoring_elements": "0.56052", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00331", "scoring_system": "epss", "scoring_elements": "0.56079", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00331", "scoring_system": "epss", "scoring_elements": "0.56076", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00331", "scoring_system": "epss", "scoring_elements": "0.56041", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00331", "scoring_system": "epss", "scoring_elements": "0.56058", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00331", "scoring_system": "epss", "scoring_elements": "0.56078", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00331", "scoring_system": "epss", "scoring_elements": "0.56067", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00331", "scoring_system": "epss", "scoring_elements": "0.56064", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0034", "scoring_system": "epss", "scoring_elements": "0.56734", "published_at": "2026-05-12T12:55:00Z" }, { "value": "0.0034", "scoring_system": "epss", "scoring_elements": "0.56798", "published_at": "2026-05-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-41717" }, { "reference_url": "https://cs.opensource.google/go/x/net", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://cs.opensource.google/go/x/net" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41717", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41717" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://go.dev/cl/455635", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://go.dev/cl/455635" }, { "reference_url": "https://go.dev/cl/455717", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://go.dev/cl/455717" }, { "reference_url": "https://go.dev/issue/56350", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://go.dev/issue/56350" }, { "reference_url": "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU/m/yZDrXjIiBQAJ", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU/m/yZDrXjIiBQAJ" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4SBIUECMLNC572P23DDOKJNKPJVX26SP", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4SBIUECMLNC572P23DDOKJNKPJVX26SP" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/56B2FFESRYYP6IY2AZ3UWXLWKZ5IYZN4", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/56B2FFESRYYP6IY2AZ3UWXLWKZ5IYZN4" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ANIOPUXWIHVRA6CEWXCGOMX3YYS6KFHG", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ANIOPUXWIHVRA6CEWXCGOMX3YYS6KFHG" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CSVIS6MTMFVBA7JPMRAUNKUOYEVSJYSB", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CSVIS6MTMFVBA7JPMRAUNKUOYEVSJYSB" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NQGNAXK3YBPMUP3J4TECIRDHFGW37522", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NQGNAXK3YBPMUP3J4TECIRDHFGW37522" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PUM4DIVOLJCBK5ZDP4LJOL24GXT3YSIR", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PUM4DIVOLJCBK5ZDP4LJOL24GXT3YSIR" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PW3XC47AUW5J5M2ULJX7WCCL3B2ETLMT", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PW3XC47AUW5J5M2ULJX7WCCL3B2ETLMT" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Q52IQI754YAE4XPR4QBRWPIVZWYGZ4FS", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Q52IQI754YAE4XPR4QBRWPIVZWYGZ4FS" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QBKBAZBIOXZV5QCFHZNSVXULR32XJCYD", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QBKBAZBIOXZV5QCFHZNSVXULR32XJCYD" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WPEIZ7AMEJCZXU3FEJZMVRNHQZXX5P3I", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WPEIZ7AMEJCZXU3FEJZMVRNHQZXX5P3I" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZSVEMQV5ROY5YW5QE3I57HT3ITWG5GCV" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-41717", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-41717" }, { "reference_url": "https://pkg.go.dev/vuln/GO-2022-1144", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://pkg.go.dev/vuln/GO-2022-1144" }, { "reference_url": "https://security.gentoo.org/glsa/202311-09", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.gentoo.org/glsa/202311-09" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2161274", "reference_id": "2161274", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2161274" }, { "reference_url": "https://security.gentoo.org/glsa/202409-28", "reference_id": "GLSA-202409-28", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202409-28" }, { "reference_url": "https://security.gentoo.org/glsa/202409-29", "reference_id": "GLSA-202409-29", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202409-29" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0328", "reference_id": "RHSA-2023:0328", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0328" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0446", "reference_id": "RHSA-2023:0446", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0446" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0584", "reference_id": "RHSA-2023:0584", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0584" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0632", "reference_id": "RHSA-2023:0632", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0632" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0692", "reference_id": "RHSA-2023:0692", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0692" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0693", "reference_id": "RHSA-2023:0693", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0693" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0728", "reference_id": "RHSA-2023:0728", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0728" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0769", "reference_id": "RHSA-2023:0769", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0769" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0774", "reference_id": "RHSA-2023:0774", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0774" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0899", "reference_id": "RHSA-2023:0899", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0899" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0918", "reference_id": "RHSA-2023:0918", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0918" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0930", "reference_id": "RHSA-2023:0930", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0930" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0931", "reference_id": "RHSA-2023:0931", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0931" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0932", "reference_id": "RHSA-2023:0932", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0932" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0934", "reference_id": "RHSA-2023:0934", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0934" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1030", "reference_id": "RHSA-2023:1030", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1030" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1079", "reference_id": "RHSA-2023:1079", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1079" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1154", "reference_id": "RHSA-2023:1154", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1154" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1174", "reference_id": "RHSA-2023:1174", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1174" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1179", "reference_id": "RHSA-2023:1179", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1179" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1181", "reference_id": "RHSA-2023:1181", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1181" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1268", "reference_id": "RHSA-2023:1268", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1268" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1275", "reference_id": "RHSA-2023:1275", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1275" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1276", "reference_id": "RHSA-2023:1276", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1276" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1310", "reference_id": "RHSA-2023:1310", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1310" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1325", "reference_id": "RHSA-2023:1325", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1325" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1326", "reference_id": "RHSA-2023:1326", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1326" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1327", "reference_id": "RHSA-2023:1327", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1327" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1328", "reference_id": "RHSA-2023:1328", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1328" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1329", "reference_id": "RHSA-2023:1329", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1329" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1372", "reference_id": "RHSA-2023:1372", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1372" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1448", "reference_id": "RHSA-2023:1448", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1448" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1529", "reference_id": "RHSA-2023:1529", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1529" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1816", "reference_id": "RHSA-2023:1816", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1816" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1817", "reference_id": "RHSA-2023:1817", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1817" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:2204", "reference_id": "RHSA-2023:2204", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:2204" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:2222", "reference_id": "RHSA-2023:2222", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:2222" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:2236", "reference_id": "RHSA-2023:2236", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:2236" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:2253", "reference_id": "RHSA-2023:2253", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:2253" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:2282", "reference_id": "RHSA-2023:2282", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:2282" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:2283", "reference_id": "RHSA-2023:2283", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:2283" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:2357", "reference_id": "RHSA-2023:2357", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:2357" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:2367", "reference_id": "RHSA-2023:2367", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:2367" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:2758", "reference_id": "RHSA-2023:2758", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:2758" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:2780", "reference_id": "RHSA-2023:2780", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:2780" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:2802", "reference_id": "RHSA-2023:2802", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:2802" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:2866", "reference_id": "RHSA-2023:2866", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:2866" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3204", "reference_id": "RHSA-2023:3204", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3204" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3205", "reference_id": "RHSA-2023:3205", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3205" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3612", "reference_id": "RHSA-2023:3612", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3612" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3742", "reference_id": "RHSA-2023:3742", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3742" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3910", "reference_id": "RHSA-2023:3910", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3910" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3914", "reference_id": "RHSA-2023:3914", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3914" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4090", "reference_id": "RHSA-2023:4090", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4090" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4091", "reference_id": "RHSA-2023:4091", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4091" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4470", "reference_id": "RHSA-2023:4470", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4470" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5982", "reference_id": "RHSA-2023:5982", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5982" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6420", "reference_id": "RHSA-2023:6420", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6420" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6818", "reference_id": "RHSA-2023:6818", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6818" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0746", "reference_id": "RHSA-2024:0746", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0746" }, { "reference_url": "https://usn.ubuntu.com/6038-1/", "reference_id": "USN-6038-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6038-1/" }, { "reference_url": "https://usn.ubuntu.com/6038-2/", "reference_id": "USN-6038-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6038-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/923832?format=api", "purl": "pkg:deb/debian/golang-1.19@1.19.4-1?distro=bookworm", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.19@1.19.4-1%3Fdistro=bookworm" }, { "url": "http://public2.vulnerablecode.io/api/packages/923825?format=api", "purl": "pkg:deb/debian/golang-1.19@1.19.8-2?distro=bookworm", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.19@1.19.8-2%3Fdistro=bookworm" } ], "aliases": [ "CVE-2022-41717", "GHSA-xrjj-mj9h-534m" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5kkq-5jpf-fqev" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/36646?format=api", "vulnerability_id": "VCID-6189-d1tw-bfcp", "summary": "Multiple vulnerabilities have been found in Go, the worst of which could result in remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-30630.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-30630.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-30630", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11554", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.1149", "published_at": "2026-05-14T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11482", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11541", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11551", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11517", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11486", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11347", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11471", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11307", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11237", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11371", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11429", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11396", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11437", "published_at": "2026-05-12T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11609", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11398", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00045", "scoring_system": "epss", "scoring_elements": "0.13913", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00045", "scoring_system": "epss", "scoring_elements": "0.13886", "published_at": "2026-04-26T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-30630" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2107371", "reference_id": "2107371", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2107371" }, { "reference_url": "https://go.dev/cl/417065", "reference_id": "417065", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-24T20:38:26Z/" } ], "url": "https://go.dev/cl/417065" }, { "reference_url": "https://go.dev/issue/53415", "reference_id": "53415", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-24T20:38:26Z/" } ], "url": "https://go.dev/issue/53415" }, { "reference_url": "https://go.googlesource.com/go/+/fa2d41d0ca736f3ad6b200b2a4e134364e9acc59", "reference_id": "fa2d41d0ca736f3ad6b200b2a4e134364e9acc59", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-24T20:38:26Z/" } ], "url": "https://go.googlesource.com/go/+/fa2d41d0ca736f3ad6b200b2a4e134364e9acc59" }, { "reference_url": "https://security.gentoo.org/glsa/202208-02", "reference_id": "GLSA-202208-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202208-02" }, { "reference_url": "https://pkg.go.dev/vuln/GO-2022-0527", "reference_id": "GO-2022-0527", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-24T20:38:26Z/" } ], "url": "https://pkg.go.dev/vuln/GO-2022-0527" }, { "reference_url": "https://groups.google.com/g/golang-announce/c/nqrv9fbR0zE", "reference_id": "nqrv9fbR0zE", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-24T20:38:26Z/" } ], "url": "https://groups.google.com/g/golang-announce/c/nqrv9fbR0zE" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5775", "reference_id": "RHSA-2022:5775", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5775" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5799", "reference_id": "RHSA-2022:5799", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5799" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5866", "reference_id": "RHSA-2022:5866", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5866" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:6040", "reference_id": "RHSA-2022:6040", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:6040" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:6042", "reference_id": "RHSA-2022:6042", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:6042" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:6113", "reference_id": "RHSA-2022:6113", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:6113" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:6152", "reference_id": "RHSA-2022:6152", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:6152" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:6188", "reference_id": "RHSA-2022:6188", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:6188" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:6283", "reference_id": "RHSA-2022:6283", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:6283" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:6430", "reference_id": "RHSA-2022:6430", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:6430" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7129", "reference_id": "RHSA-2022:7129", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7129" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7519", "reference_id": "RHSA-2022:7519", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7519" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7529", "reference_id": "RHSA-2022:7529", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7529" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7648", "reference_id": "RHSA-2022:7648", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7648" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:8057", "reference_id": "RHSA-2022:8057", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:8057" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:8098", "reference_id": "RHSA-2022:8098", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:8098" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:8250", "reference_id": "RHSA-2022:8250", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:8250" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:9047", "reference_id": "RHSA-2022:9047", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:9047" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0407", "reference_id": "RHSA-2023:0407", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0407" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0408", "reference_id": "RHSA-2023:0408", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0408" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1042", "reference_id": "RHSA-2023:1042", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1042" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1275", "reference_id": "RHSA-2023:1275", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1275" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1529", "reference_id": "RHSA-2023:1529", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1529" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:2357", "reference_id": "RHSA-2023:2357", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:2357" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:2758", "reference_id": "RHSA-2023:2758", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:2758" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:2802", "reference_id": "RHSA-2023:2802", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:2802" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3642", "reference_id": "RHSA-2023:3642", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3642" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2180", "reference_id": "RHSA-2024:2180", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2180" }, { "reference_url": "https://usn.ubuntu.com/6038-1/", "reference_id": "USN-6038-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6038-1/" }, { "reference_url": "https://usn.ubuntu.com/6038-2/", "reference_id": "USN-6038-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6038-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/923827?format=api", "purl": "pkg:deb/debian/golang-1.19@1.19~rc2-1?distro=bookworm", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.19@1.19~rc2-1%3Fdistro=bookworm" }, { "url": "http://public2.vulnerablecode.io/api/packages/923825?format=api", "purl": "pkg:deb/debian/golang-1.19@1.19.8-2?distro=bookworm", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.19@1.19.8-2%3Fdistro=bookworm" } ], "aliases": [ "CVE-2022-30630" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6189-d1tw-bfcp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/36652?format=api", "vulnerability_id": "VCID-65mk-w8rx-zucs", "summary": "Multiple vulnerabilities have been found in Go, the worst of which could result in remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-32189.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-32189.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-32189", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00113", "scoring_system": "epss", "scoring_elements": "0.2997", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00113", "scoring_system": "epss", "scoring_elements": "0.30018", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00113", "scoring_system": "epss", "scoring_elements": "0.29831", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00113", "scoring_system": "epss", "scoring_elements": "0.29894", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00113", "scoring_system": "epss", "scoring_elements": "0.2993", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00113", "scoring_system": "epss", "scoring_elements": "0.29935", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00113", "scoring_system": "epss", "scoring_elements": "0.29889", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00113", "scoring_system": "epss", "scoring_elements": "0.2984", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00113", "scoring_system": "epss", "scoring_elements": "0.29857", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00113", "scoring_system": "epss", "scoring_elements": "0.29837", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00113", "scoring_system": "epss", "scoring_elements": "0.29456", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00113", "scoring_system": "epss", "scoring_elements": "0.29468", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00113", "scoring_system": "epss", "scoring_elements": "0.29391", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.00113", "scoring_system": "epss", "scoring_elements": "0.29791", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00113", "scoring_system": "epss", "scoring_elements": "0.29714", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00113", "scoring_system": "epss", "scoring_elements": "0.29601", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00113", "scoring_system": "epss", "scoring_elements": "0.29538", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00113", "scoring_system": "epss", "scoring_elements": "0.29393", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00116", "scoring_system": "epss", "scoring_elements": "0.2988", "published_at": "2026-05-12T12:55:00Z" }, { "value": "0.00116", "scoring_system": "epss", "scoring_elements": "0.29954", "published_at": "2026-05-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-32189" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32189", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32189" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2113814", "reference_id": "2113814", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2113814" }, { "reference_url": "https://security.gentoo.org/glsa/202208-02", "reference_id": "GLSA-202208-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202208-02" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7129", "reference_id": "RHSA-2022:7129", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7129" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7398", "reference_id": "RHSA-2022:7398", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7398" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7548", "reference_id": "RHSA-2022:7548", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7548" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7950", "reference_id": "RHSA-2022:7950", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7950" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:8534", "reference_id": "RHSA-2022:8534", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:8534" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:8535", "reference_id": "RHSA-2022:8535", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:8535" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:8626", "reference_id": "RHSA-2022:8626", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:8626" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:8781", "reference_id": "RHSA-2022:8781", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:8781" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0328", "reference_id": "RHSA-2023:0328", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0328" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0446", "reference_id": "RHSA-2023:0446", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0446" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0584", "reference_id": "RHSA-2023:0584", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0584" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0693", "reference_id": "RHSA-2023:0693", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0693" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1275", "reference_id": "RHSA-2023:1275", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1275" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1529", "reference_id": "RHSA-2023:1529", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1529" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:2193", "reference_id": "RHSA-2023:2193", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:2193" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:2236", "reference_id": "RHSA-2023:2236", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:2236" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:2357", "reference_id": "RHSA-2023:2357", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:2357" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:2758", "reference_id": "RHSA-2023:2758", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:2758" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:2802", "reference_id": "RHSA-2023:2802", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:2802" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3204", "reference_id": "RHSA-2023:3204", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3204" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3205", "reference_id": "RHSA-2023:3205", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3205" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3642", "reference_id": "RHSA-2023:3642", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3642" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3742", "reference_id": "RHSA-2023:3742", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3742" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2944", "reference_id": "RHSA-2024:2944", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2944" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:4128", "reference_id": "RHSA-2026:4128", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:4128" }, { "reference_url": "https://usn.ubuntu.com/6038-1/", "reference_id": "USN-6038-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6038-1/" }, { "reference_url": "https://usn.ubuntu.com/6038-2/", "reference_id": "USN-6038-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6038-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/923830?format=api", "purl": "pkg:deb/debian/golang-1.19@1.19-1?distro=bookworm", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.19@1.19-1%3Fdistro=bookworm" }, { "url": "http://public2.vulnerablecode.io/api/packages/923825?format=api", "purl": "pkg:deb/debian/golang-1.19@1.19.8-2?distro=bookworm", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.19@1.19.8-2%3Fdistro=bookworm" } ], "aliases": [ "CVE-2022-32189" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-65mk-w8rx-zucs" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/64344?format=api", "vulnerability_id": "VCID-6a6z-bq7m-c3gf", "summary": "crypto/x509: Panic in name constraint checking for malformed certificates in crypto/x509", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-27138.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-27138.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-27138", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.05245", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.05215", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05813", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05749", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05788", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05792", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05784", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05778", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05741", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05894", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00029", "scoring_system": "epss", "scoring_elements": "0.08498", "published_at": "2026-05-14T12:55:00Z" }, { "value": "0.00034", "scoring_system": "epss", "scoring_elements": "0.09868", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00034", "scoring_system": "epss", "scoring_elements": "0.0979", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00034", "scoring_system": "epss", "scoring_elements": "0.09957", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00034", "scoring_system": "epss", "scoring_elements": "0.10025", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00034", "scoring_system": "epss", "scoring_elements": "0.09998", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.00034", "scoring_system": "epss", "scoring_elements": "0.10037", "published_at": "2026-05-12T12:55:00Z" }, { "value": "0.00034", "scoring_system": "epss", "scoring_elements": "0.09952", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00034", "scoring_system": "epss", "scoring_elements": "0.09915", "published_at": "2026-04-26T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-27138" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2445344", "reference_id": "2445344", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2445344" }, { "reference_url": "https://go.dev/cl/752183", "reference_id": "752183", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-10T13:34:15Z/" } ], "url": "https://go.dev/cl/752183" }, { "reference_url": "https://go.dev/issue/77953", "reference_id": "77953", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-10T13:34:15Z/" } ], "url": "https://go.dev/issue/77953" }, { "reference_url": "https://groups.google.com/g/golang-announce/c/EdhZqrQ98hk", "reference_id": "EdhZqrQ98hk", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-10T13:34:15Z/" } ], "url": "https://groups.google.com/g/golang-announce/c/EdhZqrQ98hk" }, { "reference_url": "https://pkg.go.dev/vuln/GO-2026-4600", "reference_id": "GO-2026-4600", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-10T13:34:15Z/" } ], "url": "https://pkg.go.dev/vuln/GO-2026-4600" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7291", "reference_id": "RHSA-2026:7291", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7291" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/923834?format=api", "purl": "pkg:deb/debian/golang-1.19@0?distro=bookworm", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.19@0%3Fdistro=bookworm" }, { "url": "http://public2.vulnerablecode.io/api/packages/923825?format=api", "purl": "pkg:deb/debian/golang-1.19@1.19.8-2?distro=bookworm", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.19@1.19.8-2%3Fdistro=bookworm" } ], "aliases": [ "CVE-2026-27138" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6a6z-bq7m-c3gf" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/64686?format=api", "vulnerability_id": "VCID-6rkv-zkwa-mqhf", "summary": "os: os: Information disclosure via path traversal using specially crafted filenames", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-22873.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-22873.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-22873", "reference_id": "", "reference_type": "", "scores": [ { "value": "3e-05", "scoring_system": "epss", "scoring_elements": "0.0013", "published_at": "2026-05-14T12:55:00Z" }, { "value": "3e-05", "scoring_system": "epss", "scoring_elements": "0.00101", "published_at": "2026-04-08T12:55:00Z" }, { "value": "3e-05", "scoring_system": "epss", "scoring_elements": "0.00102", "published_at": "2026-04-12T12:55:00Z" }, { "value": "3e-05", "scoring_system": "epss", "scoring_elements": "0.00133", "published_at": "2026-04-18T12:55:00Z" }, { "value": "3e-05", "scoring_system": "epss", "scoring_elements": "0.00132", "published_at": "2026-05-07T12:55:00Z" }, { "value": "3e-05", "scoring_system": "epss", "scoring_elements": "0.00136", "published_at": "2026-04-26T12:55:00Z" }, { "value": "3e-05", "scoring_system": "epss", "scoring_elements": "0.00134", "published_at": "2026-04-29T12:55:00Z" }, { "value": "3e-05", "scoring_system": "epss", "scoring_elements": "0.00131", "published_at": "2026-05-09T12:55:00Z" }, { "value": "3e-05", "scoring_system": "epss", "scoring_elements": "0.00129", "published_at": "2026-05-12T12:55:00Z" }, { "value": "4e-05", "scoring_system": "epss", "scoring_elements": "0.00148", "published_at": "2026-04-04T12:55:00Z" }, { "value": "4e-05", "scoring_system": "epss", "scoring_elements": "0.00178", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-22873" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1104816", "reference_id": "1104816", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1104816" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2436992", "reference_id": "2436992", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2436992" }, { "reference_url": "https://groups.google.com/g/golang-announce/c/UZoIkUT367A/m/5WDxKizJAQAJ", "reference_id": "5WDxKizJAQAJ", "reference_type": "", "scores": [ { "value": "3.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-05T15:03:11Z/" } ], "url": "https://groups.google.com/g/golang-announce/c/UZoIkUT367A/m/5WDxKizJAQAJ" }, { "reference_url": "https://go.dev/cl/670036", "reference_id": "670036", "reference_type": "", "scores": [ { "value": "3.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-05T15:03:11Z/" } ], "url": "https://go.dev/cl/670036" }, { "reference_url": "https://go.dev/issue/73555", "reference_id": "73555", "reference_type": "", "scores": [ { "value": "3.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-05T15:03:11Z/" } ], "url": "https://go.dev/issue/73555" }, { "reference_url": "https://security.archlinux.org/ASA-202505-12", "reference_id": "ASA-202505-12", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202505-12" }, { "reference_url": "https://security.archlinux.org/AVG-2878", "reference_id": "AVG-2878", "reference_type": "", "scores": [ { "value": "Low", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2878" }, { "reference_url": "https://pkg.go.dev/vuln/GO-2026-4403", "reference_id": "GO-2026-4403", "reference_type": "", "scores": [ { "value": "3.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-05T15:03:11Z/" } ], "url": "https://pkg.go.dev/vuln/GO-2026-4403" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7291", "reference_id": "RHSA-2026:7291", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7291" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7385", "reference_id": "RHSA-2026:7385", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7385" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/923834?format=api", "purl": "pkg:deb/debian/golang-1.19@0?distro=bookworm", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.19@0%3Fdistro=bookworm" }, { "url": "http://public2.vulnerablecode.io/api/packages/923825?format=api", "purl": "pkg:deb/debian/golang-1.19@1.19.8-2?distro=bookworm", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.19@1.19.8-2%3Fdistro=bookworm" } ], "aliases": [ "CVE-2025-22873" ], "risk_score": 2.4, "exploitability": "0.5", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6rkv-zkwa-mqhf" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/95273?format=api", "vulnerability_id": "VCID-6tuu-4j3g-37fh", "summary": "Due to unsanitized NUL values, attackers may be able to maliciously set environment variables on Windows. In syscall.StartProcess and os/exec.Cmd, invalid environment variable values containing NUL values are not properly checked for. A malicious environment variable value can exploit this behavior to set a value for a different environment variable. For example, the environment variable string \"A=B\\x00C=D\" sets the variables \"A=B\" and \"C=D\".", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-41716", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00013", "scoring_system": "epss", "scoring_elements": "0.02392", "published_at": "2026-05-14T12:55:00Z" }, { "value": "0.00013", "scoring_system": "epss", "scoring_elements": "0.02267", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00013", "scoring_system": "epss", "scoring_elements": "0.02347", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00013", "scoring_system": "epss", "scoring_elements": "0.02325", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00013", "scoring_system": "epss", "scoring_elements": "0.02318", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00013", "scoring_system": "epss", "scoring_elements": "0.02362", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00013", "scoring_system": "epss", "scoring_elements": "0.02335", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00013", "scoring_system": "epss", "scoring_elements": "0.02339", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00013", "scoring_system": "epss", "scoring_elements": "0.02378", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00013", "scoring_system": "epss", "scoring_elements": "0.02373", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.00013", "scoring_system": "epss", "scoring_elements": "0.02369", "published_at": "2026-05-12T12:55:00Z" }, { "value": "0.00013", "scoring_system": "epss", "scoring_elements": "0.02272", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00013", "scoring_system": "epss", "scoring_elements": "0.0227", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00013", "scoring_system": "epss", "scoring_elements": "0.02294", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00013", "scoring_system": "epss", "scoring_elements": "0.02276", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00013", "scoring_system": "epss", "scoring_elements": "0.02263", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00013", "scoring_system": "epss", "scoring_elements": "0.02261", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00013", "scoring_system": "epss", "scoring_elements": "0.02243", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00013", "scoring_system": "epss", "scoring_elements": "0.02253", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-41716" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41716", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41716" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://go.dev/cl/446916", "reference_id": "446916", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-01T14:02:04Z/" } ], "url": "https://go.dev/cl/446916" }, { "reference_url": "https://go.dev/issue/56284", "reference_id": "56284", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-01T14:02:04Z/" } ], "url": "https://go.dev/issue/56284" }, { "reference_url": "https://pkg.go.dev/vuln/GO-2022-1095", "reference_id": "GO-2022-1095", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-01T14:02:04Z/" } ], "url": "https://pkg.go.dev/vuln/GO-2022-1095" }, { "reference_url": "https://groups.google.com/g/golang-announce/c/mbHY1UY3BaM/m/hSpmRzk-AgAJ", "reference_id": "hSpmRzk-AgAJ", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-01T14:02:04Z/" } ], "url": "https://groups.google.com/g/golang-announce/c/mbHY1UY3BaM/m/hSpmRzk-AgAJ" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/923831?format=api", "purl": "pkg:deb/debian/golang-1.19@1.19.3-1?distro=bookworm", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.19@1.19.3-1%3Fdistro=bookworm" }, { "url": "http://public2.vulnerablecode.io/api/packages/923825?format=api", "purl": "pkg:deb/debian/golang-1.19@1.19.8-2?distro=bookworm", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.19@1.19.8-2%3Fdistro=bookworm" } ], "aliases": [ "CVE-2022-41716" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6tuu-4j3g-37fh" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/36651?format=api", "vulnerability_id": "VCID-81aw-mk9s-eydd", "summary": "Multiple vulnerabilities have been found in Go, the worst of which could result in remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-32148.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-32148.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-32148", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00056", "scoring_system": "epss", "scoring_elements": "0.17672", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00056", "scoring_system": "epss", "scoring_elements": "0.17589", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00056", "scoring_system": "epss", "scoring_elements": "0.17605", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00056", "scoring_system": "epss", "scoring_elements": "0.17558", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00056", "scoring_system": "epss", "scoring_elements": "0.17505", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00056", "scoring_system": "epss", "scoring_elements": "0.17449", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00056", "scoring_system": "epss", "scoring_elements": "0.17458", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00056", "scoring_system": "epss", "scoring_elements": "0.17496", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00056", "scoring_system": "epss", "scoring_elements": "0.17406", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00056", "scoring_system": "epss", "scoring_elements": "0.17382", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00056", "scoring_system": "epss", "scoring_elements": "0.17314", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00056", "scoring_system": "epss", "scoring_elements": "0.17177", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00056", "scoring_system": "epss", "scoring_elements": "0.17267", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00056", "scoring_system": "epss", "scoring_elements": "0.17363", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00056", "scoring_system": "epss", "scoring_elements": "0.17332", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.00056", "scoring_system": "epss", "scoring_elements": "0.17718", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00056", "scoring_system": "epss", "scoring_elements": "0.17438", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00056", "scoring_system": "epss", "scoring_elements": "0.1753", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00057", "scoring_system": "epss", "scoring_elements": "0.17833", "published_at": "2026-05-12T12:55:00Z" }, { "value": "0.00057", "scoring_system": "epss", "scoring_elements": "0.17916", "published_at": "2026-05-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-32148" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32148", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32148" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2107383", "reference_id": "2107383", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2107383" }, { "reference_url": "https://go.dev/cl/412857", "reference_id": "412857", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-23T08:15:49Z/" } ], "url": "https://go.dev/cl/412857" }, { "reference_url": "https://go.dev/issue/53423", "reference_id": "53423", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-23T08:15:49Z/" } ], "url": "https://go.dev/issue/53423" }, { "reference_url": "https://go.googlesource.com/go/+/b2cc0fecc2ccd80e6d5d16542cc684f97b3a9c8a", "reference_id": "b2cc0fecc2ccd80e6d5d16542cc684f97b3a9c8a", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-23T08:15:49Z/" } ], "url": "https://go.googlesource.com/go/+/b2cc0fecc2ccd80e6d5d16542cc684f97b3a9c8a" }, { "reference_url": "https://security.gentoo.org/glsa/202208-02", "reference_id": "GLSA-202208-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202208-02" }, { "reference_url": "https://pkg.go.dev/vuln/GO-2022-0520", "reference_id": "GO-2022-0520", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-23T08:15:49Z/" } ], "url": "https://pkg.go.dev/vuln/GO-2022-0520" }, { "reference_url": "https://groups.google.com/g/golang-announce/c/nqrv9fbR0zE", "reference_id": "nqrv9fbR0zE", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-23T08:15:49Z/" } ], "url": "https://groups.google.com/g/golang-announce/c/nqrv9fbR0zE" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5775", "reference_id": "RHSA-2022:5775", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5775" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5799", "reference_id": "RHSA-2022:5799", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5799" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5866", "reference_id": "RHSA-2022:5866", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5866" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:6040", "reference_id": "RHSA-2022:6040", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:6040" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:6042", "reference_id": "RHSA-2022:6042", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:6042" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:6113", "reference_id": "RHSA-2022:6113", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:6113" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:6152", "reference_id": "RHSA-2022:6152", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:6152" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:6183", "reference_id": "RHSA-2022:6183", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:6183" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:6188", "reference_id": "RHSA-2022:6188", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:6188" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:6283", "reference_id": "RHSA-2022:6283", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:6283" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:6344", "reference_id": "RHSA-2022:6344", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:6344" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:6430", "reference_id": "RHSA-2022:6430", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:6430" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7129", "reference_id": "RHSA-2022:7129", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7129" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7398", "reference_id": "RHSA-2022:7398", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7398" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7399", "reference_id": "RHSA-2022:7399", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7399" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7519", "reference_id": "RHSA-2022:7519", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7519" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7529", "reference_id": "RHSA-2022:7529", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7529" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7648", "reference_id": "RHSA-2022:7648", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7648" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:8057", "reference_id": "RHSA-2022:8057", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:8057" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:8250", "reference_id": "RHSA-2022:8250", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:8250" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:8626", "reference_id": "RHSA-2022:8626", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:8626" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:9047", "reference_id": "RHSA-2022:9047", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:9047" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0407", "reference_id": "RHSA-2023:0407", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0407" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0408", "reference_id": "RHSA-2023:0408", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0408" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1042", "reference_id": "RHSA-2023:1042", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1042" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1275", "reference_id": "RHSA-2023:1275", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1275" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:2357", "reference_id": "RHSA-2023:2357", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:2357" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:2758", "reference_id": "RHSA-2023:2758", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:2758" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:2802", "reference_id": "RHSA-2023:2802", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:2802" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3642", "reference_id": "RHSA-2023:3642", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3642" }, { "reference_url": "https://usn.ubuntu.com/6038-1/", "reference_id": "USN-6038-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6038-1/" }, { "reference_url": "https://usn.ubuntu.com/6038-2/", "reference_id": "USN-6038-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6038-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/923826?format=api", "purl": "pkg:deb/debian/golang-1.19@1.19~rc1-1?distro=bookworm", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.19@1.19~rc1-1%3Fdistro=bookworm" }, { "url": "http://public2.vulnerablecode.io/api/packages/923825?format=api", "purl": "pkg:deb/debian/golang-1.19@1.19.8-2?distro=bookworm", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.19@1.19.8-2%3Fdistro=bookworm" } ], "aliases": [ "CVE-2022-32148" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-81aw-mk9s-eydd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/36649?format=api", "vulnerability_id": "VCID-86mk-kwg6-63h6", "summary": "Multiple vulnerabilities have been found in Go, the worst of which could result in remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-30633.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-30633.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-30633", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00096", "scoring_system": "epss", "scoring_elements": "0.26617", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00096", "scoring_system": "epss", "scoring_elements": "0.26302", "published_at": "2026-05-14T12:55:00Z" }, { "value": "0.00096", "scoring_system": "epss", "scoring_elements": "0.26468", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00096", "scoring_system": "epss", "scoring_elements": "0.26475", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00096", "scoring_system": "epss", "scoring_elements": "0.26445", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00096", "scoring_system": "epss", "scoring_elements": "0.26407", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00096", "scoring_system": "epss", "scoring_elements": "0.26342", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00096", "scoring_system": "epss", "scoring_elements": "0.26335", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00096", "scoring_system": "epss", "scoring_elements": "0.26284", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00096", "scoring_system": "epss", "scoring_elements": "0.26154", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00096", "scoring_system": "epss", "scoring_elements": "0.2622", "published_at": "2026-05-12T12:55:00Z" }, { "value": "0.00096", "scoring_system": "epss", "scoring_elements": "0.26276", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00096", "scoring_system": "epss", "scoring_elements": "0.26204", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.00096", "scoring_system": "epss", "scoring_elements": "0.26662", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00096", "scoring_system": "epss", "scoring_elements": "0.26447", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00096", "scoring_system": "epss", "scoring_elements": "0.26516", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00096", "scoring_system": "epss", "scoring_elements": "0.26565", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00096", "scoring_system": "epss", "scoring_elements": "0.26571", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00096", "scoring_system": "epss", "scoring_elements": "0.26526", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-30633" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30633", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30633" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2107392", "reference_id": "2107392", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2107392" }, { "reference_url": "https://go.dev/cl/417061", "reference_id": "417061", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-09T16:53:05Z/" } ], "url": "https://go.dev/cl/417061" }, { "reference_url": "https://go.dev/issue/53611", "reference_id": "53611", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-09T16:53:05Z/" } ], "url": "https://go.dev/issue/53611" }, { "reference_url": "https://go.googlesource.com/go/+/c4c1993fd2a5b26fe45c09592af6d3388a3b2e08", "reference_id": "c4c1993fd2a5b26fe45c09592af6d3388a3b2e08", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-09T16:53:05Z/" } ], "url": "https://go.googlesource.com/go/+/c4c1993fd2a5b26fe45c09592af6d3388a3b2e08" }, { "reference_url": "https://security.gentoo.org/glsa/202208-02", "reference_id": "GLSA-202208-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202208-02" }, { "reference_url": "https://pkg.go.dev/vuln/GO-2022-0523", "reference_id": "GO-2022-0523", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-09T16:53:05Z/" } ], "url": "https://pkg.go.dev/vuln/GO-2022-0523" }, { "reference_url": "https://groups.google.com/g/golang-announce/c/nqrv9fbR0zE", "reference_id": "nqrv9fbR0zE", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-09T16:53:05Z/" } ], "url": "https://groups.google.com/g/golang-announce/c/nqrv9fbR0zE" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5775", "reference_id": "RHSA-2022:5775", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5775" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5799", "reference_id": "RHSA-2022:5799", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5799" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5866", "reference_id": "RHSA-2022:5866", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5866" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:6040", "reference_id": "RHSA-2022:6040", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:6040" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:6042", "reference_id": "RHSA-2022:6042", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:6042" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:6113", "reference_id": "RHSA-2022:6113", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:6113" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:6152", "reference_id": "RHSA-2022:6152", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:6152" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:6188", "reference_id": "RHSA-2022:6188", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:6188" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:6283", "reference_id": "RHSA-2022:6283", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:6283" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7519", "reference_id": "RHSA-2022:7519", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7519" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7529", "reference_id": "RHSA-2022:7529", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7529" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:8057", "reference_id": "RHSA-2022:8057", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:8057" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:9047", "reference_id": "RHSA-2022:9047", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:9047" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0407", "reference_id": "RHSA-2023:0407", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0407" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0408", "reference_id": "RHSA-2023:0408", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0408" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1042", "reference_id": "RHSA-2023:1042", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1042" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:2758", "reference_id": "RHSA-2023:2758", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:2758" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:2802", "reference_id": "RHSA-2023:2802", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:2802" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3642", "reference_id": "RHSA-2023:3642", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3642" }, { "reference_url": "https://usn.ubuntu.com/6038-1/", "reference_id": "USN-6038-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6038-1/" }, { "reference_url": "https://usn.ubuntu.com/6038-2/", "reference_id": "USN-6038-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6038-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/923827?format=api", "purl": "pkg:deb/debian/golang-1.19@1.19~rc2-1?distro=bookworm", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.19@1.19~rc2-1%3Fdistro=bookworm" }, { "url": "http://public2.vulnerablecode.io/api/packages/923825?format=api", "purl": "pkg:deb/debian/golang-1.19@1.19.8-2?distro=bookworm", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.19@1.19.8-2%3Fdistro=bookworm" } ], "aliases": [ "CVE-2022-30633" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-86mk-kwg6-63h6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/79263?format=api", "vulnerability_id": "VCID-as38-uuy9-5qhu", "summary": "golang: go/parser: stack exhaustion in all Parse* functions", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-1962.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-1962.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-1962", "reference_id": "", "reference_type": "", "scores": [ { "value": "5e-05", "scoring_system": "epss", "scoring_elements": "0.00217", "published_at": "2026-04-08T12:55:00Z" }, { "value": "5e-05", "scoring_system": "epss", "scoring_elements": "0.00219", "published_at": "2026-04-11T12:55:00Z" }, { "value": "5e-05", "scoring_system": "epss", "scoring_elements": "0.00223", "published_at": "2026-05-11T12:55:00Z" }, { "value": "5e-05", "scoring_system": "epss", "scoring_elements": "0.0022", "published_at": "2026-05-14T12:55:00Z" }, { "value": "5e-05", "scoring_system": "epss", "scoring_elements": "0.00218", "published_at": "2026-04-13T12:55:00Z" }, { "value": "5e-05", "scoring_system": "epss", "scoring_elements": "0.00216", "published_at": "2026-04-09T12:55:00Z" }, { "value": "5e-05", "scoring_system": "epss", "scoring_elements": "0.00221", "published_at": "2026-04-18T12:55:00Z" }, { "value": "5e-05", "scoring_system": "epss", "scoring_elements": "0.00228", "published_at": "2026-04-26T12:55:00Z" }, { "value": "5e-05", "scoring_system": "epss", "scoring_elements": "0.00229", "published_at": "2026-04-24T12:55:00Z" }, { "value": "5e-05", "scoring_system": "epss", "scoring_elements": "0.00226", "published_at": "2026-05-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-1962" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1962", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1962" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2107376", "reference_id": "2107376", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2107376" }, { "reference_url": "https://go.dev/cl/417063", "reference_id": "417063", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-24T19:32:02Z/" } ], "url": "https://go.dev/cl/417063" }, { "reference_url": "https://go.dev/issue/53616", "reference_id": "53616", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-24T19:32:02Z/" } ], "url": "https://go.dev/issue/53616" }, { "reference_url": "https://go.googlesource.com/go/+/695be961d57508da5a82217f7415200a11845879", "reference_id": "695be961d57508da5a82217f7415200a11845879", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-24T19:32:02Z/" } ], "url": "https://go.googlesource.com/go/+/695be961d57508da5a82217f7415200a11845879" }, { "reference_url": "https://pkg.go.dev/vuln/GO-2022-0515", "reference_id": "GO-2022-0515", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-24T19:32:02Z/" } ], "url": "https://pkg.go.dev/vuln/GO-2022-0515" }, { "reference_url": "https://groups.google.com/g/golang-announce/c/nqrv9fbR0zE", "reference_id": "nqrv9fbR0zE", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-24T19:32:02Z/" } ], "url": "https://groups.google.com/g/golang-announce/c/nqrv9fbR0zE" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5775", "reference_id": "RHSA-2022:5775", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5775" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5799", "reference_id": "RHSA-2022:5799", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5799" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5866", "reference_id": "RHSA-2022:5866", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5866" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:6040", "reference_id": "RHSA-2022:6040", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:6040" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:6042", "reference_id": "RHSA-2022:6042", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:6042" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:6113", "reference_id": "RHSA-2022:6113", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:6113" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:6152", "reference_id": "RHSA-2022:6152", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:6152" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:6188", "reference_id": "RHSA-2022:6188", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:6188" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:6283", "reference_id": "RHSA-2022:6283", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:6283" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:6430", "reference_id": "RHSA-2022:6430", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:6430" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7519", "reference_id": "RHSA-2022:7519", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7519" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7529", "reference_id": "RHSA-2022:7529", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7529" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:8057", "reference_id": "RHSA-2022:8057", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:8057" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:9047", "reference_id": "RHSA-2022:9047", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:9047" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0407", "reference_id": "RHSA-2023:0407", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0407" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0408", "reference_id": "RHSA-2023:0408", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0408" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1042", "reference_id": "RHSA-2023:1042", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1042" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:2758", "reference_id": "RHSA-2023:2758", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:2758" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:2802", "reference_id": "RHSA-2023:2802", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:2802" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0778", "reference_id": "RHSA-2024:0778", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0778" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1027", "reference_id": "RHSA-2024:1027", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1027" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1433", "reference_id": "RHSA-2024:1433", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1433" }, { "reference_url": "https://usn.ubuntu.com/6038-1/", "reference_id": "USN-6038-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6038-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/923827?format=api", "purl": "pkg:deb/debian/golang-1.19@1.19~rc2-1?distro=bookworm", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.19@1.19~rc2-1%3Fdistro=bookworm" }, { "url": "http://public2.vulnerablecode.io/api/packages/923825?format=api", "purl": "pkg:deb/debian/golang-1.19@1.19.8-2?distro=bookworm", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.19@1.19.8-2%3Fdistro=bookworm" } ], "aliases": [ "CVE-2022-1962" ], "risk_score": 2.5, "exploitability": "0.5", "weighted_severity": "5.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-as38-uuy9-5qhu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/48340?format=api", "vulnerability_id": "VCID-azr4-u36f-pbew", "summary": "Multiple vulnerabilities have been discovered in Go, the worst of which could result in denial of service.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-27664.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-27664.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-27664", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00101", "scoring_system": "epss", "scoring_elements": "0.27932", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00133", "scoring_system": "epss", "scoring_elements": "0.32448", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00133", "scoring_system": "epss", "scoring_elements": "0.32438", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00133", "scoring_system": "epss", "scoring_elements": "0.32375", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00133", "scoring_system": "epss", "scoring_elements": "0.32514", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00133", "scoring_system": "epss", "scoring_elements": "0.32861", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00133", "scoring_system": "epss", "scoring_elements": "0.33036", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00133", "scoring_system": "epss", "scoring_elements": "0.3235", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.00137", "scoring_system": "epss", "scoring_elements": "0.33191", "published_at": "2026-05-14T12:55:00Z" }, { "value": "0.00137", "scoring_system": "epss", "scoring_elements": "0.33503", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00137", "scoring_system": "epss", "scoring_elements": "0.33536", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00137", "scoring_system": "epss", "scoring_elements": "0.3353", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00137", "scoring_system": "epss", "scoring_elements": "0.33488", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00137", "scoring_system": "epss", "scoring_elements": "0.33464", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00137", "scoring_system": "epss", "scoring_elements": "0.335", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00137", "scoring_system": "epss", "scoring_elements": "0.33475", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00137", "scoring_system": "epss", "scoring_elements": "0.33442", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00137", "scoring_system": "epss", "scoring_elements": "0.33281", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00137", "scoring_system": "epss", "scoring_elements": "0.33261", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00137", "scoring_system": "epss", "scoring_elements": "0.33111", "published_at": "2026-05-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-27664" }, { "reference_url": "https://cs.opensource.google/go/x/net", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://cs.opensource.google/go/x/net" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27664", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27664" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://go.dev/cl/428735", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://go.dev/cl/428735" }, { "reference_url": "https://go.dev/issue/54658", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://go.dev/issue/54658" }, { "reference_url": "https://groups.google.com/g/golang-announce", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://groups.google.com/g/golang-announce" }, { "reference_url": "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://groups.google.com/g/golang-announce/c/x49AQzIVX-s" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JXKTHIGE5F576MAPFYCIJXNRGBSPISUF", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JXKTHIGE5F576MAPFYCIJXNRGBSPISUF" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TXS2OQ57KZC5XZKK5UW4SYKPVQAHIOJX", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TXS2OQ57KZC5XZKK5UW4SYKPVQAHIOJX" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-27664", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-27664" }, { "reference_url": "https://pkg.go.dev/vuln/GO-2022-0969", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://pkg.go.dev/vuln/GO-2022-0969" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20220923-0004", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.netapp.com/advisory/ntap-20220923-0004" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2124669", "reference_id": "2124669", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2124669" }, { "reference_url": "https://security.gentoo.org/glsa/202209-26", "reference_id": "GLSA-202209-26", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.gentoo.org/glsa/202209-26" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7129", "reference_id": "RHSA-2022:7129", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7129" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7398", "reference_id": "RHSA-2022:7398", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7398" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:8535", "reference_id": "RHSA-2022:8535", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:8535" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:8626", "reference_id": "RHSA-2022:8626", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:8626" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:8634", "reference_id": "RHSA-2022:8634", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:8634" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:8781", "reference_id": "RHSA-2022:8781", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:8781" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0264", "reference_id": "RHSA-2023:0264", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0264" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0328", "reference_id": "RHSA-2023:0328", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0328" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0446", "reference_id": "RHSA-2023:0446", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0446" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0584", "reference_id": "RHSA-2023:0584", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0584" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0693", "reference_id": "RHSA-2023:0693", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0693" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0708", "reference_id": "RHSA-2023:0708", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0708" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0709", "reference_id": "RHSA-2023:0709", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0709" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1042", "reference_id": "RHSA-2023:1042", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1042" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1275", "reference_id": "RHSA-2023:1275", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1275" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1529", "reference_id": "RHSA-2023:1529", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1529" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:2167", "reference_id": "RHSA-2023:2167", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:2167" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:2177", "reference_id": "RHSA-2023:2177", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:2177" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:2193", "reference_id": "RHSA-2023:2193", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:2193" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:2204", "reference_id": "RHSA-2023:2204", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:2204" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:2236", "reference_id": "RHSA-2023:2236", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:2236" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:2357", "reference_id": "RHSA-2023:2357", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:2357" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:2758", "reference_id": "RHSA-2023:2758", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:2758" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:2780", "reference_id": "RHSA-2023:2780", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:2780" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:2784", "reference_id": "RHSA-2023:2784", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:2784" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:2785", "reference_id": "RHSA-2023:2785", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:2785" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:2802", "reference_id": "RHSA-2023:2802", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:2802" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3204", "reference_id": "RHSA-2023:3204", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3204" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3205", "reference_id": "RHSA-2023:3205", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3205" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3613", "reference_id": "RHSA-2023:3613", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3613" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3642", "reference_id": "RHSA-2023:3642", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3642" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3742", "reference_id": "RHSA-2023:3742", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3742" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4674", "reference_id": "RHSA-2023:4674", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4674" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4734", "reference_id": "RHSA-2023:4734", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4734" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5009", "reference_id": "RHSA-2023:5009", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5009" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0121", "reference_id": "RHSA-2024:0121", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0121" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2944", "reference_id": "RHSA-2024:2944", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2944" }, { "reference_url": "https://usn.ubuntu.com/6038-1/", "reference_id": "USN-6038-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6038-1/" }, { "reference_url": "https://usn.ubuntu.com/6038-2/", "reference_id": "USN-6038-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6038-2/" }, { "reference_url": "https://usn.ubuntu.com/8089-1/", "reference_id": "USN-8089-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8089-1/" }, { "reference_url": "https://usn.ubuntu.com/8089-2/", "reference_id": "USN-8089-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8089-2/" }, { "reference_url": "https://usn.ubuntu.com/8089-3/", "reference_id": "USN-8089-3", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8089-3/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/923828?format=api", "purl": "pkg:deb/debian/golang-1.19@1.19.1-1?distro=bookworm", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.19@1.19.1-1%3Fdistro=bookworm" }, { "url": "http://public2.vulnerablecode.io/api/packages/923825?format=api", "purl": "pkg:deb/debian/golang-1.19@1.19.8-2?distro=bookworm", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.19@1.19.8-2%3Fdistro=bookworm" } ], "aliases": [ "CVE-2022-27664", "GHSA-69cg-p879-7622" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-azr4-u36f-pbew" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/42107?format=api", "vulnerability_id": "VCID-b9yc-jqye-afan", "summary": "Multiple vulnerabilities have been discovered in Go, the worst of which could lead to remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-24536.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-24536.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-24536", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00052", "scoring_system": "epss", "scoring_elements": "0.1627", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00052", "scoring_system": "epss", "scoring_elements": "0.16239", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.00052", "scoring_system": "epss", "scoring_elements": "0.16162", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00061", "scoring_system": "epss", "scoring_elements": "0.19125", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00061", "scoring_system": "epss", "scoring_elements": "0.18993", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00061", "scoring_system": "epss", "scoring_elements": "0.19131", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00061", "scoring_system": "epss", "scoring_elements": "0.19072", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00061", "scoring_system": "epss", "scoring_elements": "0.1901", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00061", "scoring_system": "epss", "scoring_elements": "0.19", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00061", "scoring_system": "epss", "scoring_elements": "0.18988", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00061", "scoring_system": "epss", "scoring_elements": "0.19032", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00061", "scoring_system": "epss", "scoring_elements": "0.19085", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00064", "scoring_system": "epss", "scoring_elements": "0.19738", "published_at": "2026-05-12T12:55:00Z" }, { "value": "0.00064", "scoring_system": "epss", "scoring_elements": "0.19829", "published_at": "2026-05-14T12:55:00Z" }, { "value": "0.0007", "scoring_system": "epss", "scoring_elements": "0.21688", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0007", "scoring_system": "epss", "scoring_elements": "0.2163", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00071", "scoring_system": "epss", "scoring_elements": "0.21486", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00071", "scoring_system": "epss", "scoring_elements": "0.21373", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00071", "scoring_system": "epss", "scoring_elements": "0.21468", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00071", "scoring_system": "epss", "scoring_elements": "0.2148", "published_at": "2026-04-26T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-24536" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-24536", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-24536" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2184482", "reference_id": "2184482", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2184482" }, { "reference_url": "https://go.dev/cl/482075", "reference_id": "482075", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-12T17:16:31Z/" } ], "url": "https://go.dev/cl/482075" }, { "reference_url": "https://go.dev/cl/482076", "reference_id": "482076", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-12T17:16:31Z/" } ], "url": "https://go.dev/cl/482076" }, { "reference_url": "https://go.dev/cl/482077", "reference_id": "482077", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-12T17:16:31Z/" } ], "url": "https://go.dev/cl/482077" }, { "reference_url": "https://go.dev/issue/59153", "reference_id": "59153", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-12T17:16:31Z/" } ], "url": "https://go.dev/issue/59153" }, { "reference_url": "https://pkg.go.dev/vuln/GO-2023-1705", "reference_id": "GO-2023-1705", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-12T17:16:31Z/" } ], "url": "https://pkg.go.dev/vuln/GO-2023-1705" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20230526-0007/", "reference_id": "ntap-20230526-0007", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-12T17:16:31Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20230526-0007/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3167", "reference_id": "RHSA-2023:3167", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3167" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3318", "reference_id": "RHSA-2023:3318", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3318" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3319", "reference_id": "RHSA-2023:3319", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3319" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3367", "reference_id": "RHSA-2023:3367", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3367" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3445", "reference_id": "RHSA-2023:3445", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3445" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3450", "reference_id": "RHSA-2023:3450", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3450" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3455", "reference_id": "RHSA-2023:3455", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3455" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3536", "reference_id": "RHSA-2023:3536", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3536" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3540", "reference_id": "RHSA-2023:3540", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3540" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3612", "reference_id": "RHSA-2023:3612", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3612" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3624", "reference_id": "RHSA-2023:3624", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3624" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3918", "reference_id": "RHSA-2023:3918", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3918" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3943", "reference_id": "RHSA-2023:3943", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3943" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4003", "reference_id": "RHSA-2023:4003", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4003" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4335", "reference_id": "RHSA-2023:4335", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4335" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4470", "reference_id": "RHSA-2023:4470", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4470" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4627", "reference_id": "RHSA-2023:4627", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4627" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4657", "reference_id": "RHSA-2023:4657", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4657" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4664", "reference_id": "RHSA-2023:4664", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4664" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5964", "reference_id": "RHSA-2023:5964", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5964" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6346", "reference_id": "RHSA-2023:6346", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6346" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6363", "reference_id": "RHSA-2023:6363", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6363" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6402", "reference_id": "RHSA-2023:6402", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6402" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6473", "reference_id": "RHSA-2023:6473", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6473" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6474", "reference_id": "RHSA-2023:6474", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6474" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6938", "reference_id": "RHSA-2023:6938", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6938" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6939", "reference_id": "RHSA-2023:6939", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6939" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2944", "reference_id": "RHSA-2024:2944", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2944" }, { "reference_url": "https://usn.ubuntu.com/7109-1/", "reference_id": "USN-7109-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7109-1/" }, { "reference_url": "https://usn.ubuntu.com/7111-1/", "reference_id": "USN-7111-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7111-1/" }, { "reference_url": "https://groups.google.com/g/golang-announce/c/Xdv6JL9ENs8", "reference_id": "Xdv6JL9ENs8", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-12T17:16:31Z/" } ], "url": "https://groups.google.com/g/golang-announce/c/Xdv6JL9ENs8" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/923825?format=api", "purl": "pkg:deb/debian/golang-1.19@1.19.8-2?distro=bookworm", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.19@1.19.8-2%3Fdistro=bookworm" } ], "aliases": [ "CVE-2023-24536" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-b9yc-jqye-afan" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/42103?format=api", "vulnerability_id": "VCID-e44x-a9xm-6ke9", "summary": "Multiple vulnerabilities have been discovered in Go, the worst of which could lead to remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-41724.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-41724.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-41724", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.05209", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.05779", "published_at": "2026-05-14T12:55:00Z" }, { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.05439", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.05432", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.05476", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.05551", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.0556", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.05773", "published_at": "2026-05-12T12:55:00Z" }, { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.05239", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.05264", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.05299", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.0532", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.05285", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.05271", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.05257", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.05201", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.05203", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.05358", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.05396", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.05438", "published_at": "2026-04-26T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-41724" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41724", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41724" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2178492", "reference_id": "2178492", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2178492" }, { "reference_url": "https://go.dev/cl/468125", "reference_id": "468125", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-07T17:56:50Z/" } ], "url": "https://go.dev/cl/468125" }, { "reference_url": "https://go.dev/issue/58001", "reference_id": "58001", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-07T17:56:50Z/" } ], "url": "https://go.dev/issue/58001" }, { "reference_url": "https://pkg.go.dev/vuln/GO-2023-1570", "reference_id": "GO-2023-1570", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-07T17:56:50Z/" } ], "url": "https://pkg.go.dev/vuln/GO-2023-1570" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0584", "reference_id": "RHSA-2023:0584", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0584" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1325", "reference_id": "RHSA-2023:1325", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1325" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1326", "reference_id": "RHSA-2023:1326", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1326" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1329", "reference_id": "RHSA-2023:1329", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1329" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1639", "reference_id": "RHSA-2023:1639", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1639" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1817", "reference_id": "RHSA-2023:1817", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1817" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:2107", "reference_id": "RHSA-2023:2107", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:2107" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3083", "reference_id": "RHSA-2023:3083", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3083" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3167", "reference_id": "RHSA-2023:3167", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3167" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3303", "reference_id": "RHSA-2023:3303", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3303" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3366", "reference_id": "RHSA-2023:3366", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3366" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3445", "reference_id": "RHSA-2023:3445", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3445" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3450", "reference_id": "RHSA-2023:3450", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3450" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3455", "reference_id": "RHSA-2023:3455", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3455" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3612", "reference_id": "RHSA-2023:3612", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3612" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3742", "reference_id": "RHSA-2023:3742", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3742" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4003", "reference_id": "RHSA-2023:4003", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4003" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4335", "reference_id": "RHSA-2023:4335", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4335" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4470", "reference_id": "RHSA-2023:4470", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4470" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4627", "reference_id": "RHSA-2023:4627", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4627" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5935", "reference_id": "RHSA-2023:5935", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5935" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5964", "reference_id": "RHSA-2023:5964", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5964" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5976", "reference_id": "RHSA-2023:5976", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5976" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6363", "reference_id": "RHSA-2023:6363", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6363" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6380", "reference_id": "RHSA-2023:6380", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6380" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6402", "reference_id": "RHSA-2023:6402", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6402" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6473", "reference_id": "RHSA-2023:6473", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6473" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6474", "reference_id": "RHSA-2023:6474", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6474" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6817", "reference_id": "RHSA-2023:6817", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6817" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6938", "reference_id": "RHSA-2023:6938", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6938" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6939", "reference_id": "RHSA-2023:6939", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6939" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7672", "reference_id": "RHSA-2023:7672", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7672" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2944", "reference_id": "RHSA-2024:2944", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2944" }, { "reference_url": "https://usn.ubuntu.com/6140-1/", "reference_id": "USN-6140-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6140-1/" }, { "reference_url": "https://usn.ubuntu.com/7109-1/", "reference_id": "USN-7109-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7109-1/" }, { "reference_url": "https://usn.ubuntu.com/7111-1/", "reference_id": "USN-7111-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7111-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/923833?format=api", "purl": "pkg:deb/debian/golang-1.19@1.19.6-2?distro=bookworm", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.19@1.19.6-2%3Fdistro=bookworm" }, { "url": "http://public2.vulnerablecode.io/api/packages/923825?format=api", "purl": "pkg:deb/debian/golang-1.19@1.19.8-2?distro=bookworm", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.19@1.19.8-2%3Fdistro=bookworm" } ], "aliases": [ "CVE-2022-41724" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-e44x-a9xm-6ke9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/42109?format=api", "vulnerability_id": "VCID-evjj-hwvm-fbca", "summary": "Multiple vulnerabilities have been discovered in Go, the worst of which could lead to remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-24538.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-24538.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-24538", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00646", "scoring_system": "epss", "scoring_elements": "0.70687", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00646", "scoring_system": "epss", "scoring_elements": "0.70668", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00654", "scoring_system": "epss", "scoring_elements": "0.70927", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00654", "scoring_system": "epss", "scoring_elements": "0.70869", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00654", "scoring_system": "epss", "scoring_elements": "0.70912", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00654", "scoring_system": "epss", "scoring_elements": "0.7095", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00654", "scoring_system": "epss", "scoring_elements": "0.70935", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00654", "scoring_system": "epss", "scoring_elements": "0.70919", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00654", "scoring_system": "epss", "scoring_elements": "0.70965", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00654", "scoring_system": "epss", "scoring_elements": "0.70972", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00654", "scoring_system": "epss", "scoring_elements": "0.70951", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00759", "scoring_system": "epss", "scoring_elements": "0.73451", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00759", "scoring_system": "epss", "scoring_elements": "0.73395", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00759", "scoring_system": "epss", "scoring_elements": "0.73407", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00759", "scoring_system": "epss", "scoring_elements": "0.73406", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00759", "scoring_system": "epss", "scoring_elements": "0.73411", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.00759", "scoring_system": "epss", "scoring_elements": "0.73402", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00759", "scoring_system": "epss", "scoring_elements": "0.73428", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.0078", "scoring_system": "epss", "scoring_elements": "0.73802", "published_at": "2026-05-12T12:55:00Z" }, { "value": "0.0078", "scoring_system": "epss", "scoring_elements": "0.7386", "published_at": "2026-05-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-24538" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-24538", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-24538" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2184481", "reference_id": "2184481", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2184481" }, { "reference_url": "https://go.dev/cl/482079", "reference_id": "482079", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-12T17:02:13Z/" } ], "url": "https://go.dev/cl/482079" }, { "reference_url": "https://go.dev/issue/59234", "reference_id": "59234", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-12T17:02:13Z/" } ], "url": "https://go.dev/issue/59234" }, { "reference_url": "https://pkg.go.dev/vuln/GO-2023-1703", "reference_id": "GO-2023-1703", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-12T17:02:13Z/" } ], "url": "https://pkg.go.dev/vuln/GO-2023-1703" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3318", "reference_id": "RHSA-2023:3318", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3318" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3319", "reference_id": "RHSA-2023:3319", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3319" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3323", "reference_id": "RHSA-2023:3323", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3323" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3366", "reference_id": "RHSA-2023:3366", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3366" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3367", "reference_id": "RHSA-2023:3367", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3367" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3445", "reference_id": "RHSA-2023:3445", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3445" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3450", "reference_id": "RHSA-2023:3450", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3450" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3455", "reference_id": "RHSA-2023:3455", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3455" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3536", "reference_id": "RHSA-2023:3536", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3536" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3540", "reference_id": "RHSA-2023:3540", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3540" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3612", "reference_id": "RHSA-2023:3612", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3612" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3624", "reference_id": "RHSA-2023:3624", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3624" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3918", "reference_id": "RHSA-2023:3918", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3918" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3943", "reference_id": "RHSA-2023:3943", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3943" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4003", "reference_id": "RHSA-2023:4003", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4003" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4335", "reference_id": "RHSA-2023:4335", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4335" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4470", "reference_id": "RHSA-2023:4470", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4470" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4627", "reference_id": "RHSA-2023:4627", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4627" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4657", "reference_id": "RHSA-2023:4657", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4657" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4664", "reference_id": "RHSA-2023:4664", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4664" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5964", "reference_id": "RHSA-2023:5964", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5964" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6346", "reference_id": "RHSA-2023:6346", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6346" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6363", "reference_id": "RHSA-2023:6363", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6363" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6402", "reference_id": "RHSA-2023:6402", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6402" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6473", "reference_id": "RHSA-2023:6473", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6473" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6474", "reference_id": "RHSA-2023:6474", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6474" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6938", "reference_id": "RHSA-2023:6938", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6938" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6939", "reference_id": "RHSA-2023:6939", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6939" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0746", "reference_id": "RHSA-2024:0746", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0746" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2944", "reference_id": "RHSA-2024:2944", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2944" }, { "reference_url": "https://usn.ubuntu.com/6038-1/", "reference_id": "USN-6038-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6038-1/" }, { "reference_url": "https://usn.ubuntu.com/6038-2/", "reference_id": "USN-6038-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6038-2/" }, { "reference_url": "https://usn.ubuntu.com/6140-1/", "reference_id": "USN-6140-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6140-1/" }, { "reference_url": "https://usn.ubuntu.com/7061-1/", "reference_id": "USN-7061-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7061-1/" }, { "reference_url": "https://groups.google.com/g/golang-announce/c/Xdv6JL9ENs8", "reference_id": "Xdv6JL9ENs8", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-12T17:02:13Z/" } ], "url": "https://groups.google.com/g/golang-announce/c/Xdv6JL9ENs8" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/923825?format=api", "purl": "pkg:deb/debian/golang-1.19@1.19.8-2?distro=bookworm", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.19@1.19.8-2%3Fdistro=bookworm" } ], "aliases": [ "CVE-2023-24538" ], "risk_score": 4.4, "exploitability": "0.5", "weighted_severity": "8.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-evjj-hwvm-fbca" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/36648?format=api", "vulnerability_id": "VCID-g8y7-jdy7-afdh", "summary": "Multiple vulnerabilities have been found in Go, the worst of which could result in remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-30632.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-30632.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-30632", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00096", "scoring_system": "epss", "scoring_elements": "0.26617", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00096", "scoring_system": "epss", "scoring_elements": "0.26662", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00096", "scoring_system": "epss", "scoring_elements": "0.26447", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00096", "scoring_system": "epss", "scoring_elements": "0.26516", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00096", "scoring_system": "epss", "scoring_elements": "0.26565", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00096", "scoring_system": "epss", "scoring_elements": "0.26571", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00096", "scoring_system": "epss", "scoring_elements": "0.26526", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00096", "scoring_system": "epss", "scoring_elements": "0.26468", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00096", "scoring_system": "epss", "scoring_elements": "0.26475", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00096", "scoring_system": "epss", "scoring_elements": "0.26445", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00096", "scoring_system": "epss", "scoring_elements": "0.26407", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00096", "scoring_system": "epss", "scoring_elements": "0.26302", "published_at": "2026-05-14T12:55:00Z" }, { "value": "0.00096", "scoring_system": "epss", "scoring_elements": "0.2622", "published_at": "2026-05-12T12:55:00Z" }, { "value": "0.00096", "scoring_system": "epss", "scoring_elements": "0.26276", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00096", "scoring_system": "epss", "scoring_elements": "0.26204", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.00096", "scoring_system": "epss", "scoring_elements": "0.26284", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00096", "scoring_system": "epss", "scoring_elements": "0.26154", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00114", "scoring_system": "epss", "scoring_elements": "0.29798", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00114", "scoring_system": "epss", "scoring_elements": "0.29685", "published_at": "2026-04-26T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-30632" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30632", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30632" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2107386", "reference_id": "2107386", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2107386" }, { "reference_url": "https://security.gentoo.org/glsa/202208-02", "reference_id": "GLSA-202208-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202208-02" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5775", "reference_id": "RHSA-2022:5775", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5775" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5799", "reference_id": "RHSA-2022:5799", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5799" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5866", "reference_id": "RHSA-2022:5866", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5866" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:6040", "reference_id": "RHSA-2022:6040", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:6040" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:6042", "reference_id": "RHSA-2022:6042", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:6042" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:6113", "reference_id": "RHSA-2022:6113", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:6113" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:6152", "reference_id": "RHSA-2022:6152", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:6152" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:6188", "reference_id": "RHSA-2022:6188", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:6188" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:6283", "reference_id": "RHSA-2022:6283", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:6283" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7058", "reference_id": "RHSA-2022:7058", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7058" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7129", "reference_id": "RHSA-2022:7129", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7129" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7519", "reference_id": "RHSA-2022:7519", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7519" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7529", "reference_id": "RHSA-2022:7529", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7529" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7648", "reference_id": "RHSA-2022:7648", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7648" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:8057", "reference_id": "RHSA-2022:8057", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:8057" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:8098", "reference_id": "RHSA-2022:8098", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:8098" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:8250", "reference_id": "RHSA-2022:8250", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:8250" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:8634", "reference_id": "RHSA-2022:8634", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:8634" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:9047", "reference_id": "RHSA-2022:9047", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:9047" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0407", "reference_id": "RHSA-2023:0407", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0407" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0408", "reference_id": "RHSA-2023:0408", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0408" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1042", "reference_id": "RHSA-2023:1042", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1042" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1275", "reference_id": "RHSA-2023:1275", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1275" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1529", "reference_id": "RHSA-2023:1529", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1529" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:2357", "reference_id": "RHSA-2023:2357", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:2357" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:2758", "reference_id": "RHSA-2023:2758", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:2758" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:2802", "reference_id": "RHSA-2023:2802", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:2802" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3642", "reference_id": "RHSA-2023:3642", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3642" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2180", "reference_id": "RHSA-2024:2180", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2180" }, { "reference_url": "https://usn.ubuntu.com/6038-1/", "reference_id": "USN-6038-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6038-1/" }, { "reference_url": "https://usn.ubuntu.com/6038-2/", "reference_id": "USN-6038-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6038-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/923827?format=api", "purl": "pkg:deb/debian/golang-1.19@1.19~rc2-1?distro=bookworm", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.19@1.19~rc2-1%3Fdistro=bookworm" }, { "url": "http://public2.vulnerablecode.io/api/packages/923825?format=api", "purl": "pkg:deb/debian/golang-1.19@1.19.8-2?distro=bookworm", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.19@1.19.8-2%3Fdistro=bookworm" } ], "aliases": [ "CVE-2022-30632" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-g8y7-jdy7-afdh" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/350604?format=api", "vulnerability_id": "VCID-gtys-5r5h-p7ht", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-33810.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-33810.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-33810", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00011", "scoring_system": "epss", "scoring_elements": "0.01399", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00011", "scoring_system": "epss", "scoring_elements": "0.0139", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00011", "scoring_system": "epss", "scoring_elements": "0.01393", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00011", "scoring_system": "epss", "scoring_elements": "0.014", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00011", "scoring_system": "epss", "scoring_elements": "0.01409", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00011", "scoring_system": "epss", "scoring_elements": "0.01404", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00011", "scoring_system": "epss", "scoring_elements": "0.01216", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00011", "scoring_system": "epss", "scoring_elements": "0.01389", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00012", "scoring_system": "epss", "scoring_elements": "0.01708", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.00012", "scoring_system": "epss", "scoring_elements": "0.01703", "published_at": "2026-05-14T12:55:00Z" }, { "value": "0.00012", "scoring_system": "epss", "scoring_elements": "0.01694", "published_at": "2026-05-12T12:55:00Z" }, { "value": "5e-05", "scoring_system": "epss", "scoring_elements": "0.00211", "published_at": "2026-04-13T12:55:00Z" }, { "value": "5e-05", "scoring_system": "epss", "scoring_elements": "0.00276", "published_at": "2026-04-08T12:55:00Z" }, { "value": "5e-05", "scoring_system": "epss", "scoring_elements": "0.00274", "published_at": "2026-04-09T12:55:00Z" }, { "value": "5e-05", "scoring_system": "epss", "scoring_elements": "0.00212", "published_at": "2026-04-11T12:55:00Z" }, { "value": "9e-05", "scoring_system": "epss", "scoring_elements": "0.00967", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-33810" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU", "reference_id": "0uYbvbPZRWU", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-13T17:48:57Z/" } ], "url": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456335", "reference_id": "2456335", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456335" }, { "reference_url": "https://go.dev/cl/763763", "reference_id": "763763", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-13T17:48:57Z/" } ], "url": "https://go.dev/cl/763763" }, { "reference_url": "https://go.dev/issue/78332", "reference_id": "78332", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-13T17:48:57Z/" } ], "url": "https://go.dev/issue/78332" }, { "reference_url": "https://pkg.go.dev/vuln/GO-2026-4866", "reference_id": "GO-2026-4866", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-13T17:48:57Z/" } ], "url": "https://pkg.go.dev/vuln/GO-2026-4866" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:10155", "reference_id": "RHSA-2026:10155", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:10155" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:10158", "reference_id": "RHSA-2026:10158", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:10158" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:11330", "reference_id": "RHSA-2026:11330", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:11330" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:11331", "reference_id": "RHSA-2026:11331", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:11331" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:13545", "reference_id": "RHSA-2026:13545", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:13545" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:13791", "reference_id": "RHSA-2026:13791", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:13791" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:14391", "reference_id": "RHSA-2026:14391", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:14391" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7291", "reference_id": "RHSA-2026:7291", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7291" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:9385", "reference_id": "RHSA-2026:9385", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:9385" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/923834?format=api", "purl": "pkg:deb/debian/golang-1.19@0?distro=bookworm", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.19@0%3Fdistro=bookworm" }, { "url": "http://public2.vulnerablecode.io/api/packages/923825?format=api", "purl": "pkg:deb/debian/golang-1.19@1.19.8-2?distro=bookworm", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.19@1.19.8-2%3Fdistro=bookworm" } ], "aliases": [ "CVE-2026-33810" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-gtys-5r5h-p7ht" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/258004?format=api", "vulnerability_id": "VCID-h2xu-3fm4-hkap", "summary": "On Darwin, building a Go module which contains CGO can trigger arbitrary code execution when using the Apple version of ld, due to usage of the -lto_library flag in a \"#cgo LDFLAGS\" directive.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-24787", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02711", "scoring_system": "epss", "scoring_elements": "0.86062", "published_at": "2026-05-14T12:55:00Z" }, { "value": "0.02711", "scoring_system": "epss", "scoring_elements": "0.85918", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.02711", "scoring_system": "epss", "scoring_elements": "0.85916", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.02711", "scoring_system": "epss", "scoring_elements": "0.8591", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.02711", "scoring_system": "epss", "scoring_elements": "0.85928", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.02711", "scoring_system": "epss", "scoring_elements": "0.85933", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.02711", "scoring_system": "epss", "scoring_elements": "0.85924", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.02711", "scoring_system": "epss", "scoring_elements": "0.85945", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.02711", "scoring_system": "epss", "scoring_elements": "0.85954", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.02711", "scoring_system": "epss", "scoring_elements": "0.85974", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.02711", "scoring_system": "epss", "scoring_elements": "0.85996", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.02711", "scoring_system": "epss", "scoring_elements": "0.86014", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.02711", "scoring_system": "epss", "scoring_elements": "0.86011", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.02711", "scoring_system": "epss", "scoring_elements": "0.86024", "published_at": "2026-05-12T12:55:00Z" }, { "value": "0.02711", "scoring_system": "epss", "scoring_elements": "0.85854", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.02711", "scoring_system": "epss", "scoring_elements": "0.85871", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.02711", "scoring_system": "epss", "scoring_elements": "0.85875", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.02711", "scoring_system": "epss", "scoring_elements": "0.85894", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.02711", "scoring_system": "epss", "scoring_elements": "0.85904", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-24787" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2024/05/08/3", "reference_id": "3", "reference_type": "", "scores": [ { "value": "6.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-05T14:49:29Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2024/05/08/3" }, { "reference_url": "https://go.dev/cl/583815", "reference_id": "583815", "reference_type": "", "scores": [ { "value": "6.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-05T14:49:29Z/" } ], "url": "https://go.dev/cl/583815" }, { "reference_url": "https://go.dev/issue/67119", "reference_id": "67119", "reference_type": "", "scores": [ { "value": "6.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-05T14:49:29Z/" } ], "url": "https://go.dev/issue/67119" }, { "reference_url": "https://pkg.go.dev/vuln/GO-2024-2825", "reference_id": "GO-2024-2825", "reference_type": "", "scores": [ { "value": "6.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-05T14:49:29Z/" } ], "url": "https://pkg.go.dev/vuln/GO-2024-2825" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20240531-0006/", "reference_id": "ntap-20240531-0006", "reference_type": "", "scores": [ { "value": "6.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-05T14:49:29Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20240531-0006/" }, { "reference_url": "https://groups.google.com/g/golang-announce/c/wkkO4P9stm0", "reference_id": "wkkO4P9stm0", "reference_type": "", "scores": [ { "value": "6.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-05T14:49:29Z/" } ], "url": "https://groups.google.com/g/golang-announce/c/wkkO4P9stm0" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/923834?format=api", "purl": "pkg:deb/debian/golang-1.19@0?distro=bookworm", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.19@0%3Fdistro=bookworm" }, { "url": "http://public2.vulnerablecode.io/api/packages/923825?format=api", "purl": "pkg:deb/debian/golang-1.19@1.19.8-2?distro=bookworm", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.19@1.19.8-2%3Fdistro=bookworm" } ], "aliases": [ "CVE-2024-24787" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-h2xu-3fm4-hkap" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/48341?format=api", "vulnerability_id": "VCID-h3bw-m2us-cbgz", "summary": "Multiple vulnerabilities have been discovered in Go, the worst of which could result in denial of service.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-32190.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-32190.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-32190", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00085", "scoring_system": "epss", "scoring_elements": "0.24548", "published_at": "2026-05-14T12:55:00Z" }, { "value": "0.00085", "scoring_system": "epss", "scoring_elements": "0.24613", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00085", "scoring_system": "epss", "scoring_elements": "0.24557", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00085", "scoring_system": "epss", "scoring_elements": "0.24544", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00085", "scoring_system": "epss", "scoring_elements": "0.24501", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00085", "scoring_system": "epss", "scoring_elements": "0.24378", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00085", "scoring_system": "epss", "scoring_elements": "0.24456", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00085", "scoring_system": "epss", "scoring_elements": "0.24519", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00085", "scoring_system": "epss", "scoring_elements": "0.24449", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.00085", "scoring_system": "epss", "scoring_elements": "0.24468", "published_at": "2026-05-12T12:55:00Z" }, { "value": "0.00173", "scoring_system": "epss", "scoring_elements": "0.38702", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00173", "scoring_system": "epss", "scoring_elements": "0.3868", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00173", "scoring_system": "epss", "scoring_elements": "0.38696", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00173", "scoring_system": "epss", "scoring_elements": "0.38718", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00173", "scoring_system": "epss", "scoring_elements": "0.38647", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00173", "scoring_system": "epss", "scoring_elements": "0.38698", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00173", "scoring_system": "epss", "scoring_elements": "0.38708", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00173", "scoring_system": "epss", "scoring_elements": "0.38719", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00173", "scoring_system": "epss", "scoring_elements": "0.38681", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00173", "scoring_system": "epss", "scoring_elements": "0.38655", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-32190" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2124668", "reference_id": "2124668", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2124668" }, { "reference_url": "https://security.gentoo.org/glsa/202209-26", "reference_id": "GLSA-202209-26", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202209-26" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7398", "reference_id": "RHSA-2022:7398", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7398" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7399", "reference_id": "RHSA-2022:7399", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7399" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:8634", "reference_id": "RHSA-2022:8634", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:8634" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0264", "reference_id": "RHSA-2023:0264", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0264" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0584", "reference_id": "RHSA-2023:0584", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0584" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0693", "reference_id": "RHSA-2023:0693", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0693" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3204", "reference_id": "RHSA-2023:3204", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3204" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3205", "reference_id": "RHSA-2023:3205", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3205" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3613", "reference_id": "RHSA-2023:3613", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3613" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3642", "reference_id": "RHSA-2023:3642", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3642" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3742", "reference_id": "RHSA-2023:3742", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3742" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0485", "reference_id": "RHSA-2024:0485", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0485" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/923828?format=api", "purl": "pkg:deb/debian/golang-1.19@1.19.1-1?distro=bookworm", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.19@1.19.1-1%3Fdistro=bookworm" }, { "url": "http://public2.vulnerablecode.io/api/packages/923825?format=api", "purl": "pkg:deb/debian/golang-1.19@1.19.8-2?distro=bookworm", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.19@1.19.8-2%3Fdistro=bookworm" } ], "aliases": [ "CVE-2022-32190" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-h3bw-m2us-cbgz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/357445?format=api", "vulnerability_id": "VCID-hzsm-8a8e-xyeu", "summary": "The Dial and LookupPort functions panic on Windows when provided with an input containing a NUL (0).", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-39836", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.04714", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.04706", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.04717", "published_at": "2026-05-12T12:55:00Z" }, { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.05555", "published_at": "2026-05-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-39836" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://go.dev/cl/775320", "reference_id": "775320", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-08T16:36:25Z/" } ], "url": "https://go.dev/cl/775320" }, { "reference_url": "https://go.dev/issue/79006", "reference_id": "79006", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-08T16:36:25Z/" } ], "url": "https://go.dev/issue/79006" }, { "reference_url": "https://pkg.go.dev/vuln/GO-2026-4971", "reference_id": "GO-2026-4971", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-08T16:36:25Z/" } ], "url": "https://pkg.go.dev/vuln/GO-2026-4971" }, { "reference_url": "https://groups.google.com/g/golang-announce/c/qcCIEXso47M", "reference_id": "qcCIEXso47M", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-08T16:36:25Z/" } ], "url": "https://groups.google.com/g/golang-announce/c/qcCIEXso47M" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/923834?format=api", "purl": "pkg:deb/debian/golang-1.19@0?distro=bookworm", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.19@0%3Fdistro=bookworm" }, { "url": "http://public2.vulnerablecode.io/api/packages/923825?format=api", "purl": "pkg:deb/debian/golang-1.19@1.19.8-2?distro=bookworm", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.19@1.19.8-2%3Fdistro=bookworm" } ], "aliases": [ "CVE-2026-39836" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-hzsm-8a8e-xyeu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/69448?format=api", "vulnerability_id": "VCID-jsz8-cdt5-27f6", "summary": "crypto/x509: Usage of ExtKeyUsageAny disables policy validation in crypto/x509", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-22874.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-22874.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-22874", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.06899", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.06949", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00076", "scoring_system": "epss", "scoring_elements": "0.22653", "published_at": "2026-05-14T12:55:00Z" }, { "value": "0.00076", "scoring_system": "epss", "scoring_elements": "0.22742", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00076", "scoring_system": "epss", "scoring_elements": "0.22701", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00076", "scoring_system": "epss", "scoring_elements": "0.22539", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00076", "scoring_system": "epss", "scoring_elements": "0.22531", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00076", "scoring_system": "epss", "scoring_elements": "0.22529", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00076", "scoring_system": "epss", "scoring_elements": "0.22433", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00076", "scoring_system": "epss", "scoring_elements": "0.22516", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00076", "scoring_system": "epss", "scoring_elements": "0.22595", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00076", "scoring_system": "epss", "scoring_elements": "0.22561", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.00076", "scoring_system": "epss", "scoring_elements": "0.22576", "published_at": "2026-05-12T12:55:00Z" }, { "value": "0.00076", "scoring_system": "epss", "scoring_elements": "0.22676", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00076", "scoring_system": "epss", "scoring_elements": "0.22752", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00076", "scoring_system": "epss", "scoring_elements": "0.22803", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00076", "scoring_system": "epss", "scoring_elements": "0.22825", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00076", "scoring_system": "epss", "scoring_elements": "0.22787", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00076", "scoring_system": "epss", "scoring_elements": "0.22731", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00076", "scoring_system": "epss", "scoring_elements": "0.22747", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-22874" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1107364", "reference_id": "1107364", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1107364" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372320", "reference_id": "2372320", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372320" }, { "reference_url": "https://go.dev/cl/670375", "reference_id": "670375", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-11T17:45:40Z/" } ], "url": "https://go.dev/cl/670375" }, { "reference_url": "https://go.dev/issue/73612", "reference_id": "73612", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-11T17:45:40Z/" } ], "url": "https://go.dev/issue/73612" }, { "reference_url": "https://security.archlinux.org/ASA-202506-4", "reference_id": "ASA-202506-4", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202506-4" }, { "reference_url": "https://security.archlinux.org/AVG-2896", "reference_id": "AVG-2896", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2896" }, { "reference_url": "https://pkg.go.dev/vuln/GO-2025-3749", "reference_id": "GO-2025-3749", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-11T17:45:40Z/" } ], "url": "https://pkg.go.dev/vuln/GO-2025-3749" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10676", "reference_id": "RHSA-2025:10676", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10676" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10677", "reference_id": "RHSA-2025:10677", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10677" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:13931", "reference_id": "RHSA-2025:13931", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:13931" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:13932", "reference_id": "RHSA-2025:13932", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:13932" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:14470", "reference_id": "RHSA-2025:14470", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:14470" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:14472", "reference_id": "RHSA-2025:14472", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:14472" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:14473", "reference_id": "RHSA-2025:14473", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:14473" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:14476", "reference_id": "RHSA-2025:14476", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:14476" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:14479", "reference_id": "RHSA-2025:14479", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:14479" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:14481", "reference_id": "RHSA-2025:14481", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:14481" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:14484", "reference_id": "RHSA-2025:14484", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:14484" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:17043", "reference_id": "RHSA-2025:17043", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:17043" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:17730", "reference_id": "RHSA-2025:17730", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:17730" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:17731", "reference_id": "RHSA-2025:17731", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:17731" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:19003", "reference_id": "RHSA-2025:19003", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:19003" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:19890", "reference_id": "RHSA-2025:19890", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:19890" }, { "reference_url": "https://groups.google.com/g/golang-announce/c/ufZ8WpEsA3A", "reference_id": "ufZ8WpEsA3A", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-11T17:45:40Z/" } ], "url": "https://groups.google.com/g/golang-announce/c/ufZ8WpEsA3A" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/923834?format=api", "purl": "pkg:deb/debian/golang-1.19@0?distro=bookworm", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.19@0%3Fdistro=bookworm" }, { "url": "http://public2.vulnerablecode.io/api/packages/923825?format=api", "purl": "pkg:deb/debian/golang-1.19@1.19.8-2?distro=bookworm", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.19@1.19.8-2%3Fdistro=bookworm" } ], "aliases": [ "CVE-2025-22874" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jsz8-cdt5-27f6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/67452?format=api", "vulnerability_id": "VCID-kjf2-r6zt-zqg9", "summary": "net/http: CrossOriginProtection bypass in net/http", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-47910.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-47910.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-47910", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00011", "scoring_system": "epss", "scoring_elements": "0.01189", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00011", "scoring_system": "epss", "scoring_elements": "0.01529", "published_at": "2026-05-14T12:55:00Z" }, { "value": "0.00011", "scoring_system": "epss", "scoring_elements": "0.01204", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00011", "scoring_system": "epss", "scoring_elements": "0.01211", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00011", "scoring_system": "epss", "scoring_elements": "0.01214", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00011", "scoring_system": "epss", "scoring_elements": "0.012", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00011", "scoring_system": "epss", "scoring_elements": "0.01194", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00011", "scoring_system": "epss", "scoring_elements": "0.01197", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00011", "scoring_system": "epss", "scoring_elements": "0.01186", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00011", "scoring_system": "epss", "scoring_elements": "0.01549", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00011", "scoring_system": "epss", "scoring_elements": "0.01536", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00011", "scoring_system": "epss", "scoring_elements": "0.0153", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00011", "scoring_system": "epss", "scoring_elements": "0.01523", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00011", "scoring_system": "epss", "scoring_elements": "0.01521", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.00011", "scoring_system": "epss", "scoring_elements": "0.01518", "published_at": "2026-05-12T12:55:00Z" }, { "value": "0.00011", "scoring_system": "epss", "scoring_elements": "0.01195", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00012", "scoring_system": "epss", "scoring_elements": "0.0174", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00012", "scoring_system": "epss", "scoring_elements": "0.01641", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00012", "scoring_system": "epss", "scoring_elements": "0.01734", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00013", "scoring_system": "epss", "scoring_elements": "0.02183", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-47910" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1116341", "reference_id": "1116341", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1116341" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2397528", "reference_id": "2397528", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2397528" }, { "reference_url": "https://go.dev/cl/699275", "reference_id": "699275", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-24T13:29:38Z/" } ], "url": "https://go.dev/cl/699275" }, { "reference_url": "https://go.dev/issue/75054", "reference_id": "75054", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-24T13:29:38Z/" } ], "url": "https://go.dev/issue/75054" }, { "reference_url": "https://groups.google.com/g/golang-announce/c/PtW9VW21NPs/m/DJhMQ-m5AQAJ", "reference_id": "DJhMQ-m5AQAJ", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-24T13:29:38Z/" } ], "url": "https://groups.google.com/g/golang-announce/c/PtW9VW21NPs/m/DJhMQ-m5AQAJ" }, { "reference_url": "https://pkg.go.dev/vuln/GO-2025-3955", "reference_id": "GO-2025-3955", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-24T13:29:38Z/" } ], "url": "https://pkg.go.dev/vuln/GO-2025-3955" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7291", "reference_id": "RHSA-2026:7291", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7291" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7385", "reference_id": "RHSA-2026:7385", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7385" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/923834?format=api", "purl": "pkg:deb/debian/golang-1.19@0?distro=bookworm", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.19@0%3Fdistro=bookworm" }, { "url": "http://public2.vulnerablecode.io/api/packages/923825?format=api", "purl": "pkg:deb/debian/golang-1.19@1.19.8-2?distro=bookworm", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.19@1.19.8-2%3Fdistro=bookworm" } ], "aliases": [ "CVE-2025-47910" ], "risk_score": 2.5, "exploitability": "0.5", "weighted_severity": "4.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-kjf2-r6zt-zqg9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/71945?format=api", "vulnerability_id": "VCID-nwsd-53hk-ffhr", "summary": "crypto/x509: ParsePKCS1PrivateKey panic with partial keys in crypto/x509", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-22865.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-22865.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-22865", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22507", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22321", "published_at": "2026-05-14T12:55:00Z" }, { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22364", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22214", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22201", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22193", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22088", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22168", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22247", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22216", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22239", "published_at": "2026-05-12T12:55:00Z" }, { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.2255", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22339", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22421", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22475", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22495", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22453", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22398", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22416", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22414", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-22865" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2342464", "reference_id": "2342464", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2342464" }, { "reference_url": "https://go.dev/cl/643098", "reference_id": "643098", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-01-28T14:58:11Z/" } ], "url": "https://go.dev/cl/643098" }, { "reference_url": "https://go.dev/issue/71216", "reference_id": "71216", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-01-28T14:58:11Z/" } ], "url": "https://go.dev/issue/71216" }, { "reference_url": "https://groups.google.com/g/golang-dev/c/CAWXhan3Jww/m/bk9LAa-lCgAJ", "reference_id": "bk9LAa-lCgAJ", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-01-28T14:58:11Z/" } ], "url": "https://groups.google.com/g/golang-dev/c/CAWXhan3Jww/m/bk9LAa-lCgAJ" }, { "reference_url": "https://pkg.go.dev/vuln/GO-2025-3421", "reference_id": "GO-2025-3421", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-01-28T14:58:11Z/" } ], "url": "https://pkg.go.dev/vuln/GO-2025-3421" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:11749", "reference_id": "RHSA-2025:11749", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:11749" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:11889", "reference_id": "RHSA-2025:11889", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:11889" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/923834?format=api", "purl": "pkg:deb/debian/golang-1.19@0?distro=bookworm", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.19@0%3Fdistro=bookworm" }, { "url": "http://public2.vulnerablecode.io/api/packages/923825?format=api", "purl": "pkg:deb/debian/golang-1.19@1.19.8-2?distro=bookworm", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.19@1.19.8-2%3Fdistro=bookworm" } ], "aliases": [ "CVE-2025-22865" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-nwsd-53hk-ffhr" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/64346?format=api", "vulnerability_id": "VCID-pcez-y67t-8yg3", "summary": "net/url: Incorrect parsing of IPv6 host literals in net/url", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-25679.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-25679.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-25679", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00031", "scoring_system": "epss", "scoring_elements": "0.08816", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00031", "scoring_system": "epss", "scoring_elements": "0.08768", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00033", "scoring_system": "epss", "scoring_elements": "0.09802", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00033", "scoring_system": "epss", "scoring_elements": "0.09672", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00033", "scoring_system": "epss", "scoring_elements": "0.09743", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00033", "scoring_system": "epss", "scoring_elements": "0.09793", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00033", "scoring_system": "epss", "scoring_elements": "0.09771", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00033", "scoring_system": "epss", "scoring_elements": "0.09754", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00033", "scoring_system": "epss", "scoring_elements": "0.0964", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00033", "scoring_system": "epss", "scoring_elements": "0.09612", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00044", "scoring_system": "epss", "scoring_elements": "0.13678", "published_at": "2026-05-14T12:55:00Z" }, { "value": "0.00051", "scoring_system": "epss", "scoring_elements": "0.15881", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00052", "scoring_system": "epss", "scoring_elements": "0.15853", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00052", "scoring_system": "epss", "scoring_elements": "0.15964", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00052", "scoring_system": "epss", "scoring_elements": "0.16065", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00052", "scoring_system": "epss", "scoring_elements": "0.16041", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.00052", "scoring_system": "epss", "scoring_elements": "0.16074", "published_at": "2026-05-12T12:55:00Z" }, { "value": "0.00052", "scoring_system": "epss", "scoring_elements": "0.16017", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00052", "scoring_system": "epss", "scoring_elements": "0.15973", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00052", "scoring_system": "epss", "scoring_elements": "0.16013", "published_at": "2026-04-26T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-25679" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2445356", "reference_id": "2445356", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2445356" }, { "reference_url": "https://go.dev/cl/752180", "reference_id": "752180", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-10T13:36:26Z/" } ], "url": "https://go.dev/cl/752180" }, { "reference_url": "https://go.dev/issue/77578", "reference_id": "77578", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-10T13:36:26Z/" } ], "url": "https://go.dev/issue/77578" }, { "reference_url": "https://groups.google.com/g/golang-announce/c/EdhZqrQ98hk", "reference_id": "EdhZqrQ98hk", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-10T13:36:26Z/" } ], "url": "https://groups.google.com/g/golang-announce/c/EdhZqrQ98hk" }, { "reference_url": "https://pkg.go.dev/vuln/GO-2026-4601", "reference_id": "GO-2026-4601", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-10T13:36:26Z/" } ], "url": "https://pkg.go.dev/vuln/GO-2026-4601" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:10065", "reference_id": "RHSA-2026:10065", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:10065" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:10125", "reference_id": "RHSA-2026:10125", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:10125" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:10133", "reference_id": "RHSA-2026:10133", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:10133" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:10140", "reference_id": "RHSA-2026:10140", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:10140" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:10141", "reference_id": "RHSA-2026:10141", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:10141" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:10158", "reference_id": "RHSA-2026:10158", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:10158" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:10169", "reference_id": "RHSA-2026:10169", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:10169" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:10175", "reference_id": "RHSA-2026:10175", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:10175" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:10184", "reference_id": "RHSA-2026:10184", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:10184" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:10225", "reference_id": "RHSA-2026:10225", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:10225" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:10250", "reference_id": "RHSA-2026:10250", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:10250" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:10701", "reference_id": "RHSA-2026:10701", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:10701" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:10712", "reference_id": "RHSA-2026:10712", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:10712" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:10929", "reference_id": "RHSA-2026:10929", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:10929" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:11217", "reference_id": "RHSA-2026:11217", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:11217" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:11331", "reference_id": "RHSA-2026:11331", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:11331" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:11375", "reference_id": "RHSA-2026:11375", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:11375" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:11412", "reference_id": "RHSA-2026:11412", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:11412" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:11413", "reference_id": "RHSA-2026:11413", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:11413" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:11686", "reference_id": "RHSA-2026:11686", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:11686" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:11688", "reference_id": "RHSA-2026:11688", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:11688" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:11747", "reference_id": "RHSA-2026:11747", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:11747" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:11749", "reference_id": "RHSA-2026:11749", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:11749" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:11768", "reference_id": "RHSA-2026:11768", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:11768" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:11800", "reference_id": "RHSA-2026:11800", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:11800" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:11856", "reference_id": "RHSA-2026:11856", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:11856" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:11916", "reference_id": "RHSA-2026:11916", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:11916" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:11996", "reference_id": "RHSA-2026:11996", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:11996" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:12028", "reference_id": "RHSA-2026:12028", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:12028" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:12029", "reference_id": "RHSA-2026:12029", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:12029" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:12030", "reference_id": "RHSA-2026:12030", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:12030" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:12031", "reference_id": "RHSA-2026:12031", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:12031" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:12032", "reference_id": "RHSA-2026:12032", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:12032" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:12033", "reference_id": "RHSA-2026:12033", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:12033" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:12282", "reference_id": "RHSA-2026:12282", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:12282" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:13508", "reference_id": "RHSA-2026:13508", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:13508" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:13512", "reference_id": "RHSA-2026:13512", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:13512" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:13545", "reference_id": "RHSA-2026:13545", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:13545" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:13642", "reference_id": "RHSA-2026:13642", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:13642" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:13643", "reference_id": "RHSA-2026:13643", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:13643" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:13671", "reference_id": "RHSA-2026:13671", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:13671" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:13791", "reference_id": "RHSA-2026:13791", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:13791" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:14020", "reference_id": "RHSA-2026:14020", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:14020" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:14100", "reference_id": "RHSA-2026:14100", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:14100" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:14774", "reference_id": "RHSA-2026:14774", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:14774" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:14868", "reference_id": "RHSA-2026:14868", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:14868" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:14879", "reference_id": "RHSA-2026:14879", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:14879" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:15091", "reference_id": "RHSA-2026:15091", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:15091" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:16102", "reference_id": "RHSA-2026:16102", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:16102" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:16696", "reference_id": "RHSA-2026:16696", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:16696" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:16874", "reference_id": "RHSA-2026:16874", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:16874" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:16875", "reference_id": "RHSA-2026:16875", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:16875" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:17040", "reference_id": "RHSA-2026:17040", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:17040" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:17084", "reference_id": "RHSA-2026:17084", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:17084" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:17287", "reference_id": "RHSA-2026:17287", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:17287" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5110", "reference_id": "RHSA-2026:5110", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5110" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5549", "reference_id": "RHSA-2026:5549", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5549" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5941", "reference_id": "RHSA-2026:5941", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5941" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5942", "reference_id": "RHSA-2026:5942", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5942" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5943", "reference_id": "RHSA-2026:5943", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5943" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5944", "reference_id": "RHSA-2026:5944", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5944" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6341", "reference_id": "RHSA-2026:6341", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6341" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6344", "reference_id": "RHSA-2026:6344", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6344" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6382", "reference_id": "RHSA-2026:6382", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6382" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6383", "reference_id": "RHSA-2026:6383", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6383" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6388", "reference_id": "RHSA-2026:6388", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6388" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6564", "reference_id": "RHSA-2026:6564", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6564" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6720", "reference_id": "RHSA-2026:6720", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6720" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6802", "reference_id": "RHSA-2026:6802", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6802" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6949", "reference_id": "RHSA-2026:6949", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6949" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7005", "reference_id": "RHSA-2026:7005", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7005" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7009", "reference_id": "RHSA-2026:7009", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7009" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7011", "reference_id": "RHSA-2026:7011", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7011" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7259", "reference_id": "RHSA-2026:7259", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7259" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7291", "reference_id": "RHSA-2026:7291", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7291" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7315", "reference_id": "RHSA-2026:7315", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7315" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7328", "reference_id": "RHSA-2026:7328", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7328" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7385", "reference_id": "RHSA-2026:7385", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7385" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7665", "reference_id": "RHSA-2026:7665", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7665" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7669", "reference_id": "RHSA-2026:7669", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7669" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7674", "reference_id": "RHSA-2026:7674", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7674" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7833", "reference_id": "RHSA-2026:7833", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7833" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7834", "reference_id": "RHSA-2026:7834", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7834" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7876", "reference_id": "RHSA-2026:7876", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7876" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7877", "reference_id": "RHSA-2026:7877", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7877" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7878", "reference_id": "RHSA-2026:7878", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7878" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7879", "reference_id": "RHSA-2026:7879", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7879" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7883", "reference_id": "RHSA-2026:7883", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7883" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7992", "reference_id": "RHSA-2026:7992", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7992" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8151", "reference_id": "RHSA-2026:8151", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8151" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8167", "reference_id": "RHSA-2026:8167", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8167" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8314", "reference_id": "RHSA-2026:8314", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8314" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8322", "reference_id": "RHSA-2026:8322", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8322" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8324", "reference_id": "RHSA-2026:8324", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8324" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8337", "reference_id": "RHSA-2026:8337", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8337" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8338", "reference_id": "RHSA-2026:8338", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8338" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8433", "reference_id": "RHSA-2026:8433", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8433" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8434", "reference_id": "RHSA-2026:8434", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8434" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8456", "reference_id": "RHSA-2026:8456", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8456" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8483", "reference_id": "RHSA-2026:8483", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8483" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8484", "reference_id": "RHSA-2026:8484", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8484" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8490", "reference_id": "RHSA-2026:8490", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8490" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8491", "reference_id": "RHSA-2026:8491", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8491" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8493", "reference_id": "RHSA-2026:8493", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8493" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8840", "reference_id": "RHSA-2026:8840", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8840" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8841", "reference_id": "RHSA-2026:8841", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8841" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8842", "reference_id": "RHSA-2026:8842", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8842" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8845", "reference_id": "RHSA-2026:8845", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8845" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8847", "reference_id": "RHSA-2026:8847", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8847" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8848", "reference_id": "RHSA-2026:8848", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8848" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8849", "reference_id": "RHSA-2026:8849", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8849" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8851", "reference_id": "RHSA-2026:8851", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8851" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8852", "reference_id": "RHSA-2026:8852", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8852" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8853", "reference_id": "RHSA-2026:8853", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8853" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8855", "reference_id": "RHSA-2026:8855", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8855" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8856", "reference_id": "RHSA-2026:8856", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8856" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8860", "reference_id": "RHSA-2026:8860", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8860" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8877", "reference_id": "RHSA-2026:8877", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8877" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8878", "reference_id": "RHSA-2026:8878", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8878" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8879", "reference_id": "RHSA-2026:8879", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8879" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8881", "reference_id": "RHSA-2026:8881", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8881" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8882", "reference_id": "RHSA-2026:8882", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8882" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8930", "reference_id": "RHSA-2026:8930", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8930" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8931", "reference_id": "RHSA-2026:8931", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8931" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8949", "reference_id": "RHSA-2026:8949", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8949" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:9043", "reference_id": "RHSA-2026:9043", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:9043" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:9044", "reference_id": "RHSA-2026:9044", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:9044" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:9052", "reference_id": "RHSA-2026:9052", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:9052" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:9090", "reference_id": "RHSA-2026:9090", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:9090" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:9093", "reference_id": "RHSA-2026:9093", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:9093" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:9094", "reference_id": "RHSA-2026:9094", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:9094" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:9097", "reference_id": "RHSA-2026:9097", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:9097" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:9098", "reference_id": "RHSA-2026:9098", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:9098" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:9108", "reference_id": "RHSA-2026:9108", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:9108" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:9109", "reference_id": "RHSA-2026:9109", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:9109" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:9385", "reference_id": "RHSA-2026:9385", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:9385" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:9434", "reference_id": "RHSA-2026:9434", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:9434" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:9435", "reference_id": "RHSA-2026:9435", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:9435" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:9436", "reference_id": "RHSA-2026:9436", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:9436" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:9439", "reference_id": "RHSA-2026:9439", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:9439" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:9440", "reference_id": "RHSA-2026:9440", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:9440" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:9448", "reference_id": "RHSA-2026:9448", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:9448" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:9453", "reference_id": "RHSA-2026:9453", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:9453" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:9461", "reference_id": "RHSA-2026:9461", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:9461" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:9695", "reference_id": "RHSA-2026:9695", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:9695" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:9742", "reference_id": "RHSA-2026:9742", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:9742" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:9872", "reference_id": "RHSA-2026:9872", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:9872" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/923834?format=api", "purl": "pkg:deb/debian/golang-1.19@0?distro=bookworm", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.19@0%3Fdistro=bookworm" }, { "url": "http://public2.vulnerablecode.io/api/packages/923825?format=api", "purl": "pkg:deb/debian/golang-1.19@1.19.8-2?distro=bookworm", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.19@1.19.8-2%3Fdistro=bookworm" } ], "aliases": [ "CVE-2026-25679" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-pcez-y67t-8yg3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/36635?format=api", "vulnerability_id": "VCID-ps89-8u5a-kfc8", "summary": "Multiple vulnerabilities have been found in Go, the worst of which could result in remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-1705.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-1705.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-1705", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0004", "scoring_system": "epss", "scoring_elements": "0.11998", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.0004", "scoring_system": "epss", "scoring_elements": "0.11944", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.0004", "scoring_system": "epss", "scoring_elements": "0.11973", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.00053", "scoring_system": "epss", "scoring_elements": "0.16652", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00053", "scoring_system": "epss", "scoring_elements": "0.16637", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00053", "scoring_system": "epss", "scoring_elements": "0.1681", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00053", "scoring_system": "epss", "scoring_elements": "0.16867", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00053", "scoring_system": "epss", "scoring_elements": "0.16737", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00053", "scoring_system": "epss", "scoring_elements": "0.16791", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00053", "scoring_system": "epss", "scoring_elements": "0.16771", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00053", "scoring_system": "epss", "scoring_elements": "0.16727", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00053", "scoring_system": "epss", "scoring_elements": "0.1667", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00053", "scoring_system": "epss", "scoring_elements": "0.16606", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00053", "scoring_system": "epss", "scoring_elements": "0.16615", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00053", "scoring_system": "epss", "scoring_elements": "0.16653", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00053", "scoring_system": "epss", "scoring_elements": "0.16555", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00053", "scoring_system": "epss", "scoring_elements": "0.16544", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00053", "scoring_system": "epss", "scoring_elements": "0.16509", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00053", "scoring_system": "epss", "scoring_elements": "0.16374", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00055", "scoring_system": "epss", "scoring_elements": "0.17131", "published_at": "2026-05-14T12:55:00Z" }, { "value": "0.00055", "scoring_system": "epss", "scoring_elements": "0.17043", "published_at": "2026-05-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-1705" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1705", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1705" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2107374", "reference_id": "2107374", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2107374" }, { "reference_url": "https://go.dev/cl/409874", "reference_id": "409874", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-24T20:38:47Z/" } ], "url": "https://go.dev/cl/409874" }, { "reference_url": "https://go.dev/cl/410714", "reference_id": "410714", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-24T20:38:47Z/" } ], "url": "https://go.dev/cl/410714" }, { "reference_url": "https://go.dev/issue/53188", "reference_id": "53188", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-24T20:38:47Z/" } ], "url": "https://go.dev/issue/53188" }, { "reference_url": "https://go.googlesource.com/go/+/e5017a93fcde94f09836200bca55324af037ee5f", "reference_id": "e5017a93fcde94f09836200bca55324af037ee5f", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-24T20:38:47Z/" } ], "url": "https://go.googlesource.com/go/+/e5017a93fcde94f09836200bca55324af037ee5f" }, { "reference_url": "https://security.gentoo.org/glsa/202208-02", "reference_id": "GLSA-202208-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202208-02" }, { "reference_url": "https://pkg.go.dev/vuln/GO-2022-0525", "reference_id": "GO-2022-0525", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-24T20:38:47Z/" } ], "url": "https://pkg.go.dev/vuln/GO-2022-0525" }, { "reference_url": "https://groups.google.com/g/golang-announce/c/nqrv9fbR0zE", "reference_id": "nqrv9fbR0zE", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-24T20:38:47Z/" } ], "url": "https://groups.google.com/g/golang-announce/c/nqrv9fbR0zE" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5068", "reference_id": "RHSA-2022:5068", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5068" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5775", "reference_id": "RHSA-2022:5775", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5775" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5799", "reference_id": "RHSA-2022:5799", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5799" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5866", "reference_id": "RHSA-2022:5866", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5866" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:6040", "reference_id": "RHSA-2022:6040", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:6040" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:6042", "reference_id": "RHSA-2022:6042", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:6042" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:6113", "reference_id": "RHSA-2022:6113", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:6113" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:6152", "reference_id": "RHSA-2022:6152", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:6152" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:6183", "reference_id": "RHSA-2022:6183", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:6183" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:6187", "reference_id": "RHSA-2022:6187", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:6187" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:6188", "reference_id": "RHSA-2022:6188", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:6188" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:6283", "reference_id": "RHSA-2022:6283", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:6283" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:6344", "reference_id": "RHSA-2022:6344", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:6344" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:6430", "reference_id": "RHSA-2022:6430", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:6430" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7129", "reference_id": "RHSA-2022:7129", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7129" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7398", "reference_id": "RHSA-2022:7398", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7398" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7399", "reference_id": "RHSA-2022:7399", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7399" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7519", "reference_id": "RHSA-2022:7519", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7519" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7529", "reference_id": "RHSA-2022:7529", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7529" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7648", "reference_id": "RHSA-2022:7648", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7648" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:8057", "reference_id": "RHSA-2022:8057", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:8057" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:8098", "reference_id": "RHSA-2022:8098", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:8098" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:8250", "reference_id": "RHSA-2022:8250", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:8250" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:8626", "reference_id": "RHSA-2022:8626", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:8626" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:9047", "reference_id": "RHSA-2022:9047", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:9047" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0407", "reference_id": "RHSA-2023:0407", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0407" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0408", "reference_id": "RHSA-2023:0408", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0408" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1042", "reference_id": "RHSA-2023:1042", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1042" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1275", "reference_id": "RHSA-2023:1275", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1275" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1529", "reference_id": "RHSA-2023:1529", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1529" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:2357", "reference_id": "RHSA-2023:2357", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:2357" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:2758", "reference_id": "RHSA-2023:2758", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:2758" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:2802", "reference_id": "RHSA-2023:2802", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:2802" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3642", "reference_id": "RHSA-2023:3642", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3642" }, { "reference_url": "https://usn.ubuntu.com/6038-1/", "reference_id": "USN-6038-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6038-1/" }, { "reference_url": "https://usn.ubuntu.com/6038-2/", "reference_id": "USN-6038-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6038-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/923826?format=api", "purl": "pkg:deb/debian/golang-1.19@1.19~rc1-1?distro=bookworm", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.19@1.19~rc1-1%3Fdistro=bookworm" }, { "url": "http://public2.vulnerablecode.io/api/packages/923825?format=api", "purl": "pkg:deb/debian/golang-1.19@1.19.8-2?distro=bookworm", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.19@1.19.8-2%3Fdistro=bookworm" } ], "aliases": [ "CVE-2022-1705" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ps89-8u5a-kfc8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/48753?format=api", "vulnerability_id": "VCID-qemj-x1bx-h7gp", "summary": "Multiple vulnerabilities have been discovered in Go, the worst of which could lead to information leakage or a denial of service.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-24788.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-24788.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-24788", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00149", "scoring_system": "epss", "scoring_elements": "0.35018", "published_at": "2026-05-14T12:55:00Z" }, { "value": "0.00149", "scoring_system": "epss", "scoring_elements": "0.35458", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00149", "scoring_system": "epss", "scoring_elements": "0.35467", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00149", "scoring_system": "epss", "scoring_elements": "0.35424", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00149", "scoring_system": "epss", "scoring_elements": "0.354", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00149", "scoring_system": "epss", "scoring_elements": "0.3544", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00149", "scoring_system": "epss", "scoring_elements": "0.35428", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00149", "scoring_system": "epss", "scoring_elements": "0.35375", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00149", "scoring_system": "epss", "scoring_elements": "0.3514", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00149", "scoring_system": "epss", "scoring_elements": "0.35119", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00149", "scoring_system": "epss", "scoring_elements": "0.3503", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00149", "scoring_system": "epss", "scoring_elements": "0.34908", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00149", "scoring_system": "epss", "scoring_elements": "0.3498", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00149", "scoring_system": "epss", "scoring_elements": "0.35017", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00149", "scoring_system": "epss", "scoring_elements": "0.34922", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.00149", "scoring_system": "epss", "scoring_elements": "0.34948", "published_at": "2026-05-12T12:55:00Z" }, { "value": "0.00149", "scoring_system": "epss", "scoring_elements": "0.3548", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00149", "scoring_system": "epss", "scoring_elements": "0.35504", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00149", "scoring_system": "epss", "scoring_elements": "0.35387", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00149", "scoring_system": "epss", "scoring_elements": "0.35433", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-24788" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2279814", "reference_id": "2279814", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2279814" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2024/05/08/3", "reference_id": "3", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-12T19:38:26Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2024/05/08/3" }, { "reference_url": "https://go.dev/cl/578375", "reference_id": "578375", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-12T19:38:26Z/" } ], "url": "https://go.dev/cl/578375" }, { "reference_url": "https://go.dev/issue/66754", "reference_id": "66754", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-12T19:38:26Z/" } ], "url": "https://go.dev/issue/66754" }, { "reference_url": "https://security.gentoo.org/glsa/202408-07", "reference_id": "GLSA-202408-07", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202408-07" }, { "reference_url": "https://pkg.go.dev/vuln/GO-2024-2824", "reference_id": "GO-2024-2824", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-12T19:38:26Z/" } ], "url": "https://pkg.go.dev/vuln/GO-2024-2824" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20240605-0002/", "reference_id": "ntap-20240605-0002", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-12T19:38:26Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20240605-0002/" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20240614-0001/", "reference_id": "ntap-20240614-0001", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-12T19:38:26Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20240614-0001/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4616", "reference_id": "RHSA-2024:4616", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4616" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4697", "reference_id": "RHSA-2024:4697", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4697" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4872", "reference_id": "RHSA-2024:4872", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4872" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4982", "reference_id": "RHSA-2024:4982", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4982" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5013", "reference_id": "RHSA-2024:5013", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5013" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5291", "reference_id": "RHSA-2024:5291", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5291" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5547", "reference_id": "RHSA-2024:5547", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5547" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:6221", "reference_id": "RHSA-2024:6221", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:6221" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:6341", "reference_id": "RHSA-2024:6341", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:6341" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:6969", "reference_id": "RHSA-2024:6969", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:6969" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7548", "reference_id": "RHSA-2024:7548", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7548" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9089", "reference_id": "RHSA-2024:9089", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:9089" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9115", "reference_id": "RHSA-2024:9115", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:9115" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9135", "reference_id": "RHSA-2024:9135", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:9135" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9200", "reference_id": "RHSA-2024:9200", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:9200" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9277", "reference_id": "RHSA-2024:9277", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:9277" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9485", "reference_id": "RHSA-2024:9485", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:9485" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9776", "reference_id": "RHSA-2025:9776", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:9776" }, { "reference_url": "https://usn.ubuntu.com/6886-1/", "reference_id": "USN-6886-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6886-1/" }, { "reference_url": "https://groups.google.com/g/golang-announce/c/wkkO4P9stm0", "reference_id": "wkkO4P9stm0", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-12T19:38:26Z/" } ], "url": "https://groups.google.com/g/golang-announce/c/wkkO4P9stm0" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/923834?format=api", "purl": "pkg:deb/debian/golang-1.19@0?distro=bookworm", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.19@0%3Fdistro=bookworm" }, { "url": "http://public2.vulnerablecode.io/api/packages/923825?format=api", "purl": "pkg:deb/debian/golang-1.19@1.19.8-2?distro=bookworm", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.19@1.19.8-2%3Fdistro=bookworm" } ], "aliases": [ "CVE-2024-24788" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qemj-x1bx-h7gp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/78608?format=api", "vulnerability_id": "VCID-rcxs-y7sb-pyb2", "summary": "golang: crypto/internal/nistec: specific unreduced P-256 scalars produce incorrect results", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-24532.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-24532.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-24532", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00026", "scoring_system": "epss", "scoring_elements": "0.07235", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00026", "scoring_system": "epss", "scoring_elements": "0.07571", "published_at": "2026-05-14T12:55:00Z" }, { "value": "0.00026", "scoring_system": "epss", "scoring_elements": "0.0732", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00026", "scoring_system": "epss", "scoring_elements": "0.07469", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00026", "scoring_system": "epss", "scoring_elements": "0.07536", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00026", "scoring_system": "epss", "scoring_elements": "0.07519", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.00026", "scoring_system": "epss", "scoring_elements": "0.07535", "published_at": "2026-05-12T12:55:00Z" }, { "value": "0.00026", "scoring_system": "epss", "scoring_elements": "0.07279", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00026", "scoring_system": "epss", "scoring_elements": "0.07258", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00026", "scoring_system": "epss", "scoring_elements": "0.07313", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00026", "scoring_system": "epss", "scoring_elements": "0.07339", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00026", "scoring_system": "epss", "scoring_elements": "0.07337", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00026", "scoring_system": "epss", "scoring_elements": "0.07324", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00026", "scoring_system": "epss", "scoring_elements": "0.07315", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00026", "scoring_system": "epss", "scoring_elements": "0.07245", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00026", "scoring_system": "epss", "scoring_elements": "0.07241", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00026", "scoring_system": "epss", "scoring_elements": "0.07368", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00026", "scoring_system": "epss", "scoring_elements": "0.07325", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00026", "scoring_system": "epss", "scoring_elements": "0.07331", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00026", "scoring_system": "epss", "scoring_elements": "0.07305", "published_at": "2026-04-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-24532" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-24532", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-24532" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2223355", "reference_id": "2223355", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2223355" }, { "reference_url": "https://groups.google.com/g/golang-announce/c/3-TpUx48iQY", "reference_id": "3-TpUx48iQY", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-01T15:58:31Z/" } ], "url": "https://groups.google.com/g/golang-announce/c/3-TpUx48iQY" }, { "reference_url": "https://go.dev/cl/471255", "reference_id": "471255", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-01T15:58:31Z/" } ], "url": "https://go.dev/cl/471255" }, { "reference_url": "https://pkg.go.dev/vuln/GO-2023-1621", "reference_id": "GO-2023-1621", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-01T15:58:31Z/" } ], "url": "https://pkg.go.dev/vuln/GO-2023-1621" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3318", "reference_id": "RHSA-2023:3318", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3318" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3319", "reference_id": "RHSA-2023:3319", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3319" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4627", "reference_id": "RHSA-2023:4627", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4627" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4657", "reference_id": "RHSA-2023:4657", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4657" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4892", "reference_id": "RHSA-2023:4892", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4892" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5314", "reference_id": "RHSA-2023:5314", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5314" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5935", "reference_id": "RHSA-2023:5935", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5935" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5947", "reference_id": "RHSA-2023:5947", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5947" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5976", "reference_id": "RHSA-2023:5976", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5976" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1383", "reference_id": "RHSA-2024:1383", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1383" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/923825?format=api", "purl": "pkg:deb/debian/golang-1.19@1.19.8-2?distro=bookworm", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.19@1.19.8-2%3Fdistro=bookworm" } ], "aliases": [ "CVE-2023-24532" ], "risk_score": 2.4, "exploitability": "0.5", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-rcxs-y7sb-pyb2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/42102?format=api", "vulnerability_id": "VCID-rtb8-bayb-dfbn", "summary": "Multiple vulnerabilities have been discovered in Go, the worst of which could lead to remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-41715.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-41715.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-41715", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00016", "scoring_system": "epss", "scoring_elements": "0.03813", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00016", "scoring_system": "epss", "scoring_elements": "0.03826", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00016", "scoring_system": "epss", "scoring_elements": "0.03841", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00016", "scoring_system": "epss", "scoring_elements": "0.03846", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00016", "scoring_system": "epss", "scoring_elements": "0.0387", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00016", "scoring_system": "epss", "scoring_elements": "0.03833", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00016", "scoring_system": "epss", "scoring_elements": "0.03814", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00016", "scoring_system": "epss", "scoring_elements": "0.03787", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00016", "scoring_system": "epss", "scoring_elements": "0.03767", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00016", "scoring_system": "epss", "scoring_elements": "0.03778", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00016", "scoring_system": "epss", "scoring_elements": "0.03901", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00016", "scoring_system": "epss", "scoring_elements": "0.03912", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00016", "scoring_system": "epss", "scoring_elements": "0.03916", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00016", "scoring_system": "epss", "scoring_elements": "0.03962", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00016", "scoring_system": "epss", "scoring_elements": "0.03915", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00016", "scoring_system": "epss", "scoring_elements": "0.03931", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00016", "scoring_system": "epss", "scoring_elements": "0.03965", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00016", "scoring_system": "epss", "scoring_elements": "0.03967", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.00016", "scoring_system": "epss", "scoring_elements": "0.03972", "published_at": "2026-05-12T12:55:00Z" }, { "value": "0.00016", "scoring_system": "epss", "scoring_elements": "0.03999", "published_at": "2026-05-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-41715" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41715", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41715" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2132872", "reference_id": "2132872", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2132872" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7398", "reference_id": "RHSA-2022:7398", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7398" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7399", "reference_id": "RHSA-2022:7399", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7399" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:8535", "reference_id": "RHSA-2022:8535", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:8535" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:8781", "reference_id": "RHSA-2022:8781", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:8781" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0264", "reference_id": "RHSA-2023:0264", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0264" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0328", "reference_id": "RHSA-2023:0328", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0328" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0445", "reference_id": "RHSA-2023:0445", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0445" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0446", "reference_id": "RHSA-2023:0446", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0446" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0584", "reference_id": "RHSA-2023:0584", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0584" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0693", "reference_id": "RHSA-2023:0693", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0693" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0708", "reference_id": "RHSA-2023:0708", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0708" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0709", "reference_id": "RHSA-2023:0709", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0709" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0727", "reference_id": "RHSA-2023:0727", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0727" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1042", "reference_id": "RHSA-2023:1042", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1042" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1079", "reference_id": "RHSA-2023:1079", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1079" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1174", "reference_id": "RHSA-2023:1174", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1174" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1275", "reference_id": "RHSA-2023:1275", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1275" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1529", "reference_id": "RHSA-2023:1529", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1529" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:2167", "reference_id": "RHSA-2023:2167", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:2167" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:2204", "reference_id": "RHSA-2023:2204", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:2204" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:2357", "reference_id": "RHSA-2023:2357", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:2357" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:2592", "reference_id": "RHSA-2023:2592", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:2592" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:2780", "reference_id": "RHSA-2023:2780", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:2780" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:2784", "reference_id": "RHSA-2023:2784", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:2784" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:2866", "reference_id": "RHSA-2023:2866", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:2866" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3205", "reference_id": "RHSA-2023:3205", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3205" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3613", "reference_id": "RHSA-2023:3613", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3613" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3642", "reference_id": "RHSA-2023:3642", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3642" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3742", "reference_id": "RHSA-2023:3742", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3742" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4003", "reference_id": "RHSA-2023:4003", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4003" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0121", "reference_id": "RHSA-2024:0121", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0121" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2586", "reference_id": "RHSA-2024:2586", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2586" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2944", "reference_id": "RHSA-2024:2944", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2944" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2988", "reference_id": "RHSA-2024:2988", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2988" }, { "reference_url": "https://usn.ubuntu.com/6038-1/", "reference_id": "USN-6038-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6038-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/923829?format=api", "purl": "pkg:deb/debian/golang-1.19@1.19.2-1?distro=bookworm", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.19@1.19.2-1%3Fdistro=bookworm" }, { "url": "http://public2.vulnerablecode.io/api/packages/923825?format=api", "purl": "pkg:deb/debian/golang-1.19@1.19.8-2?distro=bookworm", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.19@1.19.8-2%3Fdistro=bookworm" } ], "aliases": [ "CVE-2022-41715" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-rtb8-bayb-dfbn" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/78663?format=api", "vulnerability_id": "VCID-sbxp-ce7p-23dm", "summary": "golang: path/filepath: path-filepath filepath.Clean path traversal", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-41722.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-41722.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-41722", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00333", "scoring_system": "epss", "scoring_elements": "0.56187", "published_at": "2026-05-14T12:55:00Z" }, { "value": "0.00333", "scoring_system": "epss", "scoring_elements": "0.56104", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.00333", "scoring_system": "epss", "scoring_elements": "0.56128", "published_at": "2026-05-12T12:55:00Z" }, { "value": "0.0039", "scoring_system": "epss", "scoring_elements": "0.60127", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.0039", "scoring_system": "epss", "scoring_elements": "0.6001", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0039", "scoring_system": "epss", "scoring_elements": "0.60034", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0039", "scoring_system": "epss", "scoring_elements": "0.60004", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0039", "scoring_system": "epss", "scoring_elements": "0.60055", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0039", "scoring_system": "epss", "scoring_elements": "0.60069", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.0039", "scoring_system": "epss", "scoring_elements": "0.6009", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.0039", "scoring_system": "epss", "scoring_elements": "0.60075", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0039", "scoring_system": "epss", "scoring_elements": "0.60058", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0039", "scoring_system": "epss", "scoring_elements": "0.60097", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0039", "scoring_system": "epss", "scoring_elements": "0.60104", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.0039", "scoring_system": "epss", "scoring_elements": "0.6006", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.0039", "scoring_system": "epss", "scoring_elements": "0.60077", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.0039", "scoring_system": "epss", "scoring_elements": "0.60064", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.0039", "scoring_system": "epss", "scoring_elements": "0.60022", "published_at": "2026-05-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-41722" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41722", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41722" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2203008", "reference_id": "2203008", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2203008" }, { "reference_url": "https://go.dev/cl/468123", "reference_id": "468123", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-07T17:58:38Z/" } ], "url": "https://go.dev/cl/468123" }, { "reference_url": "https://go.dev/issue/57274", "reference_id": "57274", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-07T17:58:38Z/" } ], "url": "https://go.dev/issue/57274" }, { "reference_url": "https://pkg.go.dev/vuln/GO-2023-1568", "reference_id": "GO-2023-1568", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-07T17:58:38Z/" } ], "url": "https://pkg.go.dev/vuln/GO-2023-1568" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1325", "reference_id": "RHSA-2023:1325", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1325" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3304", "reference_id": "RHSA-2023:3304", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3304" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3366", "reference_id": "RHSA-2023:3366", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3366" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/923833?format=api", "purl": "pkg:deb/debian/golang-1.19@1.19.6-2?distro=bookworm", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.19@1.19.6-2%3Fdistro=bookworm" }, { "url": "http://public2.vulnerablecode.io/api/packages/923825?format=api", "purl": "pkg:deb/debian/golang-1.19@1.19.8-2?distro=bookworm", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.19@1.19.8-2%3Fdistro=bookworm" } ], "aliases": [ "CVE-2022-41722" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-sbxp-ce7p-23dm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/30836?format=api", "vulnerability_id": "VCID-sdd3-35ng-g7a3", "summary": "golang.org/x/net vulnerable to Uncontrolled Resource Consumption\nA maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number of small requests.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-41723.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-41723.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-41723", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00226", "scoring_system": "epss", "scoring_elements": "0.45165", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.00226", "scoring_system": "epss", "scoring_elements": "0.45264", "published_at": "2026-05-14T12:55:00Z" }, { "value": "0.00226", "scoring_system": "epss", "scoring_elements": "0.45189", "published_at": "2026-05-12T12:55:00Z" }, { "value": "0.00265", "scoring_system": "epss", "scoring_elements": "0.49915", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00265", "scoring_system": "epss", "scoring_elements": "0.4994", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00265", "scoring_system": "epss", "scoring_elements": "0.49989", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00265", "scoring_system": "epss", "scoring_elements": "0.49942", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00265", "scoring_system": "epss", "scoring_elements": "0.49941", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00265", "scoring_system": "epss", "scoring_elements": "0.49857", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00272", "scoring_system": "epss", "scoring_elements": "0.50711", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00272", "scoring_system": "epss", "scoring_elements": "0.50673", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00272", "scoring_system": "epss", "scoring_elements": "0.50648", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00272", "scoring_system": "epss", "scoring_elements": "0.50689", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00272", "scoring_system": "epss", "scoring_elements": "0.50674", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00272", "scoring_system": "epss", "scoring_elements": "0.50656", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00272", "scoring_system": "epss", "scoring_elements": "0.50669", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00272", "scoring_system": "epss", "scoring_elements": "0.50715", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00272", "scoring_system": "epss", "scoring_elements": "0.50721", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00272", "scoring_system": "epss", "scoring_elements": "0.50701", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00272", "scoring_system": "epss", "scoring_elements": "0.50636", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-41723" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41723", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41723" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://go.dev/cl/468135", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:37Z/" } ], "url": "https://go.dev/cl/468135" }, { "reference_url": "https://go.dev/cl/468295", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:37Z/" } ], "url": "https://go.dev/cl/468295" }, { "reference_url": "https://go.dev/issue/57855", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:37Z/" } ], "url": "https://go.dev/issue/57855" }, { "reference_url": "https://groups.google.com/g/golang-announce/c/V0aBFqaFs_E", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:37Z/" } ], "url": "https://groups.google.com/g/golang-announce/c/V0aBFqaFs_E" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4MA5XS5DAOJ5PKKNG5TUXKPQOFHT5VBC", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4MA5XS5DAOJ5PKKNG5TUXKPQOFHT5VBC" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RGW7GE2Z32ZT47UFAQFDRQE33B7Q7LMT", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RGW7GE2Z32ZT47UFAQFDRQE33B7Q7LMT" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RLBQ3A7ROLEQXQLXFDLNJ7MYPKG5GULE", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RLBQ3A7ROLEQXQLXFDLNJ7MYPKG5GULE" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XX3IMUTZKRQ73PBZM4E2JP4BKYH4C6XE", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XX3IMUTZKRQ73PBZM4E2JP4BKYH4C6XE" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-41723", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-41723" }, { "reference_url": "https://pkg.go.dev/vuln/GO-2023-1571", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:37Z/" } ], "url": "https://pkg.go.dev/vuln/GO-2023-1571" }, { "reference_url": "https://security.gentoo.org/glsa/202311-09", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:37Z/" } ], "url": "https://security.gentoo.org/glsa/202311-09" }, { "reference_url": "https://vuln.go.dev/ID/GO-2023-1571.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://vuln.go.dev/ID/GO-2023-1571.json" }, { "reference_url": "https://www.couchbase.com/alerts", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.couchbase.com/alerts" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2178358", "reference_id": "2178358", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2178358" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2/", "reference_id": "4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:37Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4MA5XS5DAOJ5PKKNG5TUXKPQOFHT5VBC/", "reference_id": "4MA5XS5DAOJ5PKKNG5TUXKPQOFHT5VBC", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:37Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4MA5XS5DAOJ5PKKNG5TUXKPQOFHT5VBC/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU/", "reference_id": "REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:37Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RGW7GE2Z32ZT47UFAQFDRQE33B7Q7LMT/", "reference_id": "RGW7GE2Z32ZT47UFAQFDRQE33B7Q7LMT", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:37Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RGW7GE2Z32ZT47UFAQFDRQE33B7Q7LMT/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1325", "reference_id": "RHSA-2023:1325", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1325" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1326", "reference_id": "RHSA-2023:1326", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1326" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3083", "reference_id": "RHSA-2023:3083", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3083" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3167", "reference_id": "RHSA-2023:3167", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3167" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3304", "reference_id": "RHSA-2023:3304", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3304" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3305", "reference_id": "RHSA-2023:3305", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3305" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3367", "reference_id": "RHSA-2023:3367", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3367" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3445", "reference_id": "RHSA-2023:3445", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3445" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3447", "reference_id": "RHSA-2023:3447", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3447" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3450", "reference_id": "RHSA-2023:3450", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3450" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3455", "reference_id": "RHSA-2023:3455", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3455" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3495", "reference_id": "RHSA-2023:3495", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3495" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3537", "reference_id": "RHSA-2023:3537", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3537" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3612", "reference_id": "RHSA-2023:3612", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3612" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3614", "reference_id": "RHSA-2023:3614", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3614" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3742", "reference_id": "RHSA-2023:3742", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3742" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3918", "reference_id": "RHSA-2023:3918", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3918" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3943", "reference_id": "RHSA-2023:3943", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3943" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4003", "reference_id": "RHSA-2023:4003", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4003" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4090", "reference_id": "RHSA-2023:4090", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4090" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4091", "reference_id": "RHSA-2023:4091", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4091" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4112", "reference_id": "RHSA-2023:4112", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4112" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4113", "reference_id": "RHSA-2023:4113", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4113" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4225", "reference_id": "RHSA-2023:4225", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4225" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4226", "reference_id": "RHSA-2023:4226", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4226" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4293", "reference_id": "RHSA-2023:4293", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4293" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4335", "reference_id": "RHSA-2023:4335", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4335" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4421", "reference_id": "RHSA-2023:4421", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4421" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4456", "reference_id": "RHSA-2023:4456", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4456" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4603", "reference_id": "RHSA-2023:4603", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4603" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4627", "reference_id": "RHSA-2023:4627", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4627" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4664", "reference_id": "RHSA-2023:4664", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4664" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4731", "reference_id": "RHSA-2023:4731", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4731" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5006", "reference_id": "RHSA-2023:5006", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5006" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5007", "reference_id": "RHSA-2023:5007", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5007" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5233", "reference_id": "RHSA-2023:5233", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5233" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5314", "reference_id": "RHSA-2023:5314", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5314" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5672", "reference_id": "RHSA-2023:5672", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5672" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6235", "reference_id": "RHSA-2023:6235", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6235" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6248", "reference_id": "RHSA-2023:6248", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6248" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6346", "reference_id": "RHSA-2023:6346", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6346" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6363", "reference_id": "RHSA-2023:6363", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6363" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6402", "reference_id": "RHSA-2023:6402", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6402" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6473", "reference_id": "RHSA-2023:6473", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6473" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6474", "reference_id": "RHSA-2023:6474", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6474" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6832", "reference_id": "RHSA-2023:6832", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6832" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6938", "reference_id": "RHSA-2023:6938", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6938" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6939", "reference_id": "RHSA-2023:6939", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6939" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7058", "reference_id": "RHSA-2023:7058", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7058" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7823", "reference_id": "RHSA-2023:7823", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7823" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0198", "reference_id": "RHSA-2024:0198", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0198" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0485", "reference_id": "RHSA-2024:0485", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0485" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0948", "reference_id": "RHSA-2024:0948", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0948" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2944", "reference_id": "RHSA-2024:2944", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2944" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:3494", "reference_id": "RHSA-2024:3494", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:3494" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4677", "reference_id": "RHSA-2024:4677", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4677" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1116", "reference_id": "RHSA-2025:1116", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1116" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RLBQ3A7ROLEQXQLXFDLNJ7MYPKG5GULE/", "reference_id": "RLBQ3A7ROLEQXQLXFDLNJ7MYPKG5GULE", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:37Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RLBQ3A7ROLEQXQLXFDLNJ7MYPKG5GULE/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI/", "reference_id": "T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:37Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI/" }, { "reference_url": "https://usn.ubuntu.com/7109-1/", "reference_id": "USN-7109-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7109-1/" }, { "reference_url": "https://usn.ubuntu.com/7111-1/", "reference_id": "USN-7111-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7111-1/" }, { "reference_url": "https://usn.ubuntu.com/8089-1/", "reference_id": "USN-8089-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8089-1/" }, { "reference_url": "https://usn.ubuntu.com/8089-2/", "reference_id": "USN-8089-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8089-2/" }, { "reference_url": "https://usn.ubuntu.com/8089-3/", "reference_id": "USN-8089-3", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8089-3/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XX3IMUTZKRQ73PBZM4E2JP4BKYH4C6XE/", "reference_id": "XX3IMUTZKRQ73PBZM4E2JP4BKYH4C6XE", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:37Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XX3IMUTZKRQ73PBZM4E2JP4BKYH4C6XE/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/923833?format=api", "purl": "pkg:deb/debian/golang-1.19@1.19.6-2?distro=bookworm", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.19@1.19.6-2%3Fdistro=bookworm" }, { "url": "http://public2.vulnerablecode.io/api/packages/923825?format=api", "purl": "pkg:deb/debian/golang-1.19@1.19.8-2?distro=bookworm", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.19@1.19.8-2%3Fdistro=bookworm" } ], "aliases": [ "CVE-2022-41723", "GHSA-vvpx-j8f3-3w6h" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-sdd3-35ng-g7a3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/36647?format=api", "vulnerability_id": "VCID-vxks-1bkp-6bd5", "summary": "Multiple vulnerabilities have been found in Go, the worst of which could result in remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-30631.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-30631.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-30631", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00041", "scoring_system": "epss", "scoring_elements": "0.12478", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00041", "scoring_system": "epss", "scoring_elements": "0.12451", "published_at": "2026-05-14T12:55:00Z" }, { "value": "0.00041", "scoring_system": "epss", "scoring_elements": "0.12385", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00041", "scoring_system": "epss", "scoring_elements": "0.12286", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00041", "scoring_system": "epss", "scoring_elements": "0.12389", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00041", "scoring_system": "epss", "scoring_elements": "0.1239", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00041", "scoring_system": "epss", "scoring_elements": "0.12357", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00041", "scoring_system": "epss", "scoring_elements": "0.12246", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00041", "scoring_system": "epss", "scoring_elements": "0.12161", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00041", "scoring_system": "epss", "scoring_elements": "0.12297", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00041", "scoring_system": "epss", "scoring_elements": "0.1236", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00041", "scoring_system": "epss", "scoring_elements": "0.12353", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.00041", "scoring_system": "epss", "scoring_elements": "0.12379", "published_at": "2026-05-12T12:55:00Z" }, { "value": "0.00041", "scoring_system": "epss", "scoring_elements": "0.12521", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00041", "scoring_system": "epss", "scoring_elements": "0.12328", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00041", "scoring_system": "epss", "scoring_elements": "0.12408", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00041", "scoring_system": "epss", "scoring_elements": "0.12458", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00041", "scoring_system": "epss", "scoring_elements": "0.12464", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00041", "scoring_system": "epss", "scoring_elements": "0.12425", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-30631" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30631", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30631" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2107342", "reference_id": "2107342", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2107342" }, { "reference_url": "https://go.dev/cl/417067", "reference_id": "417067", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-20T17:51:07Z/" } ], "url": "https://go.dev/cl/417067" }, { "reference_url": "https://go.dev/issue/53168", "reference_id": "53168", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-20T17:51:07Z/" } ], "url": "https://go.dev/issue/53168" }, { "reference_url": "https://go.googlesource.com/go/+/b2b8872c876201eac2d0707276c6999ff3eb185e", "reference_id": "b2b8872c876201eac2d0707276c6999ff3eb185e", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-20T17:51:07Z/" } ], "url": "https://go.googlesource.com/go/+/b2b8872c876201eac2d0707276c6999ff3eb185e" }, { "reference_url": "https://security.gentoo.org/glsa/202208-02", "reference_id": "GLSA-202208-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202208-02" }, { "reference_url": "https://pkg.go.dev/vuln/GO-2022-0524", "reference_id": "GO-2022-0524", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-20T17:51:07Z/" } ], "url": "https://pkg.go.dev/vuln/GO-2022-0524" }, { "reference_url": "https://groups.google.com/g/golang-announce/c/nqrv9fbR0zE", "reference_id": "nqrv9fbR0zE", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-20T17:51:07Z/" } ], "url": "https://groups.google.com/g/golang-announce/c/nqrv9fbR0zE" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5775", "reference_id": "RHSA-2022:5775", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5775" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5799", "reference_id": "RHSA-2022:5799", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5799" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5866", "reference_id": "RHSA-2022:5866", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5866" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5875", "reference_id": "RHSA-2022:5875", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5875" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5879", "reference_id": "RHSA-2022:5879", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5879" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5923", "reference_id": "RHSA-2022:5923", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5923" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5924", "reference_id": "RHSA-2022:5924", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5924" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:6040", "reference_id": "RHSA-2022:6040", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:6040" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:6042", "reference_id": "RHSA-2022:6042", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:6042" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:6051", "reference_id": "RHSA-2022:6051", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:6051" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:6053", "reference_id": "RHSA-2022:6053", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:6053" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:6061", "reference_id": "RHSA-2022:6061", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:6061" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:6062", "reference_id": "RHSA-2022:6062", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:6062" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:6065", "reference_id": "RHSA-2022:6065", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:6065" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:6066", "reference_id": "RHSA-2022:6066", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:6066" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:6103", "reference_id": "RHSA-2022:6103", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:6103" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:6113", "reference_id": "RHSA-2022:6113", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:6113" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:6152", "reference_id": "RHSA-2022:6152", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:6152" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:6182", "reference_id": "RHSA-2022:6182", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:6182" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:6183", "reference_id": "RHSA-2022:6183", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:6183" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:6184", "reference_id": "RHSA-2022:6184", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:6184" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:6187", "reference_id": "RHSA-2022:6187", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:6187" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:6188", "reference_id": "RHSA-2022:6188", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:6188" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:6262", "reference_id": "RHSA-2022:6262", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:6262" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:6290", "reference_id": "RHSA-2022:6290", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:6290" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:6308", "reference_id": "RHSA-2022:6308", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:6308" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:6344", "reference_id": "RHSA-2022:6344", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:6344" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:6429", "reference_id": "RHSA-2022:6429", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:6429" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:6430", "reference_id": "RHSA-2022:6430", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:6430" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:6517", "reference_id": "RHSA-2022:6517", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:6517" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:6560", "reference_id": "RHSA-2022:6560", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:6560" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:6714", "reference_id": "RHSA-2022:6714", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:6714" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7398", "reference_id": "RHSA-2022:7398", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7398" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7519", "reference_id": "RHSA-2022:7519", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7519" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7529", "reference_id": "RHSA-2022:7529", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7529" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7648", "reference_id": "RHSA-2022:7648", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7648" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:8057", "reference_id": "RHSA-2022:8057", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:8057" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:8098", "reference_id": "RHSA-2022:8098", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:8098" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:8250", "reference_id": "RHSA-2022:8250", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:8250" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0407", "reference_id": "RHSA-2023:0407", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0407" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0408", "reference_id": "RHSA-2023:0408", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0408" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0727", "reference_id": "RHSA-2023:0727", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0727" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1042", "reference_id": "RHSA-2023:1042", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1042" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1529", "reference_id": "RHSA-2023:1529", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1529" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:2758", "reference_id": "RHSA-2023:2758", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:2758" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:2802", "reference_id": "RHSA-2023:2802", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:2802" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3642", "reference_id": "RHSA-2023:3642", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3642" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2180", "reference_id": "RHSA-2024:2180", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2180" }, { "reference_url": "https://usn.ubuntu.com/6038-1/", "reference_id": "USN-6038-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6038-1/" }, { "reference_url": "https://usn.ubuntu.com/6038-2/", "reference_id": "USN-6038-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6038-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/923827?format=api", "purl": "pkg:deb/debian/golang-1.19@1.19~rc2-1?distro=bookworm", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.19@1.19~rc2-1%3Fdistro=bookworm" }, { "url": "http://public2.vulnerablecode.io/api/packages/923825?format=api", "purl": "pkg:deb/debian/golang-1.19@1.19.8-2?distro=bookworm", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.19@1.19.8-2%3Fdistro=bookworm" } ], "aliases": [ "CVE-2022-30631" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vxks-1bkp-6bd5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/64347?format=api", "vulnerability_id": "VCID-x5ub-bfb7-nbbr", "summary": "crypto/x509: Incorrect enforcement of email constraints in crypto/x509", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-27137.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-27137.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-27137", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00012", "scoring_system": "epss", "scoring_elements": "0.017", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00012", "scoring_system": "epss", "scoring_elements": "0.01692", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00013", "scoring_system": "epss", "scoring_elements": "0.02198", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00013", "scoring_system": "epss", "scoring_elements": "0.02175", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00013", "scoring_system": "epss", "scoring_elements": "0.02177", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00013", "scoring_system": "epss", "scoring_elements": "0.0216", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00013", "scoring_system": "epss", "scoring_elements": "0.02157", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00013", "scoring_system": "epss", "scoring_elements": "0.02132", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00013", "scoring_system": "epss", "scoring_elements": "0.02145", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00013", "scoring_system": "epss", "scoring_elements": "0.0223", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00015", "scoring_system": "epss", "scoring_elements": "0.03123", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00015", "scoring_system": "epss", "scoring_elements": "0.03157", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00015", "scoring_system": "epss", "scoring_elements": "0.03116", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00015", "scoring_system": "epss", "scoring_elements": "0.03191", "published_at": "2026-05-12T12:55:00Z" }, { "value": "0.00015", "scoring_system": "epss", "scoring_elements": "0.03112", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00015", "scoring_system": "epss", "scoring_elements": "0.03141", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00015", "scoring_system": "epss", "scoring_elements": "0.03177", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00015", "scoring_system": "epss", "scoring_elements": "0.03186", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.00016", "scoring_system": "epss", "scoring_elements": "0.03596", "published_at": "2026-05-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-27137" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2445345", "reference_id": "2445345", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2445345" }, { "reference_url": "https://go.dev/cl/752182", "reference_id": "752182", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-10T13:32:09Z/" } ], "url": "https://go.dev/cl/752182" }, { "reference_url": "https://go.dev/issue/77952", "reference_id": "77952", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-10T13:32:09Z/" } ], "url": "https://go.dev/issue/77952" }, { "reference_url": "https://groups.google.com/g/golang-announce/c/EdhZqrQ98hk", "reference_id": "EdhZqrQ98hk", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-10T13:32:09Z/" } ], "url": "https://groups.google.com/g/golang-announce/c/EdhZqrQ98hk" }, { "reference_url": "https://pkg.go.dev/vuln/GO-2026-4599", "reference_id": "GO-2026-4599", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-10T13:32:09Z/" } ], "url": "https://pkg.go.dev/vuln/GO-2026-4599" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:10125", "reference_id": "RHSA-2026:10125", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:10125" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:10158", "reference_id": "RHSA-2026:10158", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:10158" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:10169", "reference_id": "RHSA-2026:10169", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:10169" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:10175", "reference_id": "RHSA-2026:10175", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:10175" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:10184", "reference_id": "RHSA-2026:10184", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:10184" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:10225", "reference_id": "RHSA-2026:10225", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:10225" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:10250", "reference_id": "RHSA-2026:10250", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:10250" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:10929", "reference_id": "RHSA-2026:10929", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:10929" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:11331", "reference_id": "RHSA-2026:11331", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:11331" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:11800", "reference_id": "RHSA-2026:11800", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:11800" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:13545", "reference_id": "RHSA-2026:13545", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:13545" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:14879", "reference_id": "RHSA-2026:14879", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:14879" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5110", "reference_id": "RHSA-2026:5110", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5110" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5549", "reference_id": "RHSA-2026:5549", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5549" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7291", "reference_id": "RHSA-2026:7291", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7291" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8151", "reference_id": "RHSA-2026:8151", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8151" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8167", "reference_id": "RHSA-2026:8167", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8167" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8337", "reference_id": "RHSA-2026:8337", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8337" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8338", "reference_id": "RHSA-2026:8338", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8338" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8842", "reference_id": "RHSA-2026:8842", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8842" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:9052", "reference_id": "RHSA-2026:9052", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:9052" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:9385", "reference_id": "RHSA-2026:9385", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:9385" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:9697", "reference_id": "RHSA-2026:9697", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:9697" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:9698", "reference_id": "RHSA-2026:9698", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:9698" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:9699", "reference_id": "RHSA-2026:9699", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:9699" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:9872", "reference_id": "RHSA-2026:9872", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:9872" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/923834?format=api", "purl": "pkg:deb/debian/golang-1.19@0?distro=bookworm", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.19@0%3Fdistro=bookworm" }, { "url": "http://public2.vulnerablecode.io/api/packages/923825?format=api", "purl": "pkg:deb/debian/golang-1.19@1.19.8-2?distro=bookworm", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.19@1.19.8-2%3Fdistro=bookworm" } ], "aliases": [ "CVE-2026-27137" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-x5ub-bfb7-nbbr" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/266506?format=api", "vulnerability_id": "VCID-xjm1-yec3-mkc6", "summary": "os.OpenFile(path, os.O_CREATE|O_EXCL) behaved differently on Unix and Windows systems when the target path was a dangling symlink. On Unix systems, OpenFile with O_CREATE and O_EXCL flags never follows symlinks. On Windows, when the target path was a symlink to a nonexistent location, OpenFile would create a file in that location. OpenFile now always returns an error when the O_CREATE and O_EXCL flags are both set and the target path is a symlink.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-0913", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00015", "scoring_system": "epss", "scoring_elements": "0.03051", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00015", "scoring_system": "epss", "scoring_elements": "0.03037", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0004", "scoring_system": "epss", "scoring_elements": "0.12111", "published_at": "2026-05-14T12:55:00Z" }, { "value": "0.0004", "scoring_system": "epss", "scoring_elements": "0.12094", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.0004", "scoring_system": "epss", "scoring_elements": "0.12073", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.0004", "scoring_system": "epss", "scoring_elements": "0.12041", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.0004", "scoring_system": "epss", "scoring_elements": "0.11944", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.0004", "scoring_system": "epss", "scoring_elements": "0.11858", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.0004", "scoring_system": "epss", "scoring_elements": "0.11993", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.0004", "scoring_system": "epss", "scoring_elements": "0.12049", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.0004", "scoring_system": "epss", "scoring_elements": "0.12022", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.0004", "scoring_system": "epss", "scoring_elements": "0.12048", "published_at": "2026-05-12T12:55:00Z" }, { "value": "0.0004", "scoring_system": "epss", "scoring_elements": "0.12035", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0004", "scoring_system": "epss", "scoring_elements": "0.12117", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0004", "scoring_system": "epss", "scoring_elements": "0.12169", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0004", "scoring_system": "epss", "scoring_elements": "0.12176", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0004", "scoring_system": "epss", "scoring_elements": "0.1214", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0004", "scoring_system": "epss", "scoring_elements": "0.12108", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0004", "scoring_system": "epss", "scoring_elements": "0.11979", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0004", "scoring_system": "epss", "scoring_elements": "0.11975", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-0913" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://go.dev/cl/672396", "reference_id": "672396", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-11T17:35:44Z/" } ], "url": "https://go.dev/cl/672396" }, { "reference_url": "https://go.dev/issue/73702", "reference_id": "73702", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-11T17:35:44Z/" } ], "url": "https://go.dev/issue/73702" }, { "reference_url": "https://pkg.go.dev/vuln/GO-2025-3750", "reference_id": "GO-2025-3750", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-11T17:35:44Z/" } ], "url": "https://pkg.go.dev/vuln/GO-2025-3750" }, { "reference_url": "https://groups.google.com/g/golang-announce/c/ufZ8WpEsA3A", "reference_id": "ufZ8WpEsA3A", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-11T17:35:44Z/" } ], "url": "https://groups.google.com/g/golang-announce/c/ufZ8WpEsA3A" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/923834?format=api", "purl": "pkg:deb/debian/golang-1.19@0?distro=bookworm", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.19@0%3Fdistro=bookworm" }, { "url": "http://public2.vulnerablecode.io/api/packages/923825?format=api", "purl": "pkg:deb/debian/golang-1.19@1.19.8-2?distro=bookworm", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.19@1.19.8-2%3Fdistro=bookworm" } ], "aliases": [ "CVE-2025-0913" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-xjm1-yec3-mkc6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/42108?format=api", "vulnerability_id": "VCID-yr11-kwf1-pqfz", "summary": "Multiple vulnerabilities have been discovered in Go, the worst of which could lead to remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-24537.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-24537.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-24537", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00012", "scoring_system": "epss", "scoring_elements": "0.01536", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00012", "scoring_system": "epss", "scoring_elements": "0.01525", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00012", "scoring_system": "epss", "scoring_elements": "0.01526", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00012", "scoring_system": "epss", "scoring_elements": "0.01534", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00012", "scoring_system": "epss", "scoring_elements": "0.01543", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00012", "scoring_system": "epss", "scoring_elements": "0.01539", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00012", "scoring_system": "epss", "scoring_elements": "0.01616", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00012", "scoring_system": "epss", "scoring_elements": "0.01528", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00012", "scoring_system": "epss", "scoring_elements": "0.01512", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00013", "scoring_system": "epss", "scoring_elements": "0.02403", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.00013", "scoring_system": "epss", "scoring_elements": "0.02276", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00013", "scoring_system": "epss", "scoring_elements": "0.02407", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00013", "scoring_system": "epss", "scoring_elements": "0.02368", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00013", "scoring_system": "epss", "scoring_elements": "0.02281", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00016", "scoring_system": "epss", "scoring_elements": "0.03844", "published_at": "2026-05-14T12:55:00Z" }, { "value": "0.00016", "scoring_system": "epss", "scoring_elements": "0.03534", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00016", "scoring_system": "epss", "scoring_elements": "0.0354", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00016", "scoring_system": "epss", "scoring_elements": "0.03585", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00016", "scoring_system": "epss", "scoring_elements": "0.03542", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00016", "scoring_system": "epss", "scoring_elements": "0.03809", "published_at": "2026-05-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-24537" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-24537", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-24537" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2184484", "reference_id": "2184484", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2184484" }, { "reference_url": "https://go.dev/cl/482078", "reference_id": "482078", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-12T17:00:19Z/" } ], "url": "https://go.dev/cl/482078" }, { "reference_url": "https://go.dev/issue/59180", "reference_id": "59180", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-12T17:00:19Z/" } ], "url": "https://go.dev/issue/59180" }, { "reference_url": "https://pkg.go.dev/vuln/GO-2023-1702", "reference_id": "GO-2023-1702", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-12T17:00:19Z/" } ], "url": "https://pkg.go.dev/vuln/GO-2023-1702" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3167", "reference_id": "RHSA-2023:3167", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3167" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3318", "reference_id": "RHSA-2023:3318", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3318" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3319", "reference_id": "RHSA-2023:3319", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3319" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3323", "reference_id": "RHSA-2023:3323", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3323" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3366", "reference_id": "RHSA-2023:3366", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3366" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3367", "reference_id": "RHSA-2023:3367", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3367" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3445", "reference_id": "RHSA-2023:3445", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3445" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3450", "reference_id": "RHSA-2023:3450", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3450" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3455", "reference_id": "RHSA-2023:3455", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3455" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3536", "reference_id": "RHSA-2023:3536", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3536" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3540", "reference_id": "RHSA-2023:3540", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3540" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3612", "reference_id": "RHSA-2023:3612", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3612" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3624", "reference_id": "RHSA-2023:3624", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3624" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3918", "reference_id": "RHSA-2023:3918", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3918" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3943", "reference_id": "RHSA-2023:3943", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3943" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4003", "reference_id": "RHSA-2023:4003", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4003" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4335", "reference_id": "RHSA-2023:4335", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4335" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4470", "reference_id": "RHSA-2023:4470", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4470" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4627", "reference_id": "RHSA-2023:4627", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4627" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4657", "reference_id": "RHSA-2023:4657", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4657" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4664", "reference_id": "RHSA-2023:4664", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4664" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5964", "reference_id": "RHSA-2023:5964", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5964" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6363", "reference_id": "RHSA-2023:6363", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6363" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6474", "reference_id": "RHSA-2023:6474", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6474" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6938", "reference_id": "RHSA-2023:6938", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6938" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6939", "reference_id": "RHSA-2023:6939", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6939" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2944", "reference_id": "RHSA-2024:2944", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2944" }, { "reference_url": "https://usn.ubuntu.com/6038-1/", "reference_id": "USN-6038-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6038-1/" }, { "reference_url": "https://usn.ubuntu.com/6038-2/", "reference_id": "USN-6038-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6038-2/" }, { "reference_url": "https://usn.ubuntu.com/6140-1/", "reference_id": "USN-6140-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6140-1/" }, { "reference_url": "https://groups.google.com/g/golang-announce/c/Xdv6JL9ENs8", "reference_id": "Xdv6JL9ENs8", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-12T17:00:19Z/" } ], "url": "https://groups.google.com/g/golang-announce/c/Xdv6JL9ENs8" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/923825?format=api", "purl": "pkg:deb/debian/golang-1.19@1.19.8-2?distro=bookworm", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.19@1.19.8-2%3Fdistro=bookworm" } ], "aliases": [ "CVE-2023-24537" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-yr11-kwf1-pqfz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/78838?format=api", "vulnerability_id": "VCID-ywda-6x6q-tud4", "summary": "golang: os, net/http: avoid escapes from os.DirFS and http.Dir on Windows", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-41720.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-41720.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-41720", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00035", "scoring_system": "epss", "scoring_elements": "0.10199", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00035", "scoring_system": "epss", "scoring_elements": "0.10393", "published_at": "2026-05-14T12:55:00Z" }, { "value": "0.00035", "scoring_system": "epss", "scoring_elements": "0.10116", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00035", "scoring_system": "epss", "scoring_elements": "0.10248", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00035", "scoring_system": "epss", "scoring_elements": "0.10228", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00035", "scoring_system": "epss", "scoring_elements": "0.10216", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00035", "scoring_system": "epss", "scoring_elements": "0.10105", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00035", "scoring_system": "epss", "scoring_elements": "0.10253", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00035", "scoring_system": "epss", "scoring_elements": "0.10321", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00035", "scoring_system": "epss", "scoring_elements": "0.10337", "published_at": "2026-05-12T12:55:00Z" }, { "value": "0.00035", "scoring_system": "epss", "scoring_elements": "0.10264", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00035", "scoring_system": "epss", "scoring_elements": "0.10161", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00035", "scoring_system": "epss", "scoring_elements": "0.10236", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00035", "scoring_system": "epss", "scoring_elements": "0.10298", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.00035", "scoring_system": "epss", "scoring_elements": "0.10329", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00035", "scoring_system": "epss", "scoring_elements": "0.10288", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00035", "scoring_system": "epss", "scoring_elements": "0.10269", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00035", "scoring_system": "epss", "scoring_elements": "0.10143", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-41720" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41720", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41720" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2161271", "reference_id": "2161271", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2161271" }, { "reference_url": "https://go.dev/cl/455716", "reference_id": "455716", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T15:41:16Z/" } ], "url": "https://go.dev/cl/455716" }, { "reference_url": "https://go.dev/issue/56694", "reference_id": "56694", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T15:41:16Z/" } ], "url": "https://go.dev/issue/56694" }, { "reference_url": "https://pkg.go.dev/vuln/GO-2022-1143", "reference_id": "GO-2022-1143", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T15:41:16Z/" } ], "url": "https://pkg.go.dev/vuln/GO-2022-1143" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/923832?format=api", "purl": "pkg:deb/debian/golang-1.19@1.19.4-1?distro=bookworm", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.19@1.19.4-1%3Fdistro=bookworm" }, { "url": "http://public2.vulnerablecode.io/api/packages/923825?format=api", "purl": "pkg:deb/debian/golang-1.19@1.19.8-2?distro=bookworm", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.19@1.19.8-2%3Fdistro=bookworm" } ], "aliases": [ "CVE-2022-41720" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ywda-6x6q-tud4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/42104?format=api", "vulnerability_id": "VCID-zg2y-sb18-p3ah", "summary": "Multiple vulnerabilities have been discovered in Go, the worst of which could lead to remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-41725.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-41725.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-41725", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.20262", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.20104", "published_at": "2026-05-14T12:55:00Z" }, { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.19949", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.19854", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.19932", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.2002", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.19991", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.20015", "published_at": "2026-05-12T12:55:00Z" }, { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.20321", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.20045", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.20126", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.20183", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.20208", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.20164", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.20106", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.20099", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.20103", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.201", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.19983", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.19978", "published_at": "2026-04-26T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-41725" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41725", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41725" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2178488", "reference_id": "2178488", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2178488" }, { "reference_url": "https://go.dev/cl/468124", "reference_id": "468124", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-07T17:57:52Z/" } ], "url": "https://go.dev/cl/468124" }, { "reference_url": "https://go.dev/issue/58006", "reference_id": "58006", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-07T17:57:52Z/" } ], "url": "https://go.dev/issue/58006" }, { "reference_url": "https://pkg.go.dev/vuln/GO-2023-1569", "reference_id": "GO-2023-1569", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-07T17:57:52Z/" } ], "url": "https://pkg.go.dev/vuln/GO-2023-1569" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0584", "reference_id": "RHSA-2023:0584", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0584" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1325", "reference_id": "RHSA-2023:1325", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1325" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1326", "reference_id": "RHSA-2023:1326", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1326" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1639", "reference_id": "RHSA-2023:1639", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1639" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1817", "reference_id": "RHSA-2023:1817", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1817" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:2107", "reference_id": "RHSA-2023:2107", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:2107" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3083", "reference_id": "RHSA-2023:3083", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3083" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3167", "reference_id": "RHSA-2023:3167", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3167" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3445", "reference_id": "RHSA-2023:3445", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3445" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3450", "reference_id": "RHSA-2023:3450", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3450" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3455", "reference_id": "RHSA-2023:3455", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3455" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3612", "reference_id": "RHSA-2023:3612", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3612" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3742", "reference_id": "RHSA-2023:3742", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3742" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4003", "reference_id": "RHSA-2023:4003", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4003" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4335", "reference_id": "RHSA-2023:4335", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4335" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4470", "reference_id": "RHSA-2023:4470", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4470" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:4627", "reference_id": "RHSA-2023:4627", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:4627" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5935", "reference_id": "RHSA-2023:5935", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5935" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5964", "reference_id": "RHSA-2023:5964", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5964" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6346", "reference_id": "RHSA-2023:6346", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6346" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6363", "reference_id": "RHSA-2023:6363", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6363" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6402", "reference_id": "RHSA-2023:6402", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6402" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6473", "reference_id": "RHSA-2023:6473", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6473" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6474", "reference_id": "RHSA-2023:6474", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6474" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6817", "reference_id": "RHSA-2023:6817", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6817" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6938", "reference_id": "RHSA-2023:6938", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6938" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6939", "reference_id": "RHSA-2023:6939", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6939" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7672", "reference_id": "RHSA-2023:7672", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7672" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2944", "reference_id": "RHSA-2024:2944", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2944" }, { "reference_url": "https://usn.ubuntu.com/6140-1/", "reference_id": "USN-6140-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6140-1/" }, { "reference_url": "https://usn.ubuntu.com/7109-1/", "reference_id": "USN-7109-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7109-1/" }, { "reference_url": "https://usn.ubuntu.com/7111-1/", "reference_id": "USN-7111-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7111-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/923833?format=api", "purl": "pkg:deb/debian/golang-1.19@1.19.6-2?distro=bookworm", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.19@1.19.6-2%3Fdistro=bookworm" }, { "url": "http://public2.vulnerablecode.io/api/packages/923825?format=api", "purl": "pkg:deb/debian/golang-1.19@1.19.8-2?distro=bookworm", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.19@1.19.8-2%3Fdistro=bookworm" } ], "aliases": [ "CVE-2022-41725" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zg2y-sb18-p3ah" } ], "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.19@1.19.8-2%3Fdistro=bookworm" }