{"url":"http://public2.vulnerablecode.io/api/packages/95331?format=json","purl":"pkg:rpm/redhat/glibc@2.34-28.el9_0?arch=4","type":"rpm","namespace":"redhat","name":"glibc","version":"2.34-28.el9_0","qualifiers":{"arch":"4"},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":null,"latest_non_vulnerable_version":null,"affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/34316?format=json","vulnerability_id":"VCID-gv4u-g36a-w3cf","summary":"Multiple vulnerabilities in glibc could result in Local Privilege Escalation.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4911.json","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4911.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-4911","reference_id":"","reference_type":"","scores":[{"value":"0.59128","scoring_system":"epss","scoring_elements":"0.98223","published_at":"2026-04-04T12:55:00Z"},{"value":"0.59128","scoring_system":"epss","scoring_elements":"0.9822","published_at":"2026-04-02T12:55:00Z"},{"value":"0.62331","scoring_system":"epss","scoring_elements":"0.98371","published_at":"2026-04-26T12:55:00Z"},{"value":"0.67392","scoring_system":"epss","scoring_elements":"0.98577","published_at":"2026-04-24T12:55:00Z"},{"value":"0.67392","scoring_system":"epss","scoring_elements":"0.98574","published_at":"2026-04-21T12:55:00Z"},{"value":"0.67477","scoring_system":"epss","scoring_elements":"0.98584","published_at":"2026-04-29T12:55:00Z"},{"value":"0.72535","scoring_system":"epss","scoring_elements":"0.98763","published_at":"2026-04-07T12:55:00Z"},{"value":"0.72771","scoring_system":"epss","scoring_elements":"0.98771","published_at":"2026-04-08T12:55:00Z"},{"value":"0.74256","scoring_system":"epss","scoring_elements":"0.98844","published_at":"2026-04-16T12:55:00Z"},{"value":"0.74256","scoring_system":"epss","scoring_elements":"0.9884","published_at":"2026-04-13T12:55:00Z"},{"value":"0.74256","scoring_system":"epss","scoring_elements":"0.98845","published_at":"2026-04-18T12:55:00Z"},{"value":"0.74256","scoring_system":"epss","scoring_elements":"0.98837","published_at":"2026-04-09T12:55:00Z"},{"value":"0.74256","scoring_system":"epss","scoring_elements":"0.98839","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-4911"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4911","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4911"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2238352","reference_id":"2238352","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-10-15T19:45:35Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2238352"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream","reference_id":"cpe:/a:redhat:enterprise_linux:8::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb","reference_id":"cpe:/a:redhat:enterprise_linux:8::crb","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream","reference_id":"cpe:/a:redhat:enterprise_linux:9::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb","reference_id":"cpe:/a:redhat:enterprise_linux:9::crb","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.6::appstream","reference_id":"cpe:/a:redhat:rhel_eus:8.6::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.6::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.6::crb","reference_id":"cpe:/a:redhat:rhel_eus:8.6::crb","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.6::crb"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.0::appstream","reference_id":"cpe:/a:redhat:rhel_eus:9.0::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.0::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.0::crb","reference_id":"cpe:/a:redhat:rhel_eus:9.0::crb","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.0::crb"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6","reference_id":"cpe:/o:redhat:enterprise_linux:6","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7","reference_id":"cpe:/o:redhat:enterprise_linux:7","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8::baseos","reference_id":"cpe:/o:redhat:enterprise_linux:8::baseos","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8::baseos"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9::baseos","reference_id":"cpe:/o:redhat:enterprise_linux:9::baseos","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9::baseos"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:8.6::baseos","reference_id":"cpe:/o:redhat:rhel_eus:8.6::baseos","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:8.6::baseos"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:9.0::baseos","reference_id":"cpe:/o:redhat:rhel_eus:9.0::baseos","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:9.0::baseos"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhev_hypervisor:4.4::el8","reference_id":"cpe:/o:redhat:rhev_hypervisor:4.4::el8","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhev_hypervisor:4.4::el8"},{"reference_url":"https://www.qualys.com/cve-2023-4911/","reference_id":"cve-2023-4911","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-10-15T19:45:35Z/"}],"url":"https://www.qualys.com/cve-2023-4911/"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2023-4911","reference_id":"CVE-2023-4911","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-10-15T19:45:35Z/"}],"url":"https://access.redhat.com/security/cve/CVE-2023-4911"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/52479.txt","reference_id":"CVE-2023-4911","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/52479.txt"},{"reference_url":"https://security.gentoo.org/glsa/202310-03","reference_id":"GLSA-202310-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202310-03"},{"reference_url":"https://www.qualys.com/2023/10/03/cve-2023-4911/looney-tunables-local-privilege-escalation-glibc-ld-so.txt","reference_id":"looney-tunables-local-privilege-escalation-glibc-ld-so.txt","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-10-15T19:45:35Z/"}],"url":"https://www.qualys.com/2023/10/03/cve-2023-4911/looney-tunables-local-privilege-escalation-glibc-ld-so.txt"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5453","reference_id":"RHSA-2023:5453","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-10-15T19:45:35Z/"}],"url":"https://access.redhat.com/errata/RHSA-2023:5453"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5454","reference_id":"RHSA-2023:5454","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-10-15T19:45:35Z/"}],"url":"https://access.redhat.com/errata/RHSA-2023:5454"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5455","reference_id":"RHSA-2023:5455","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-10-15T19:45:35Z/"}],"url":"https://access.redhat.com/errata/RHSA-2023:5455"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5476","reference_id":"RHSA-2023:5476","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-10-15T19:45:35Z/"}],"url":"https://access.redhat.com/errata/RHSA-2023:5476"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0033","reference_id":"RHSA-2024:0033","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-10-15T19:45:35Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:0033"},{"reference_url":"https://usn.ubuntu.com/6409-1/","reference_id":"USN-6409-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6409-1/"}],"fixed_packages":[],"aliases":["CVE-2023-4911"],"risk_score":10.0,"exploitability":"2.0","weighted_severity":"7.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-gv4u-g36a-w3cf"}],"fixing_vulnerabilities":[],"risk_score":"10.0","resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/glibc@2.34-28.el9_0%3Farch=4"}