Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/924155?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/924155?format=api", "purl": "pkg:deb/debian/golang-go.crypto@1:0.42.0-1?distro=trixie", "type": "deb", "namespace": "debian", "name": "golang-go.crypto", "version": "1:0.42.0-1", "qualifiers": { "distro": "trixie" }, "subpath": "", "is_vulnerable": false, "next_non_vulnerable_version": "1:0.43.0-1", "latest_non_vulnerable_version": "1:0.50.0-1", "affected_by_vulnerabilities": [], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/25385?format=api", "vulnerability_id": "VCID-cmts-6kz4-zkh8", "summary": "golang.org/x/crypto Vulnerable to Denial of Service (DoS) via Slow or Incomplete Key Exchange\nSSH servers which implement file transfer protocols are vulnerable to a denial of service attack from clients which complete the key exchange slowly, or not at all, causing pending content to be read into memory, but never transmitted.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-22869.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-22869.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-22869", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00215", "scoring_system": "epss", "scoring_elements": "0.44034", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00215", "scoring_system": "epss", "scoring_elements": "0.44011", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00523", "scoring_system": "epss", "scoring_elements": "0.66945", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00573", "scoring_system": "epss", "scoring_elements": "0.68704", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00573", "scoring_system": "epss", "scoring_elements": "0.68635", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00573", "scoring_system": "epss", "scoring_elements": "0.68686", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00591", "scoring_system": "epss", "scoring_elements": "0.69277", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00591", "scoring_system": "epss", "scoring_elements": "0.69254", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00591", "scoring_system": "epss", "scoring_elements": "0.69246", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00591", "scoring_system": "epss", "scoring_elements": "0.69353", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00591", "scoring_system": "epss", "scoring_elements": "0.69319", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00607", "scoring_system": "epss", "scoring_elements": "0.69759", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00607", "scoring_system": "epss", "scoring_elements": "0.69707", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00607", "scoring_system": "epss", "scoring_elements": "0.69677", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00607", "scoring_system": "epss", "scoring_elements": "0.6969", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00607", "scoring_system": "epss", "scoring_elements": "0.69773", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00607", "scoring_system": "epss", "scoring_elements": "0.69767", "published_at": "2026-04-26T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-22869" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-22869", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-22869" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/golang/crypto", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/golang/crypto" }, { "reference_url": "https://github.com/golang/crypto/commit/7292932d45d55c7199324ab0027cc86e8198aa22", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/golang/crypto/commit/7292932d45d55c7199324ab0027cc86e8198aa22" }, { "reference_url": "https://go.dev/cl/652135", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-26T14:57:07Z/" } ], "url": "https://go.dev/cl/652135" }, { "reference_url": "https://go.dev/issue/71931", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-26T14:57:07Z/" } ], "url": "https://go.dev/issue/71931" }, { "reference_url": "https://go-review.googlesource.com/c/crypto/+/652135", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://go-review.googlesource.com/c/crypto/+/652135" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-22869", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-22869" }, { "reference_url": "https://pkg.go.dev/vuln/GO-2025-3487", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-26T14:57:07Z/" } ], "url": "https://pkg.go.dev/vuln/GO-2025-3487" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20250411-0010", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.netapp.com/advisory/ntap-20250411-0010" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098968", "reference_id": "1098968", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098968" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2348367", "reference_id": "2348367", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2348367" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:11037", "reference_id": "RHSA-2024:11037", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:11037" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:11038", "reference_id": "RHSA-2024:11038", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:11038" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:11396", "reference_id": "RHSA-2025:11396", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:11396" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:13848", "reference_id": "RHSA-2025:13848", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:13848" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:14048", "reference_id": "RHSA-2025:14048", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:14048" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:14060", "reference_id": "RHSA-2025:14060", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:14060" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:14820", "reference_id": "RHSA-2025:14820", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:14820" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:14859", "reference_id": "RHSA-2025:14859", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:14859" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:16160", "reference_id": "RHSA-2025:16160", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:16160" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:16165", "reference_id": "RHSA-2025:16165", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:16165" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21704", "reference_id": "RHSA-2025:21704", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:21704" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:23078", "reference_id": "RHSA-2025:23078", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:23078" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:23079", "reference_id": "RHSA-2025:23079", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:23079" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:23080", "reference_id": "RHSA-2025:23080", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:23080" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:23202", "reference_id": "RHSA-2025:23202", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:23202" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:23204", "reference_id": "RHSA-2025:23204", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:23204" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:23205", "reference_id": "RHSA-2025:23205", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:23205" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:23209", "reference_id": "RHSA-2025:23209", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:23209" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:23449", "reference_id": "RHSA-2025:23449", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:23449" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3051", "reference_id": "RHSA-2025:3051", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3051" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3052", "reference_id": "RHSA-2025:3052", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3052" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3053", "reference_id": "RHSA-2025:3053", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3053" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3165", "reference_id": "RHSA-2025:3165", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3165" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3172", "reference_id": "RHSA-2025:3172", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3172" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3175", "reference_id": "RHSA-2025:3175", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3175" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3184", "reference_id": "RHSA-2025:3184", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3184" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3185", "reference_id": "RHSA-2025:3185", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3185" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3186", "reference_id": "RHSA-2025:3186", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3186" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3210", "reference_id": "RHSA-2025:3210", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3210" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3266", "reference_id": "RHSA-2025:3266", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3266" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3268", "reference_id": "RHSA-2025:3268", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3268" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3336", "reference_id": "RHSA-2025:3336", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3336" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3437", "reference_id": "RHSA-2025:3437", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3437" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3438", "reference_id": "RHSA-2025:3438", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3438" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3439", "reference_id": "RHSA-2025:3439", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3439" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3498", "reference_id": "RHSA-2025:3498", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3498" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3685", "reference_id": "RHSA-2025:3685", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3685" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3763", "reference_id": "RHSA-2025:3763", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3763" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3813", "reference_id": "RHSA-2025:3813", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3813" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3814", "reference_id": "RHSA-2025:3814", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3814" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3820", "reference_id": "RHSA-2025:3820", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3820" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3833", "reference_id": "RHSA-2025:3833", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3833" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3863", "reference_id": "RHSA-2025:3863", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3863" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3932", "reference_id": "RHSA-2025:3932", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3932" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3959", "reference_id": "RHSA-2025:3959", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3959" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:4002", "reference_id": "RHSA-2025:4002", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:4002" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:4012", "reference_id": "RHSA-2025:4012", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:4012" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:4171", "reference_id": "RHSA-2025:4171", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:4171" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:4188", "reference_id": "RHSA-2025:4188", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:4188" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:4502", "reference_id": "RHSA-2025:4502", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:4502" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:4666", "reference_id": "RHSA-2025:4666", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:4666" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:4731", "reference_id": "RHSA-2025:4731", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:4731" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7391", "reference_id": "RHSA-2025:7391", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:7391" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7416", "reference_id": "RHSA-2025:7416", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:7416" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7462", "reference_id": "RHSA-2025:7462", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:7462" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7484", "reference_id": "RHSA-2025:7484", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:7484" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7698", "reference_id": "RHSA-2025:7698", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:7698" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7702", "reference_id": "RHSA-2025:7702", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:7702" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8224", "reference_id": "RHSA-2025:8224", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8224" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8244", "reference_id": "RHSA-2025:8244", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8244" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8704", "reference_id": "RHSA-2025:8704", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8704" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9136", "reference_id": "RHSA-2025:9136", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:9136" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9562", "reference_id": "RHSA-2025:9562", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:9562" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3461", "reference_id": "RHSA-2026:3461", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3461" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3462", "reference_id": "RHSA-2026:3462", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3462" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3718", "reference_id": "RHSA-2026:3718", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3718" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/924155?format=api", "purl": "pkg:deb/debian/golang-go.crypto@1:0.42.0-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-go.crypto@1:0.42.0-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/924148?format=api", "purl": "pkg:deb/debian/golang-go.crypto@1:0.47.0-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-go.crypto@1:0.47.0-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1076070?format=api", "purl": "pkg:deb/debian/golang-go.crypto@1:0.50.0-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-go.crypto@1:0.50.0-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2025-22869", "GHSA-hcg3-q754-cr77" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-cmts-6kz4-zkh8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/14649?format=api", "vulnerability_id": "VCID-mn45-w3s3-syej", "summary": "Misuse of ServerConfig.PublicKeyCallback may cause authorization bypass in golang.org/x/crypto\nApplications and libraries which misuse the ServerConfig.PublicKeyCallback callback may be susceptible to an authorization bypass.\n\nThe documentation for ServerConfig.PublicKeyCallback says that \"A call to this function does not guarantee that the key offered is in fact used to authenticate.\" Specifically, the SSH protocol allows clients to inquire about whether a public key is acceptable before proving control of the corresponding private key. PublicKeyCallback may be called with multiple keys, and the order in which the keys were provided cannot be used to infer which key the client successfully authenticated with, if any. Some applications, which store the key(s) passed to PublicKeyCallback (or derived information) and make security relevant determinations based on it once the connection is established, may make incorrect assumptions.\n\nFor example, an attacker may send public keys A and B, and then authenticate with A. PublicKeyCallback would be called only twice, first with A and then with B. A vulnerable application may then make authorization decisions based on key B for which the attacker does not actually control the private key.\n\nSince this API is widely misused, as a partial mitigation golang.org/x/crypto@v0.31.0 enforces the property that, when successfully authenticating via public key, the last key passed to ServerConfig.PublicKeyCallback will be the key used to authenticate the connection. PublicKeyCallback will now be called multiple times with the same key, if necessary. Note that the client may still not control the last key passed to PublicKeyCallback if the connection is then authenticated with a different method, such as PasswordCallback, KeyboardInteractiveCallback, or NoClientAuth.\n\nUsers should be using the Extensions field of the Permissions return value from the various authentication callbacks to record data associated with the authentication attempt instead of referencing external state. Once the connection is established the state corresponding to the successful authentication attempt can be retrieved via the ServerConn.Permissions field. Note that some third-party libraries misuse the Permissions type by sharing it across authentication attempts; users of third-party libraries should refer to the relevant projects for guidance.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-45337.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.2", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-45337.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-45337", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.30296", "scoring_system": "epss", "scoring_elements": "0.96718", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.30296", "scoring_system": "epss", "scoring_elements": "0.9666", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.30296", "scoring_system": "epss", "scoring_elements": "0.96696", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.30296", "scoring_system": "epss", "scoring_elements": "0.96692", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.30296", "scoring_system": "epss", "scoring_elements": "0.96685", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.30296", "scoring_system": "epss", "scoring_elements": "0.96682", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.30296", "scoring_system": "epss", "scoring_elements": "0.96679", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.30296", "scoring_system": "epss", "scoring_elements": "0.96678", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.30296", "scoring_system": "epss", "scoring_elements": "0.9667", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.30296", "scoring_system": "epss", "scoring_elements": "0.96666", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.30296", "scoring_system": "epss", "scoring_elements": "0.96713", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.30296", "scoring_system": "epss", "scoring_elements": "0.9671", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.30296", "scoring_system": "epss", "scoring_elements": "0.96703", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.30296", "scoring_system": "epss", "scoring_elements": "0.96701", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.30296", "scoring_system": "epss", "scoring_elements": "0.96698", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.30296", "scoring_system": "epss", "scoring_elements": "0.96699", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-45337" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45337", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45337" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/golang/crypto", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/golang/crypto" }, { "reference_url": "https://github.com/golang/crypto/commit/b4f1988a35dee11ec3e05d6bf3e90b695fbd8909", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-12-12T17:57:55Z/" } ], "url": "https://github.com/golang/crypto/commit/b4f1988a35dee11ec3e05d6bf3e90b695fbd8909" }, { "reference_url": "https://go.dev/cl/635315", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-12-12T17:57:55Z/" } ], "url": "https://go.dev/cl/635315" }, { "reference_url": "https://go.dev/issue/70779", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-12-12T17:57:55Z/" } ], "url": "https://go.dev/issue/70779" }, { "reference_url": "https://groups.google.com/g/golang-announce/c/-nPEi39gI4Q/m/cGVPJCqdAQAJ", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-12-12T17:57:55Z/" } ], "url": "https://groups.google.com/g/golang-announce/c/-nPEi39gI4Q/m/cGVPJCqdAQAJ" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45337", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45337" }, { "reference_url": "https://pkg.go.dev/vuln/GO-2024-3321", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-12-12T17:57:55Z/" } ], "url": "https://pkg.go.dev/vuln/GO-2024-3321" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20250131-0007", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.netapp.com/advisory/ntap-20250131-0007" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2024/12/11/2", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.openwall.com/lists/oss-security/2024/12/11/2" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1089754", "reference_id": "1089754", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1089754" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2331720", "reference_id": "2331720", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2331720" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:11037", "reference_id": "RHSA-2024:11037", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:11037" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:11038", "reference_id": "RHSA-2024:11038", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:11038" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:6121", "reference_id": "RHSA-2024:6121", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:6121" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0370", "reference_id": "RHSA-2025:0370", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0370" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0385", "reference_id": "RHSA-2025:0385", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0385" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0386", "reference_id": "RHSA-2025:0386", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0386" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0390", "reference_id": "RHSA-2025:0390", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0390" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0444", "reference_id": "RHSA-2025:0444", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0444" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0445", "reference_id": "RHSA-2025:0445", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0445" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0485", "reference_id": "RHSA-2025:0485", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0485" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0522", "reference_id": "RHSA-2025:0522", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0522" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0535", "reference_id": "RHSA-2025:0535", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0535" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0536", "reference_id": "RHSA-2025:0536", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0536" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0552", "reference_id": "RHSA-2025:0552", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0552" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0560", "reference_id": "RHSA-2025:0560", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0560" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0576", "reference_id": "RHSA-2025:0576", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0576" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0577", "reference_id": "RHSA-2025:0577", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0577" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0645", "reference_id": "RHSA-2025:0645", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0645" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0649", "reference_id": "RHSA-2025:0649", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0649" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0653", "reference_id": "RHSA-2025:0653", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0653" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0676", "reference_id": "RHSA-2025:0676", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0676" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0679", "reference_id": "RHSA-2025:0679", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0679" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0723", "reference_id": "RHSA-2025:0723", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0723" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0778", "reference_id": "RHSA-2025:0778", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0778" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0785", "reference_id": "RHSA-2025:0785", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0785" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0839", "reference_id": "RHSA-2025:0839", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0839" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0851", "reference_id": "RHSA-2025:0851", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0851" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:0892", "reference_id": "RHSA-2025:0892", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:0892" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10771", "reference_id": "RHSA-2025:10771", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10771" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:11396", "reference_id": "RHSA-2025:11396", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:11396" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1285", "reference_id": "RHSA-2025:1285", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1285" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1287", "reference_id": "RHSA-2025:1287", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1287" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1289", "reference_id": "RHSA-2025:1289", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1289" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1322", "reference_id": "RHSA-2025:1322", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1322" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1324", "reference_id": "RHSA-2025:1324", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1324" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1325", "reference_id": "RHSA-2025:1325", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1325" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1326", "reference_id": "RHSA-2025:1326", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1326" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1327", "reference_id": "RHSA-2025:1327", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1327" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1331", "reference_id": "RHSA-2025:1331", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1331" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1332", "reference_id": "RHSA-2025:1332", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1332" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1333", "reference_id": "RHSA-2025:1333", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1333" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1448", "reference_id": "RHSA-2025:1448", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1448" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1451", "reference_id": "RHSA-2025:1451", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1451" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15680", "reference_id": "RHSA-2025:15680", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15680" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:16160", "reference_id": "RHSA-2025:16160", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:16160" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:16165", "reference_id": "RHSA-2025:16165", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:16165" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1710", "reference_id": "RHSA-2025:1710", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1710" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:17232", "reference_id": "RHSA-2025:17232", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:17232" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:17657", "reference_id": "RHSA-2025:17657", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:17657" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:17690", "reference_id": "RHSA-2025:17690", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:17690" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1824", "reference_id": "RHSA-2025:1824", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1824" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1829", "reference_id": "RHSA-2025:1829", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1829" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1841", "reference_id": "RHSA-2025:1841", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1841" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1845", "reference_id": "RHSA-2025:1845", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1845" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1847", "reference_id": "RHSA-2025:1847", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1847" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1848", "reference_id": "RHSA-2025:1848", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1848" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:1849", "reference_id": "RHSA-2025:1849", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:1849" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:19306", "reference_id": "RHSA-2025:19306", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:19306" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22182", "reference_id": "RHSA-2025:22182", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22182" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22287", "reference_id": "RHSA-2025:22287", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:22287" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:23061", "reference_id": "RHSA-2025:23061", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:23061" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:23064", "reference_id": "RHSA-2025:23064", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:23064" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2588", "reference_id": "RHSA-2025:2588", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:2588" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2652", "reference_id": "RHSA-2025:2652", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:2652" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2903", "reference_id": "RHSA-2025:2903", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:2903" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2933", "reference_id": "RHSA-2025:2933", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:2933" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3069", "reference_id": "RHSA-2025:3069", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3069" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3542", "reference_id": "RHSA-2025:3542", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3542" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3560", "reference_id": "RHSA-2025:3560", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3560" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3820", "reference_id": "RHSA-2025:3820", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3820" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8244", "reference_id": "RHSA-2025:8244", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8244" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1730", "reference_id": "RHSA-2026:1730", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1730" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2681", "reference_id": "RHSA-2026:2681", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2681" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2754", "reference_id": "RHSA-2026:2754", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2754" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:2762", "reference_id": "RHSA-2026:2762", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:2762" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6568", "reference_id": "RHSA-2026:6568", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6568" }, { "reference_url": "https://usn.ubuntu.com/7839-1/", "reference_id": "USN-7839-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7839-1/" }, { "reference_url": "https://usn.ubuntu.com/7839-2/", "reference_id": "USN-7839-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7839-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/924155?format=api", "purl": "pkg:deb/debian/golang-go.crypto@1:0.42.0-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-go.crypto@1:0.42.0-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/924148?format=api", "purl": "pkg:deb/debian/golang-go.crypto@1:0.47.0-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-go.crypto@1:0.47.0-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1076070?format=api", "purl": "pkg:deb/debian/golang-go.crypto@1:0.50.0-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-go.crypto@1:0.50.0-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2024-45337", "GHSA-v778-237x-gjrc" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-mn45-w3s3-syej" } ], "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-go.crypto@1:0.42.0-1%3Fdistro=trixie" }